Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
INFORMATION TECHNOLOGY SERVICES
Measures and Metrics
December 2016 • Issue #1
Information Technology Services Measures and Metrics • 3
IntroductionWe are pleased to share with the Queen’s community this First Edition of the Information Technology Services (ITS) Measures and Metrics. Our ITS Newsletter was introduced last year in an effort to keep stakeholders informed of changes and new developments. This report is more about demonstrating accountability and developing understanding.
Accountability: This means showing measureable quality in our services and infrastructure, return on investment (regular operations and new initiatives), and progress with our Strategic Plan. It also means acknowledging our missteps, and sharing what we learned from them.
Understanding: In my five years since becoming Queen’s CIO and AVP, I have often heard “we don’t know what ITS does” or “ITS really needs to tell your story”. So, this and subsequent editions of ITS Measures and Metrics will also be used to tell our story, which I sincerely believe is a very good one. I am quite amazed at what the ITS team has accomplished since I arrived at Queen’s.
For those of you who wish to more closely monitor the quality and challenges of our services, we have a Services Statistics and Metrics section on the ITS website. It provides both real-time and monthly reporting of some of our more core service areas. We plan to grow this section to cover more areas to ensure our stakeholders can see the progress that is being made, and how it affects you … everyday.
Bo Wandschneider,CIO & AVP-ITS
Information Technology Serviceswww.queensu.ca/its
Contents04 Introduction
04 IT Support Services
06 Core Services Availability
08 IT and Information Security
10 Enterprise Services
11 PeopleSoft Support
12 Wireless Connectivity
IT Support Centre (ITSC)
Agencies representing copyright holders and associations worldwide monitor the Internet to detect illegal or unauthorized distribution of music and other copyrighted content. When they detect that a computer on the Queen’s network appears to be functioning in this way, they file a complaint with the university. ITS is obligated to investigate each complaint, and notify the associated individual(s).
Issues fielded by the IT Support Centre
Monthly volume of issues tracked by the ITSC
COPYRIGHT COMPLAINTS
COMPROMISED ACCOUNTS
NETID-RELATED ISSUES
OTHER ISSUES
The IT Support Centre is the first point of contact with ITS for faculty, staff and students. The ITSC provides assistance, information and referrals for all Queen’s IT-related issues.
Online PhoneWalk-in
+ + =
COPYRIGHT COMPLAINTSInvestigating complaints received by the university regarding alleged copyright violations such as sharing copyrighted music and videos.
NETID-RELATED ISSUESAssisting individuals with their Queen’s NetID, such as resetting passwords and enabling access to services.
COMPROMISED ACCOUNTSInvestigating detected or reported cases of accounts which appear to have been compromised. In many cases, these are phishing victims.
OTHER ISSUESAssisting individuals with a wide variety of issues with personal computers, devices, software and services such as email.
4 • Measures and Metrics Information Technology Services Information Technology Services Measures and Metrics • 5
IT Support ServicesIT Support Services
18,881
In April 2016 alone, the IT Support Centre investigated 634 copyright complaints, representing about 20% of that month’s issues.
634 Copyright Complaints
Total number of issues reported to and tracked by the ITSC from January to June, 2016.{ { JANUARY
49% 39%
12%
FEBRUARY
19%
60%
1%
20%
MARCH
53% 36%
1%11%
APRIL MAY JUNE
42% 50% 25%
5%
36%
3%
19% 20%
29%52%
2%16%
Core Service AvailabilityITS provides an array of services to the university. Core services are those regarded as essential to the day-to-day activities of the university. We began monitoring and logging availability of five core service applications in 2015, and will be expanding this to include others.
queensu.ca
January 31February 28March 30April 30May 30June 29
Number of days per month availability met or exceeded target
Amount of Time Per Day services were unavailable – Averaged over January through June 2016
Average daily core service availability during the first half of 2016
Moodle*
January 30February 28March 31April 27May 30June 28
January 31February 29March 30April 30May 31June 30
MyQueen’sU
January 31February 28March 31April 29May 29June 29
QShare
January 31February 29March 29April 28May 30June 29
23.980 Hours
From January to June 2016, we exceeded our target with an average daily availability of 23.98 hours (99.9%).
ITS aims to have 100% availability for all core services we are responsible for maintaining; however, we do need small amounts of time to maintain the associated hardware and software, but occasional unanticipated problems inevitably occur. Our goal is that each of these core services be available at least 99.8% of the time, which translates to an average of 23.95 hours per day over each month.
Core Services Core Services
Information Technology Services Measures and Metrics • 76 • Measures and Metrics Information Technology Services
* Note: OnQ will replace Moodle in the next issue of this report.
Moodle is Queen’s Learning Management System prior to the decision to adopt OnQ (Brightspace) campus-wide.
MyQueen’sU serves as the main access point for students, faculty and staff to ac-cess many applications such as PeopleSoft.
Office 365 is a web-based suite of appli-cations delivered through the cloud, which includes Email and Calendar.
QShare is a web-based file storage, distri-bution and sharing solution for the Queen’s community.
Queen’s website queensu.ca 23.997
23.985
23.999
23.988
23.926
43 seconds
4 minutes/ 26 seconds
4 seconds
54 seconds
11 seconds
Measured in hours
IT and Information Security
Data Breaches
As universities and other organizations have improved the security and resiliency of their IT infrastructure, attackers are increasingly targeting people and their devices as a way to gain access to information, or to hijack systems.
About 59% of data breaches in 2015 are attributed to either user devices (laptops, tablets, etc. being infected with malware) or persons (essentially, people falling victim to phishing attempts).
Many people probably think of spam as nuisance email that fills our inboxes, forcing the recipient to waste time deleting all of these unwanted messages. In reality, much of the spam arriving at Queen’s carries “payloads,” such as malware and phishing attempts.
Spam Prevention
IT Security
Information Technology Services Measures and Metrics • 9
IT Security
8 • Measures and Metrics Information Technology Services
In a typical day, about 80% of email arriving at Queen’s is determined to be spam and blocked by ITS or Microsoft. Some spam does slip through however, and increasingly can be dangerous to open.
Number of email messages blocked as spam in a typical day.
1,240,793
Compromised Accounts from January to June, 2016
A Queen’s NetID can become compromised in a number of ways. Essentially, someone else learns what your NetID and password (your “credentials”) are, and starts using your NetID for a variety of nefarious purposes, including stealing your information or hacking into other computers. In the majority of cases, NetIDs become compromised because someone acted upon a phishing email or web link, and provided their login credentials.
Compromised NetIDs
In May 2016, Queen’s saw a sharp increase in compromised accounts, with 178 occurrences. This corresponds to a comparable spike in phishing attempts that month. Hackers are becoming more sophisticated and creative in their attempts.
13 1525
109
178
91
January FebruaryMarch
April
May
June
The university operation relies on many different computers and software applications, only some of which are managed by ITS. In accordance with the Queen’s University Electronic Information Security Policy and Authorization to Operate process, all systems and applications should undergo a security risk assessment before being put into service. This process will determine if there are common exploits or vulnerabilities present, which could put information at risk.
Security Risk Assessments
Security and Privacy Risk AssessmentsSuch assessments are conducted for services or systems provided externally to the university, but will be used by members of the Queen’s community.
Security Vulnerability AssessmentsGenerally, vulnerability assessments are conducted for new services or systems introduced within the Queen’s network environment. There were 53 of these done in 2015.
21# of Security and Privacy
Risk Assessments conducted between
January and June 2016.
8# of Security Vulnerability
Assessments conducted by a single ITS Security Analyst
between January and June 2016.
# of Queen’s employees who took the online IT Security Courses during January-June 2016.
# of Queen’s employees who took the online IT Security Courses since introduced in August 2014.
67799 Estimated percentage of Queen’s
employees who have never taken the online IT Security Course (based on an estimated employee headcount of 6,700 full-time and part-time).
Source: Verizon’s 2016 Data Breach Investigations Report
88%100%
Adoption of Enterprise Services Window File Service
Efficiency and Effectiveness Data stored in a central place enables greater access and better collaboration.
Security A central data repository in a secure data centre is a much safer place to store data.
Reliability Regular backups store important data in Windows File Service.
One measure of the effectiveness of an IT service is the degree that this service is adopted and used by campus stakeholders. Sometimes, factors such as service fees can inhibit such adoption. In concert with other changes in the ITS budget structure, it became possible to eliminate per-person or per-device fees associated with Windows File Service.
Windows File Service provides secure file storage in the Queen’s datacentre where departments can store and share their data.
PeopleSoft Support Workload Distribution
280
260
240
220
200
180
160
140
120
100
80
60
40
20
0
Queen’s integrated PeopleSoft application environment is complex and has an assortment of local customizations. Maintaining this environment, including applying regular software upgrades, is a challenging responsibility, but new needs or changes to university business processes have to be addressed too. Working with the Registrar, Financial Services and Human Resources, priorities are established to ensure that both “fixing” and “improving” can occur.
Support - System Analysts investigate reported issues or problems which may arise during production operations.
Data Fix - A database update to resolve production issues, typically due to error(s) that occurred during data entry.
New Development - New capability or functionality, such as a new report, interface or component, or a local customization.
Development Change - A change to application functionality to meet or improve new business requirements, (aka RICE Change).
Bug Fix - Correcting errors in local programming or apply a fix provided by the vendor.
Total 144 Total 144
Total 129 Total 126
Total 161 Total 160
Enterprise Services
Adoption of an enterprise service for sharing data and resources provides multiple benefits. The value yielded by this change includes:
From January to June 2016, more than one third of the team’s activities have been allocated to improving PeopleSoft features and functionality for the business owners and the end users.
PeopleSoft
Information Technology Services Measures and Metrics • 1110 • Measures and Metrics Information Technology Services
January February March April May June
40%Average proportion of System
Analyst activities which improve PeopleSoft features
& functionality
In a six month span 12 departments signed up to use Windows File Service.
# of departments
=
Information Technology Serviceswww.queensu.ca/its
Wireless NetworkingAnnual investment in the university’s secure wireless network ensures that ITS can continue to expand this service in order to keep pace with continually escalating demand. Between March 2015 and March 2016, peak Wi-Fi demand (measured as the number of devices requesting a connection) increased by 60%. A key ITS goal is ongoing expansion and refresh of the Queen’s Wi-Fi network so that it is able to handle peak load conditions, especially in high-traffic areas.
Secure wireless network service improvements
Student ratings on the reliability of Queen’s Wi-Fi service
Infrastructure
60%Increased # of
concurrent devices supported
Approximate increase in the maximum number of concurrent devices that the Queen’s Secure Wireless Network was able to support in April 2016 vs. April 2015.
Source: 2016 Educause ECAR Survey on Students and Technology. Based on ratings from 135 randomly selected Queen’s undergraduate students (5% response rate).
12 • Measures and Metrics Information Technology Services
of undergrads rated Wi-Fi reliability in classrooms as either good or excellent.
73.8%of undergrads rated Wi-Fi
reliability in libraries as either good or excellent.
81.3%