I. Approval of the Agenda
II. Approval of the Minutes of the October 9, 2002 Meeting
III.Admissions and Standards Committee (Report No. 3, 2002-2003)
IV.Report on Computer Viruses (Report No. 4, 2002-2003)
V.University President's Report
VI. Senate President's Report
PRESENT: E. Anderson, Ball, Barbato, Bathala, J. Bazyk, Beckette, Buckley, B. Cook,
Dieterich, Dobda, Droney, Ekelman, Geier, Govea, B. Green, Gross, Hinds,
L. Keller, Konangi, Lambert, Larson, McCahon, J. McIntyre, McLoughlin,
Misra, Moutafakis, N. Nelson, Ng, Nuru-Holm, L. Patterson, Rom, Scherer,
A. Schwartz, M. Schwartz, Spicer, Spiker, Stivers, Wadhwa, Webster, J.
ABSENT/EXCUSED: David Adams, C. Alexander, Annapragada, Atherton, Bagaka's, Burt, Charity, Dillard, Doerder, Forte, Hanlon, S. Hill, Jeffres, M. Kaufman, Kiel, Kuo, Lopresti, Meeting, Nolan, Perkins, Lee Reed, Rosentraub, Sawicki, Shah, M. Smith, Sparks, Steinglass, Tewari, Thornton, Tumeo, J. Webb, F. White.
ALSO PRESENT: E. Brennan, Buckner Inniss, Silberger.
Senate President Vijay Konangi called the meeting to order at 3:05 P.M.
Admissions and Standards Committee (Report No. 3, 2002-2003)
Senate President Konangi stated that Senate has a proposal from the Admissions and Standards Committee to change the Spring 2003 commencement date. A revised memo from the Admissions and Standards Committee was distributed today indicating that the proposal now has two parts to it. The start date of Spring 2003 semester also needs to be changed.
Professor Lolita Buckner Inniss, chair of the Admissions and Standards Committee, stated that the Committee is proposing changing the date of the Spring 2003 commencement from Sunday, May 11, 2003 to Saturday, May 10, 2003. The main reason the Committee is going forth with the proposal is to avoid having commencement on Mother's Day which is Sunday, May 11, 2003. For the past several years, we have held commencement on Mother's Day and, as a consequence, we have had increasing difficulty in staffing the program. The program is chiefly staffed by members of the faculty and staff as a volunteer effort. We have a number of individuals who have had difficulty getting away from their families. One of the considerations of the Admissions and Standards Committee was to hold commencement on a weekday, but that wouldn't work since many of those individuals who staff graduation are working on registration and have other duties. For that reason, we have to stay with a weekend date.
Professor Buckner Inniss reported that the second reason for the proposed commencement date change is to avoid inconveniencing students and their families. Mother's Day is a non-sectarian celebration which is observed by most people. Year after year, students have to restructure those celebrations or forgo them entirely in order to participate in the commencement ceremonies.
Inniss stated that the final reason for this change is to reduce security
costs. Because commencement typically takes place on Sunday, that means
we have security through both the end of Friday into Saturday and Sunday
at a significant cost.
Professor Buckner Inniss stated that in order to accomplish this change in commencement date, the Admissions and Standards Committee is also proposing to change the start date for Spring 2003 Semester. Right now, the Semester is set to start on Monday, January 13, 2003. If we are to change the commencement date, then we also need to change the calendar so that classes start on Saturday, January 11, 2003. That would give us enough Saturdays to complete the Semester.
Professor Jane McIntyre pointed out that since we just published the Spring course bulletin which lists a different start date, there is likely to be extreme confusion for the Saturday students about what day they are expected to show up for the first day of class. "What are we going to do about the fact that somebody is going to show up on what would have otherwise been the first Saturday class?" Professor Buckner Inniss noted that we do have a significant number of students who have Saturday classes but it is by no means the majority of students so we do feel confident that we could email most of them if this change were to be approved.
Dr. Jane McIntyre pointed out that if students can register up until the first day of class, how would we be able to have a mailing to students who may still be registering two days before the class. The mailing undoubtedly would have to go out substantially before that. Some students quite legitimately will not hear of this and, for a Saturday class that meets just once per week, that means missing a whole week of class.
Professor Deborah Geier asked, "Could the person who answers the phone be instructed? Dr. McIntyre remarked that no one answers the phone -- it is an automated system. Professor Larry Keller suggested putting a message on the phone system.
Dr. Jane McIntyre wondered if someone from the Registrar's Office was present at Senate who could speak to this issue. This is not just a calendar change. It is a change in the start date for a semester that is going to start in two months. For some students, this kind of change would be a critical problem.
Senate President Konangi stated that the concern is legitimate and in anticipation of Dr. Jane McIntyre's question, he checked with the Registrar's Office. The Registrar's Office did print the Spring 2003 Semester course schedule indicating that this may be the first day of classes. Dr. Jerry Kiel, Enrollment Services, and Ms. Susan Lindsey, Registrar, are not at Senate today because they are at a conference at Akron. But the Registrar's Office is confident that they can get the word out to the students.
Spicer noted that given the transition problems, why not defer this change
for an academic year if there is a benefit to be had by shifting the Saturday.
Professor Buckner Inniss replied that the Admissions and Standards Committee
did consider that, however, probably the most significant reason for the
Committee's proposal and putting this forward this term is because of
the problem of staffing and volunteers for commencement. She has been
assured by the Registrar's Office that we are close to reaching crisis
proportion in terms of our ability to maintain our volunteer pool. The
Committee felt that all things being equal, we would be better served
as a university community if we could put this change forward as quickly
as possible starting with this academic year.
Professor Andrew Gross stated that he would feel more comfortable if Professor Buckner Inniss had some numbers: 1) the cost savings on the one occasion; 2) the number of Saturday students affected; 3) the number of people in the volunteer pool. Professor Buckner Inniss responded that she was sorry to say that she did not have the precise numbers regarding starting with the cost savings, but as members can recall her reasons for this proposal and the Committee's reasons for this proposal, the cost savings is certainly something that is important, but it is not the controlling factor. The chief reason for this proposal is to make sure that we can have our volunteer pool. Yes, there will be students affected, but we do feel that we will be able to get the word out to most of those students in a way that they will be minimally affected by this change.
Dr. Cheryl McCahon reported that the Graduation, Convocation, and Assembly Committee also met on this issue and, based upon the same reasons that were identified here at Senate, her Committee also supports the recommendation that the date for commencement be moved. The Committee also realizes the Saturday issue, but feels that it can be dealt with and they are in support of the proposal as well.
Professor Jane McIntyre asked if there is any problem for Jewish students with the Saturday commencement. Professor Buckner Inniss responded that for those students who are strictly observant and who would not be able to take part in such ceremonies, yes, certainly there would be a problem. One of the things that the Committee does have in mind, however, for those students who because of their religious observances wouldn't be able to participate on a Saturday, is that those students would have the option to participate in the Fall ceremony. Right now, the schedule for the Fall commencement would remain on a Sunday in terms of our upcoming proposals for the five-year calendar. However, the greatest number of students were being affected by the Sunday commencement date so the Committee went ahead with the proposal. However, the Committee is sensitive to students who have religious observances.
Professor David Larson
asked, "If the saving of money was not of primary concern and is
not that large of an amount, did the Committee consider simply postponing
commencement one week and having it the Sunday after Mother's Day?"
Professor Buckner Inniss responded that because we run a fairly tight
ship around here, one of the problems we run into in terms of scheduling
would get us into problems with registration and with summer classes.
Professor Larson stated that he didn't fully understand what Professor Buckner Inniss was saying because we don't have any classes or registration on Sunday. He understands that commencement is run by volunteers. "Why are people volunteering to do this for no pay in the first place and is that really the right way to run commencement?" Professor Buckner Inniss replied that this is beyond the purview of the Admissions and Standards Committee and they were not asked to consider that matter but that is a point well taken and perhaps this body or some other subcommittee might take this issue up.
Dr. Barbara Green asked if this means that we have been holding class on the Saturday before the Sunday commencement. Professor Buckner Inniss replied that Dr. Green was correct. Dr. Green asked, "How would anyone know whether a student taking that class passed the course in time to commence?" Professor Buckner Inniss replied that we don't know that for our regular students typically. It is not a huge number of students but there are always the unfortunate few who participate and then find that it was premature That issue is something that the Committee has not really addressed.
Dr. Rodger Govea moved to close the debate and vote on the proposals. Dr. Lawrence Keller seconded the motion.
Senate President Konangi noted that the motion moved by Dr. Govea is not debatable. We must vote on whether we will close the debate. He then called for the vote. The motion was approved and the debate was closed.
Konangi stated that the original motion is from a standing committee that
does not require a second. Dr. Konangi then asked for the vote. The proposal
to change the Spring 2003 commencement date from Sunday, May 11, 2003
to Saturday, May 10, 2003, and to change the start of Spring 2003 Semester
from Monday, January 13, 2003 to Saturday, January 11, 2003 was approved.
Report on Computer Viruses (Report No. 4, 2002-2003)
Senate President Konangi reported that approximately three weeks ago all of us were subjected to several computer viruses. Several computers were affected and some departments were non-functional as far as PCs were concerned. Vice President Michael Droney gave a report to the Academic Steering Committee and the Steering Committee felt that there would be a great benefit to giving the same report to Faculty Senate because of widespread interest.
Vice President Michael Droney reported that there have been a few incidents. The whole purpose of his report is to lay the groundwork. There are tools out there designed to do nothing but attack servers and systems. Microsoft as well as Unix and all of these other products are not well tested and have flaws in them when they come to market.
Mr. Droney reported
that when we talk of viruses and/or attacks, the risks are defacement,
where your web site might be changed and that happened to CSU recently.
A situation can be created where a server is flooded with transactions
so no one can get into it and it keeps you from real customers. Factious
or bad code is embedded into good code. It is easily triggered by an event
such as a date or time.
Mr. Droney noted that security is a combination of good protection systems, good detection systems, and response. For example, you never heard a bank say, "Our safe is so good we don't have any alarms."
Mr. Droney noted
that Unix is an operating system that is predominately the choice in most
universities and many other environments. He stated that if you do a Web
search on "Crack Unix Passwords" there are 87,000 hits. We will
never have all of the resources required to guarantee 100% risk free computer
operations. Another well known group can be found on the Web at "Hackers
Homepage." Not only can they break computers, they can break bank
machines, etc. They have been in business for seven years and they are
proud of it. This is a risk management mechanism.
Mr. Droney talked about the CSU environment. We have about 4,500 PCs, 8,000 network hookups, and 32 buildings in which we have a network including the Convocation Center. We all have desk top PCs in our offices and we have several computer labs. We have over 400 dial ups into our network. One-third of the campus is on wireless and they too can enter into this network. Both dial up and wireless have password and authorization. Then we have servers. The PeopleSoft system is on servers and the administrative systems are on servers; we have all kinds of email servers, Web servers, WebCt servers, and Viking servers as well as other servers. There are 110 different servers managed in IS&T and there are close to 100 within the colleges. Viking Hall and the classrooms are treated special as if they are outside of our network because of potential problems that we might have. So we have firewalls that are a combination of software and hardware and they are wired in between our network and the Internet. These firewalls protect us from various sites that we don't want coming into our community. Because PeopleSoft has all of our critical data on it -- financial data, student records, personnel records, pay records, etc. -- a second firewall was put in place. The amount of controls on this firewall have been upgraded within the CSU network. This firewall restricts certain activities unless they are within our network. Because we don't have control over what can be going on in Viking Hall and the classrooms, we are treating them like they are coming in from the Internet so they are also treated with a firewall.
Mr. Droney reported
that CSU has a blanket agreement from McAfee Software and that is McAfee
Virus Protection. This is one of the main abilities to protect everyone's
PC from viruses, predominately from email. The problem is that some PCs
do not run it well.
Mr. Droney reported that CSU's main web server was hacked about one month ago. Then last week WebCT was hit and two days after that, Viking was hit. The WebCT server was attacked by defacing the front main page. Within seven minutes it was caught and replaced. A team of people worked behind the scenes day and night and actually took another server from scratch, cleaned it off, and rebuilt the entire server all through the night. Passwords were really restricted. Many departments were impacted by IS&T because people had to come in to get new passwords. We had no choice -- that was the response that had to be taken to stay clean. All indications are that the main web server was hacked by a different group than the other servers. It is believed that the WebCT and the Viking servers were hacked in the same manner and possibly by the same group.
Mr. Droney stated that if you picked any server and looked at it conceptually, what sits on a server is data and an operating system like Unix. There are all kinds of services. Software are utilities that help diagnose the machine, and help in the day-to-day activities of the machine. One favorite way for a hacker to attack a server is to attack the server with a sheer volume of transactions. The server would be unable to handle all of those transactions in its memory and starts buffering them. When it starts buffering them, the hacker will throw a unique transaction at the server that is known to not work well. If you know that this transaction is not going to work well, that is the time to do it -- that is the weakest part of the machine. In fact, that is what a hacker waits for -- for that transaction to break and surrender control of the server back to the operating system level. That gives control of the server sometimes over to the hacker. At that point in time, the hacker can do whatever he wants to do with the server.
Mr. Droney reported that a series of responses have been taken to all of these activities. First, we know that all of these operating systems and vendor software are issued with problems. The vendor issues patches for them. A patch is a repair to a bad code. A problem has been identified and it is usually put on a Web site. The vendor is attempting to fix the problem. The hacker is writing code to try to capitalize on that problem, and it is a race in time. Will the vendor get the fix to us in time? Will we have the time to repair that software before a hacker comes to our site and tries to capitalize on it? Patches are being put on our 110 servers on a monthly basis and on some critical servers we are putting them on, on a weekly basis. This is a resource drain and is very time consuming. This goes back to protection response.
Mr. Droney noted that as soon as it was known that WebCt was hacked, information was communicated to everyone through mass mail. File compares were done on the WebCT server to check data and operating system changes. It is believed that the hacker came in on Thursday and compromised the box, but defaced it and corrupted it on Sunday. We went back to midnight on Wednesday and took the backup from there to reload the data. We are just not repairing the damage but rebuilding all of the servers. Every server is brand new and not the same physical device. We actually keep the physical devices in a compromised state so that we can diagnose them and figure out what happened.
Mr. Droney reported that any time a machine is compromised, every password and system password is changed in the entire system. In fact, that is one of our best defenses. Everything was reported to the FBI, especially the hacked servers. An Infraguard group was created in the Cleveland area several years ago. Our security team has been part of that group and we are very supportive of the initiative. Mr. Bill Wilson, the Program Office Director in IS&T, is responsible specifically for day-to-day security. After the Viking server was hit, he went out and brought in a security specialist to review our systems. Universities seem to take a very open posture because we want to be open in communication. In private industry, the philosophy is, "we block everything and only let in what we want in." That is a significantly different philosophy. In the long term, depending on the frequency of this hacking, there might be a point in time when universities may have to adopt the same philosophy or some compromised position as in private industry. For the long term, we are looking into that, but, for now, we are still trying to scale everything possible out of our system that could be an easy open door. By no means can we guarantee our system 100% foolproof.
Mr. Droney noted that viruses typically come in with emails and attachments. After the last virus swept through CSU about a week and one half ago, we were hit with the "bugbear" virus. Ninety-nine percent of that virus originated from eight different dial ups into our network. So, it was either students, faculty, or administration. Our McAfee software license is legally transferrable to everyone's home PC. Everyone has a responsibility to the university to try to keep home PCs clean as well. We are extremely subject to viruses at home if we don't run some sort of virus protection. There are other tools out there, but we have contracted with McAfee which is one of the leaders.
Mr. Droney reported that Mr. Bill Wilson and his team recently purchased a virus appliance. We are calling it an appliance because all of the software is on a chip in the box that is very hard to hack and damage. It is physically hardwired into the CSU firewall server. That appliance should be on campus, installed, and in service within three weeks. Mr. Droney noted that instead of having a virus trek through and on to your PC and rely on your PC to catch the virus, the virus appliance will actually stop the virus at the server as it enters.
Finally, Vice President Droney reported that a search has been in process to add a second security person to the staff. This problem will not go away. If anything, it will continue to get more hectic, but we are going to say in front of it.
Specifically pertaining to services, Professor James Wilson asked, "What criteria is used to determine identity?" Mr. Droney responded that the services are all system functional related services as a rule. The program is in our shop and things like "FTP" are not allowed on all servers.
Professor James Wilson asked Mr. Droney if there is a content based way in which sites or services are being excluded in terms of the content of the material. Mr. Droney responded that the kind of services he is talking about here are actually programming functional type services. The only time we will be looking at content is with the virus appliance. That appliance analyzed the content for known viruses. Its accuracy rate is in the high 90%. The possibility does exist that it will delete a potentially valid email, but the frequency is extremely slim.
Professor Arthur Schwartz asked, "What kind of reduction should we anticipate in the operation of our home systems when installing McAfee?" Mr. Droney responded that it depends on the system. The honest answer is, if you have a machine that is more than a couple of years old, it will run like a dog. That is the risk we have. We are very susceptible to getting these viruses at home. If we let our email addresses go out to a publication, etc., we will get tons of junk mail. We are in a situation where PCs three to four years old are due to be replaced. We almost have to run some type of virus protection to protect ourselves. The complexity of the virus programs has gotten so good that the virus protection software takes a lot of cycles in our computer to operate. We used to be patient about a two second wait, now we want sub-second response from our computers today.
Professor Jane McIntyre asked, "Has the introduction of putting our grades over the Web introduced any new level of insecurity, particularly with respect to things like writing information?" Mr. Droney replied that the good news is that these web servers don't have any critical data on them that would be personally threatening. Servers like the Web and Viking actually create a routine that doesn't bar you against a particular data base. Mr. Doney stated that we are as secure as we can make it. We are probably more secure than a lot of universities. We are in a tolerable zone. Can he guarantee that no one can ever get into it? No. We can't afford that now. Can someone break into the files in the Registrar's Office and get the same information? That would be easier to do than to get into our system.
Professor McIntyre commented that she remembers of one incident quite a number of years ago that was not much publicized where somebody had hacked into the data base of student records and we received a cryptic email at one point that said to check all of our lists at the end of the semester to verify the grades that were submitted and check them all for students who may have been inadvertently deleted. She is not so much concerned whether somebody can steal information about one particular student, although she is concerned about that, but she is concerned about all of the new entry ways into the system and that this may be opening up something that could compromise it. Mr. Droney responded that there are several precautions on the Web to help minimize that risk so faculty members are pretty restricted by their students, etc. Even if somebody got your password, a very minimum number of students would be impacted.
Professor David Larson mentioned that he is the director of undergraduate studies in English and he has occasion to print out student transcripts. He has recently printed several scrambled transcripts. He doesn't know if that is because they were wrong in the first place in the Registrar's Office, or whether the hacking into Viking, which is what he is using to get the transcripts, has affected them. But he has students who claim that transfer credits that used to be on their transcripts are not there and Professor Larson has transcripts in which things are in the wrong order, specifically transfer credits. He asked Mr. Droney what is occurring there. Mr. Droney replied that Professor Larson's case is the first he has heard of. Mr. Droney responded that this really doesn't sound like an application problem or a data problem. It sounds like a network or a printer configuration type issue.
Schwartz referred to the virus appliance and asked, "When it arrives,
is it fixed which means that as of the date it is built, it can detect
viruses, and is there any way of updating it?" Mr. Droney answered
that it updates itself. It is a McAfee related appliance. McAfee has programmed
it to the machine and it actually goes out daily and grabs the updates
V. University President's Report
President Michael Schwartz commented with regard to students walking at commencement who may not have finished. Last year he changed the language in the program so that in conferring the degrees, the language now includes words to the effect, "Subject to the completion of the requirements."
President Schwartz covered two memos that have drawn a great deal of attention recently -- both of them from Dean Earl Anderson. One memo is a summary of the actions of members of the College of Arts and Sciences with regard to three proposals plus a status quo with regard to reorganization of the College. Dean Anderson summarized that and sent it forward to the University Curriculum Committee. The other memorandum, which he found more than a little interesting especially with its Greek references, struck him as another proposal. As such, he is asking that it be returned to the beginning of the process that was in use for the other proposals.
President Schwartz reported on enrollment. For last Summer, the overall enrollment was up a little over 2%. Graduate enrollment however was up by 5.2%. The undergraduate enrollment for the Summer was up only .4%. This is making it clearer to him all of the time that Cleveland State University is becoming Cleveland's Graduate School. For the Fall, our overall enrollment was up 2.6%, but the graduate enrollment was up 8.7%. In a conversation he had with Dr. Jerry Kiel yesterday, he was informed that we are running well ahead in applications for admission but the conversion of those applications to enrollments has declined. It declined for us at about 10% and it declined at most of the universities that way. The big growth being shown in these conversion rates is in the community colleges which is leading us all to believe that price is the issue. The graduate enrollments are very solid.
President Schwartz commented that everyone may have seen a letter he signed having to do with plans and planning and especially with strategic planning. He has asked Vice Provost Marie Zeglen to put together a committee of people to help her design a process for the planning that this university needs. We have a campus master plan for physical plant. We are developing a lot of plans but the critical one is the academic plan. We need a process that is inclusive of everybody on the campus.
President Schwartz commented about the time line for the President's initiative proposals. He thought that when this was announced, we probably would get maybe 15 proposals to read and select from. We received 67 proposals which was a surprise. They were due on the first of this month. On November 4, 2002, there was a completed administrative review of those proposals to make sure that each one met the criteria for inclusion. Based on that review, 15 were deleted mostly because they did not come up with a community partner. Between November 6th and 12th, there will be an independent review of these proposals by members of Content Review Panels. All of them are exterior to this institution. The review sheets are supposed to come back to Mark Tumeo on November 13, 2002. The Content Review Panels will meet here on November 15, 2002 and we are hoping to make decisions on the proposals and make announcements to the applicants between November 25th and 27th.
President Schwartz stated that for those very promising proposals that we can't fund this go-around, we are going to try to do two things: 1) to help folks rewrite them so that they are more attractive in the next go-around; 2) to find other sources of funding for as many of them as we possibly can.
President Schwartz commented that we have unveiled a physical plant campus master plan that found its way into the Plain Dealer and it had a pretty good response. This is a very real plan and it is his intention to adhere to it. To that end, we have been asked for bids to serve as financial advisor and underwriter for bond issues that we will be taking to the Board of Trustees in the not too distant future for a number of projects. This is a very interesting plan because it is a mix of private capital, the bond issue, and some money out of the capital budget from the State. The first step of this plan is a bookstore. We are hoping that this can get going by the end of this academic year. The proposal calls for a two-story bookstore, student housing in apartment style above it -- maybe as much as 230 beds. There will be a covered walkway through the bookstore from Euclid to Prospect, and, behind that, we are expecting RTA to build a transit center. Over the transit center, we are expecting to acquire the air rights and build a parking garage for 600 cars. If anyone wants more details or has any questions, the father of the project, Mr. Jack Boyle, is present to respond. There are some aspects to this that we absolutely have to do. We are non-competitors for new freshmen students largely on the basis of facilities. We need a student union building and a recreation and wellness center. If we have students living on and near the campus and no amenities of collegiate life for them, they won't live here very long.
President Schwartz called the Senate's attention to the Inaugural Lecture Series. At one event, one of our Trustees gave a really fine lecture on "Fuel Cells -- The Ultimate Disruptive Technology." As a social scientist, he found it very interesting and a little scary. The next lecture is on Tuesday, November 26, 2002 at 5:00 P.M. in the Dively room in the Levin College of Urban Affairs. Dr. Thomas Zawodzinski, the Ohio Eminent Scholar for fuel cell research at Case Western Reserve University, is going to be here to speak on fuel cell research and development. On Tuesday, December 3, 2002 at 5:00 P.M., also in the Dively room, Mr. Benson Lee, President and CEO of Technology Management, Inc. is going to speak on "An Entrepreneur's Perspective on Commercializing the Disruptive Technology."
VI. Senate President's Report
Senate President Vijay Konangi reported that, at the last Senate meeting, we had a discussion on the survey that was done for the National Student Engagement. Subsequent to that, the Academic Steering Committee had a special meeting where this was the only item on the agenda. The consensus of the Steering Committee was that we need to establish essentially something equal to a cause and effect relationship -- that is, we need to identify what are the causes for lack of student engagement and then try to identify remedies to it. The Steering Committee was unable to determine that from the survey we had. It was pointed out in the Steering Committee that Professor Leo Jeffres, from Communication, is conducting a survey this semester which will be finished this semester and that survey will provide the type of data we are looking for. The Steering Committee will propose an action plan after the results are received from Professor Jeffres.
There being no new business, the meeting adjourned at 4:05 P.M.
Cynthia A. Dieterich
Faculty Senate Secretary
Faculty Senate Secretary
[Top of Page]