To help raise awareness about community efforts to prevent significant security issues, Middlebury Information Security has launched a ‘Security Scout of the Month’ award.
Highlighting the valuable contributions of community security scouts in an @MiddInfoSec blog post and on Middlebury’s Information Security web site is a great way to show how a cautious and thoughtful approach to computing can protect the College community from cyber risks.
As an example, this past month, an attack against Middlebury’s Banner system was avoided thanks to the contributions of an astute member of our community, Justin Allen, who spotted a targeted phishing attack and raised the awareness around this malicious event.
As Justin Allen describes it:
“I received an email that started out dear account owner which usually gets my attention and as I read down thru the email I noticed that it said I had signed up for a paperless W-2 which I did not and it wanted me to logon to view it. After that I noticed a couple of another things that did not make sense for my Middlebury account one was the sender of the email which wasn’t from the college at all and we all have been told time and time again if the address doesn’t end with middlebury.edu it’s not from the college. Below is a copy of what was sent to me.”
This astute awareness is why Justin is this month’s ‘Security Scout of the Month’.
We are excited to celebrate the hard work and security conscious efforts of our community. Please watch for the next ‘Security Scout of the Month’ and help us recognize these efforts.
If you would like to recognize an individual for their information security contributions or would like to raise an information security concern, please contact firstname.lastname@example.org.
In January, 2016, the ACTT (formerly CTT) submitted a recommendation for Middlebury to adopt Canvas. We have received budget approval, and will begin the work of moving Middlebury into the Canvas service.
Thank you to all of the faculty and students that participated in the pilot. Your participation and feedback (Midd and MIIS) helped to make a strong recommendation. And thank you to Joe Antonioli, Bob Cole, Bill Koulopoulos, Stacy Reardon, Shel Sax and Heather Stafford for supporting these classes during the pilot.
Also, thank you to all of the schools that provided us with insight and the benefit of their experience with Canvas. We learned a lot from you.
There is a lot of work still to be done to move Canvas from pilot to enterprise, but we do hope that you take a moment to celebrate this milestone and the collective effort to get to this point.
[This meeting was rescheduled from May 17th to May 31st.]
Tuesday, May 31st from 3-4pm
LIB 105A or Polycom 712833
The new ACT Team process includes in-progress project presentations. These presentations are meant to inform the community about how things are going, what has been done and what still needs to be done, what is going well and what are the challenges.
In this meeting we will look at the GoogleApps for Edu and OneDrive projects.
In-progress project presentations are open meetings, anyone may attend. Please feel free to share the invitation with anyone you feel is interested in the topics discussed.
No decision yet on Canvas. LS pilot is up and going with user/group provisioning via the Course Hub.
Basic Canvas overviews will need to be added to Language School orientations.
Discussion of location for Midd-created documentation about Canvas should live. http://digitallearning.middcreate.net/ ? Library and ITS wiki?
Joe has been trying out Palladio and Google Fusion Tables for visualizing the data. Mixed results, no tools totally satisfactory yet. Bob will put Joe in touch with META Lab who may have some suggestions around visualization.
What questions come to mind looking at the inventory data?
- How many tools are in the life-cycle stage bucket compared to the total number of tools? Is this sustainable?
- What criteria would trigger an evaluation? Can this be a score?
- Agreement renewals
- Changes in the environment
- New pedagogies and practices
- New programs
The next large goal is to make 1/3/5 projections for items in the inventory so that the administration & community at large has some idea of where we see this inventory shifting.
Assignment for the next meeting: Look at the Classification 2D Array and pick an intersection. Come up with a set of questions that will help us make projections for 1, 3, 5 years out.
With an increasing amount of storage space and institutional connectivity on personal devices, the value and mobility of smartphones, tablets, and laptops make them appealing and easy targets. These simple tips will help you protect against and prepare for the potential loss or theft of a laptop or mobile device.
- Don’t leave your device alone, even for a minute. If you’re not using it, lock your device in a cabinet or drawer, use a security cable, or take it with you. Middlebury has seen laptops stolen in the College library and from individual’s cars. Don’t assume your devices are safe because you feel at home with your surroundings.
- Report any lost or stolen device promptly. Both institutional and personal devices may contain Middlebury data. Even if you only lose a personal device, work with the College’s Information Security workgroup to ensure that institutional or sensitive data is accounted for. Information Security may also be able to help you recover the device. If a device is lost or stolen contact the helpdesk at x2200 immediately.
- Do not store extremely sensitive or internal data. Never store protected or sensitive data on your laptop. Refer to the Data Classification policy for clear definitions of data types. (http://go.middlebury.edu/dcp)
- Keep your master and working copy of all data on network storage. Keeping your master and working copies of all of your data on Middlebury Google Drive or other secure network file storage such as Middfiles. This ensures that your data is protected and backed-up if your laptop is stolen or lost. Photos, papers, research, and other files are irreplaceable, and losing them may be worse than losing your device.
- Record the serial number. Keep the serial number and asset tag of your device and store it in a safe place. This information can be useful for verifying your device if it’s found. This is especially important when you travel. Airport and police agencies may ask for this information when reporting lost or stolen devices.
- Enable device tracking and wiping services. Use tracking and recovery software included with most devices (e.g., the “Find iDevice” feature in iOS) Some software includes remote-wipe capabilities. This feature allows you to log on to an online account and delete all of the information on your laptop. Mobile resources can be found here:
- Apple iCloud: http://www.icloud.com
- Microsoft Account: http://account.Microsoft.com/devices
- Android Device Manager: https://support.google.com/accounts/topic/6160499?hl=e
From our Moodle host:
In order to ensure complete patching of OpenSSL the following site will be placed in maintenance mode, then rebooted during the listed maintenance window.
These patches have already been applied to the front end SSL for your site, but the reboot is a requirement for all services to run the fully patched OpenSSL version.
Hosted Site: http://moodle.middlebury.edu
Window: 1:00 AM to 5:00 AM EDT, May 20th, 2016
Please note the time zone specified above.
Presenters – Jeff Dennis and Jordan Prickett from Panopto
- Capture and upload video
- Keep a searchable video library
- Ability to watch Panopto playback on any device
- Scale: competitors software will be limited in comparison (e.g., web casting is part of the platform, doesn’t require an appliance). No matter how much viewing or uploading, Panopto will scale up to handle delivery
- Modern streaming approach
- Amazon servers
- Compare to Kaltura
- Very transparent about support, cost, functionality
Video Content Management
- View all sessions / videos
- View videos in processing
- Schedule recordings
- Bookmark videos (user specific)
- Organize through folders
- Administrator vs. faculty / student access
- Speech recognition
- iTunes U category
- Schedule video availability — upon approval of publisher, immediately, never, or set a date
- Schedule availability — start/end date, or forever
- What if we have videos that can only be viewed one at a time?
- Short answer: we don’t offer that functionality; could be done with separate folders or manual setup
- Create a playlist within a folder
- Copy and delete specific folders
- Copy videos by bulk from one folder to another (for sections, new semesters, etc.)
- Similar management available at both the folder and at the individual video level.
- Outputs for mp4:
- Picture-in-picture, side-by-side, tile all streams
- Increase or decrease quality of video
- RSS, iTunes podcast, etc.
- Download as a CSV
- Views / Minutes Viewed / Average Minutes / Unique Users
- View by Day, Week, Month, Year, All Time, Custom Range
- View for all videos in a folder, or analytics by specific video
- View by Panopto user
- Views by video time (when students leave)
- Analytics not tied back specifically to Canvas
- Creators can also see their own folders’ analytics
- SCORM packages created for every video
- Can we find out across the institution what are the most popular videos, can we do that?
- Yes; as long as you have permissions for all the videos
- Bulk meta-data exports:
- Output → download media
- Site-wide export tool
- Rolling synchronization: keeps permissions in sync
- Can launch web-casted content into Canvas
- Panopto recordings button integrated into course menu
- Choose course / folder
- Create video by uploading or from the Panopto recorder directly in the course
- Search for videos from within Canvas
- View analytics directly in Canvas
- Panopto tool directly in WYSIWYG tool bar
- Full viewer launches a separate web page
- Integrate video by course or aggregate
- Videos are housed on Panopto’s servers, not inside the Canvas course
- Manage videos through the folder structure / organize videos in course folder
- License includes classroom recording and student / teacher creation and upload
- Permissions can be provisioned from Canvas to Panopto
- Teachers are provisioned with their permissions/roles mirrored
- Students are provisioned with their roles mirrored
- Groups are mirrored between Canvas and Panopto
- Grant access to anyone in organization, open on the web, etc.
- Groups are just-in-time
- Integration = matter of hours
- Timeline can vary, according to institutional preparation (“Matter of hours. A couple of days.”)
- Set-up is literally filling out one form
- Create a sub-folder “drop box” within a provisioned course → gives students access to create and upload video
- By default, drop box is private between student and teacher, but can be made public within a course
- Once a video is in the drop box, it can be moved to another folder
- Can multiple drop boxes be created for group work?
- Yes. Drop box is a one-step setup, but you can get specific with permissions. Create multiple sub-folders for different kinds of student work and collaboration.
- Role-mapping: Roles in Canvas are mirrored in Panopto
- Provisioning is customizable at the integration level. Customizing is included in the price.
Presenters – Scott Nadzan from http://www.ensemblevideo.com
Accounts & Access
- Supports LDAP, AD and CAS
- User Roles
- Institution Admin (Top-level “Middlebury”)
- Org Admin (e.g. Biology, Communications)
- Contributor (e.g. faculty)
- Everyone can see the navigation across the top of Institution>Organization>Library; view/manage others depending on user role
- LDAP Group Support(100k groups; rep will check support or suggest to limit group exposure)
- Authentication and user management
- CAS(supported in self hosted not cloud hosted) or Shibboleth.
- Can Ensemble read user attribute from CAS or Shibboleth?
- Deployment Options: http://www.ensemblevideo.com/video-platform/deployment.aspx
- CAS is not available for this option
- Cloud hosting: Option starts at 200GB, Level II 500 GB, Level III 1 TB, monthly streaming quote for level we choose
- Cloud Infrastructure:
- -3 sites, Scale Matrix CA, TX & Amazon. Headed to Amazon or Azure
- Hybrid-Hosted (2 options – primary on-campus w/ cloud caching OR primary in cloud w/local caching)
- -Hybrid Deployment: Software as a service and local hosted options, both recommended. Manual transition from one deployment to the other.
- -tech and security information available
- ‘Responsive Interface’, size adjustable and resizable
- Adaptive Streaming: yes – Client type(computer, tablet, phone) and bandwidth automatically identified and quality adjusted
- Annotation, clickable searchable annotation on video
- Use their captioning utility or caption, upload caption file, can submit to caption editor, can create caption track, searchable, currently only support one caption, next player will support multiple tracks
- Search includes captions
- Video embed through using button in WYSIWYG.
- Playlist can be embedded
- Playlist stored with Ensemble
- Is automatically updated as videos are added
- Videos can be added with attachments of associated files (ppt, pdf, etc.)
- Can record video, audio and screen
- Upload Workflow’s 4 options
- Download, Embed, Permalink & Share options can be enabled or disabled (permission at institution level possible)
- Embed codes, iframe and java
- Can use named urls
- Playlists, can enable downloading
- Shared Library, video’s shared to you (Restricted/Licensed Content)
- Can restrict streams per video
- Preview image of video
- Can deploy a snippet of a video
- Self Hosted based on FTE, Midd’s Carnegie # 3,300
- Cloud based upon capacity (storage and streaming)
- -Set default and/or custom quotas at the institution, organization, and library levels
- Ala carte model
- Ensemble Live
- Live Stream
- Live Capture
- Ensemble Studio
- Exit Strategy/Large Scale Video Extraction:
- MPEG4 download available, one by one
- FTP download available
- Or hard drive
- -Minimal: trim, start & stop
- -more with screen capture
- Per class libraries vs per user: either depending on use case
- Record from mobile? Yes. (Recording requires separately-licensed app on mobile or desktop)
- Can you manage the video before the upload is complete? No, but you can after the upload but before the processing is complete.
- What’s the student view like? Some places use a public or student “portal” like the YouTube homepage with recommended videos, but it’s mostly expected that students will view/interact with videos primarily through Canvas. Admin interface is for admins.
- Annotations? Text only; editor only (not students, though rep will investigate “team” features for group collaboration).
- Unicode support – yes; RTL – need to check