Brent Warner 0:00
How do we deal with technology, security and access? We’re interviewing IVC, Director of Technology Services, Nick Wilkening, this is the higher ed tech podcast season six, Episode 14.

Tim Van Norman 0:16
Tim, welcome to today’s higher ed tech Podcast. I’m Tim Van Norman, the Instructional Technologist at Irvine Valley College and Adjunct Professor of Business at Cypress College.

Brent Warner 0:33
And I’m Brent Warner, Professor of ESL here at IVC. We both enjoy integrating technology into the classroom, which is what this show is all about

Tim Van Norman 0:41
Welcome. We’re glad you’re here with us. So hey, this is a good one. We’ve we’re going to hop right in, because this is somebody that we had on the show, I think, one time back season three, episode three. So it’s only been more than twice that, twice as long since we started, sorry about that. Yeah, we’ve, we’ve talked about it and tried to. I’d thought about getting you on, but haven’t asked. So you’ve never said no, it’s more been a matter of scheduling and and stuff. So yeah, but we’re going to hop in pretty quick here with Nick Wilkening. Our IVC is Director of Technology Services, and also happens to be my boss. We’ve talked about how as instructional technologists, sometimes they very seldom. But do they report through technology services? I happen to like that, that I do. It’s made my life a lot easier, I think. But So Nick, welcome.

Nick Wilkening 1:41
Thank you both for having me again. It feels like yesterday the last time I was on it, but realizing, I think it’s been a few years, and I’m excited to get back in and have a good conversation around some education and some technology space.

Brent Warner 1:55
Yeah, thank you so much. And we’re gonna get a little bit techy today, because we are talking as mentioned, obviously technology security and access and so I will probably be the voice in here, slowing us down a little bit and saying, Wait, define what does that mean? So just bear with me if I keep interrupting to look for terminology or clarification of what we’re talking about, but I’m gonna let Tim lead, because he understands these conversations a lot more than I do. So Tim, you go ahead, run with it.

Tim Van Norman 2:32
So, so what we’re looking at here is we’re talking about a lot of different things. We will talk a little bit about Irvine Valley College, but mostly this is going to be more of a general conversation, because there’s a lot of things that people just don’t know. Is are going on in technology, or what maybe we’re doing in technology at a little higher level than what you might be thinking of personally. So as we get into this Nick you’ve, you’ve definitely, I’ve seen a lot of stuff that you’ve really been working on with security and stuff like that. So let’s start with something about IVC. But is there any new developments at IVC or tech that we should be talking about that’s actually pretty pertinent right now?

Nick Wilkening 3:24
Absolutely. Yeah, so I’m glad we were able to kind of lead off with that, because there’s been some significant projects we’ve been able to work on, separate and apart from what’s kind of being done district wide, which, for those that are listening and are in the space between Saddleback and IVC, you’re intimately aware that we’re going through an ERP change, and we’re going on to a new platform called banner, separate from that at IVC, specifically, we’ve worked over the last couple of years on really trying to improve the outdoor wireless experience for a lot of our students, mainly, but also anybody really that’s coming on campus, and that took a number of different capital projects. We as far as finding funding, working with our construction vendors, submitting out a request for proposal, working through all of the technical requirements, and ultimately working through last summer to install the wireless access points for anybody that’s in the inner building spaces. So when a student comes on campus, they authenticate to our wireless. And if they’re in the library, studying hard and they decide to go over and talk to the financial aid folks in the Student Services Building, they’ll have wireless when they walk from the library to the SSC, which has been a really important thing for our availability and providing technical ubiquity across the campus, there are areas that we don’t have wireless available still, and that’s mainly in most of the parking lots as well. As the athletic fields, but where there are the most foot traffic around campus, we really tried to prioritize that, and we’re really proud, because it’s, it’s one thing that is kind of always come out in surveys that we’ve we’ve heard from students in particular, especially during the pandemic, hey, we need wireless. We need wireless. So we heard that, and we put into action and got that squared away. And then internally, for the staff, faculty and management, we put together two projects. One is our SharePoint migration, where we’ve put everything into the cloud, so it’s all SharePoint in the cloud now much more secure. It’s managed better. We can control it much better. And then, most recently, over the last month, we’ve been rolling out the first wave of our windows, 11 upgrades. And that’s also in kind of the security space we’re going to be doing all student facing devices this summer. So all those windows, 11 devices should be updated at this point for all staff, faculty and management. And for the most part, we have not heard a lot of people either complaining or feeling frustrated about it. It’s been a fairly straightforward IT project. So lots of things moving, and we’re happy that we’re able to touch all the different groups make sure everyone’s hopefully getting what they need when it comes to technology, absolutely.

Tim Van Norman 6:16
And for those Brent, yeah, you don’t have to worry about the windows 11 update, at least on yours. You know, we talk about the difference in computers and stuff like that, but but in the classroom, that’s going to be really important as well. Fortunately, Windows 11 is not that much different than Windows 10 for most people, but from a security standpoint, and from like my standpoint, I like it a lot better. It really has improved a lot of things.

Brent Warner 6:44
Yeah, and Nick, I’d like to ask. So I think those are going well, I’d like to go back a little bit to the Wi Fi conversation, and you don’t have to go in super depth, but just on our campus, and I know I’ve seen this on other campuses too, we’ve initiated Eduroam, and so can you because I think there’s a little confusion for it’s like, Hey, wait, what do I log into? Or and sorry for for those of you who are off campus, but you might have the same issue, right? So, so can you tell us just a little bit about eduroam and how that is being used on campus?

Nick Wilkening 7:15
I’m really glad you brought that up. I completely forgot about highlighting that. So eduroam stands for educational roaming. It’s the brainchild of a person within my department, my team. His name is Larry Shea. He brought this solution forward. I had never heard of it, and it was it’s basically what we in technical speak call a federated identity management solution. What does that mean in non technical speak? It means I can take my username and password, my IVC username and password, and if I go to a UCI, or I’m, you know, doing a tour of Cal State Fullerton, I can log into the wireless on each of those campuses with the username and password that I use to log into my IVC wireless. So it really helps our students that might use libraries at other places, it helps UCI Cal State, Fullerton, Cal State, LA, any number of the Cal State, UCS, as well as private universities in Southern California, use Ed your own so when students come to IVC library, they authenticate into our wireless It allows for a lot more secure and standardized access to the internet. It also works for IVC students that are traversing between IVC and Saddleback, so there’s a lot of students that take classes at both colleges, and it allows them to not have to worry if they go down to Ivy Saddleback, they just connect to the wireless and everything’s up and running. So it was launched last summer to much fanfare, and we’ve been really happy with how that’s going. I also want to make one more pitch, I think, during the last podcast, I talked about how I was trying to reduce max on campus because they’re difficult to manage, right? And I did hear that for like, the last couple years from people like, Hey, I heard you. You’re not a big fan of Max. Like, definitely, I love Macs. And another shout out, I want to make sure we highlight is we hired a new tech two his name’s Mike Bowman, and he’s come in, and he’s completely made a fantastic work of managing our apple devices. So what that means is we’re much more able to provide Mac devices for those interested in requesting them. So we’re making progress in a lot of different spaces, and I want to make sure I circle back on that, that that’s something that’s a positive in a lot of ways.

Tim Van Norman 9:33
Brent he called that progress.

Brent Warner 9:38
I’ll take it (laughter)

Tim Van Norman 9:40
So that EduRoam has been really useful to me as well as a staff person, I had to go down to Saddleback for something. I just opened up my laptop and I’m on. I went to a tap and opened up my laptop and I’m on. Basically that concept has been really, really useful. And it’s also nice when somebody. The adjunct faculty, they’re at various different schools, to just literally walk in and know that they’re connected, and they don’t have to log in, they don’t have to do anything else, and remember, oh, so is this one, this or that? It’s just done. It’s a really nice system, absolutely,

Nick Wilkening 10:20
I am really glad you brought that up. One point in particular, ATEP in particular, is a unique campus in so many different ways, very, very like exciting time as Saddleback is opening two of their buildings, you make a great point. Eduroam is going to be fantastic for those students that potentially may take a class in both colleges, but are, you know, a stone’s throw from the other building, they can walk and have that that same wireless experience across both places. So, yeah, great, great reminder about the availability of it, and we encourage those, especially staff, faculty management, to use it as well.

Tim Van Norman 10:57
And then touching on the third one SharePoint migration, while many of our faculty use use Google, a lot of our staff and administrators use SharePoint. And the nice part about SharePoint being online means that as people are actually being able to work at home, they can actually get access to that without needing to use VPNs or something like that, which has been really helpful. Anytime you put another layer between you and your end product, it slows things down, especially on the internet. And so to me to not have to use a VPN, I probably have to use a VPN once a year. Everything else I do is stored on the cloud. It’s web based. It’s something and so to to have that is just, it’s a life changer.

Nick Wilkening 11:51
Absolutely. And you make a great point about that from the usability, right? If you had to use the old SharePoint, you had to log in and make sure you had MFA set up and everything was pushed. For the most part, if you log into the apps portal, you should be able to get the IVC SharePoint now without with with what you know, that single sign on solution you log in once you authenticate with your Microsoft authenticator, multi factor authentication, and you’re into all of the different applications as well as that SharePoint is what’s considered SAS based. So Software as a Service is what SAS stands for, and that is that means that all of the infrastructure behind it is managed by Microsoft. So if it is much more secure, highly available, so you’re going to get better uptime. And if you, if you’re critically working on something, and you’re at a conference, or you’re at home, or you’re working in another college, you should be able to get into it much more successfully than in years past, and we’re particularly excited about that availability.

Tim Van Norman 12:54
Absolutely and so now that you brought it up, let’s talk a little bit about security. So you you just mentioned SSO and MFA. Let’s start with we’re hearing a lot of those things. I’m seeing it from my bank. I’m seeing it from every time I get a new account. Hey, do you want to sign with Google or Facebook or something like that? I’m seeing this all over the place. What’s the difference between SSO, MFA, what are they? Etc,

Nick Wilkening 13:23
Great question. So in information security, there is a thing that’s called identity access and management. So basically, everything centers around ensuring that the person asking to come into the system is someone with whom we trust. That’s that’s the simplest way of breaking down identity and access management. So what that means is single sign on is one part of identity. Basically, whenever you log into a website or an application, you are using a username and password for the most part, and that in, in and of itself, is very difficult, because passwords are easy to crack. They’re hard to remember. And there, there’s a lot of them. If you look at the number of applications you log into, whether it’s your bank, your school, your social media, anything and everything is managed on your phone through a username and password. What SSO does is it greatly reduces the number of username and passwords that you have to remember and use. It’s a single sign on. So if those of you that have social media are familiar with, let’s say Whatsapp and Facebook and whatever else, I think threads is also one that they use as their part of their their ecosystem under meta, if you use one username and password to access all three of those applications, that’s considered single sign on and what you’re noticing more and more if you’re going to different applications. Applications that allow for SSO integrations is you’ll be prompted to use maybe your Google username and password or your apple username and password to authenticate into that application without creating an account. Makes it really nice for both the individual as well as probably the business, because they get more information about us. So that’s single sign on multi factor authentication is a protection on top of your username and password, which basically comes down to three things, multi factors. Each person has three different factors, something they know, something they have, and something they are. And what that means is something you know would be something like a password, something you have would be like a token or like a smart card. Sometimes people have smart cards, and then something you are is something you’re biometrically able to use to authenticate into so your eyeballs. People use their eyes, people use their facial recognition. That’s all biometrics. So multi factor authentication states, if you have two of three, your security goes up in a big way. So what that means is, when you use your username and password, that’s something you know, and then when you get a text or some sort of push on an on an application that’s something you have, because you can only do that through, let’s say, your phone or your desktop. So those two factors, in addition to logging in with your single sign on, greatly increase your security posture and remove the ability for bad actors to come into your account on your behalf, without your knowledge. So if you’re used to logging in going back to the original social media, when you log into Facebook, you use your username and password that gets you in through single sign on, and then when you get a text that says, Enter this six digit pin that is multi factor authentication, which you enter into Facebook, that gets you into social media, and it makes sure that somebody can’t log in with your account and do bad things on your behalf through Facebook. So it is a little confusing, but it’s definitely something that it has been around. It’s been tested and validated for many years, and it will greatly improve your online presence and security.

Brent Warner 17:30
And so just to kind of clarify that for at our school, right, we have it pretty straightforward. We have a portal on our school homepage so you can click on that to get into our main services. So that’s our Single Sign On right. We we click on the portal that gives us access to Canvas or to our email or whatever else it is, and then. But if I’m doing that from home, it will say, hey, check out. Prove to me who you are, because when I’m on school, it knows that it’s me, I’m assuming, because it’s the IP address or something like that. But when I’m at home, it’s like, Hey, who are you make show me that you are, who you are. So then it sends, I have the Microsoft authenticator option, and so it’s sending me a code into that app that I then confirm. And so so we’re using both of those factors at the same time, just depending on what setup you’re using, if you’re on campus or at home or whatever else it is.

Nick Wilkening 18:26
Absolutely and, yeah, you hit the nail on the head. All of it is correct. We know the IP space of the campus local area network, so we don’t request a multi factor authentication for those folks on campus. But if you’re away, yeah, you’ll get an MFA text or prompt through Microsoft authenticator, and yeah, your username and password through the apps portal is how you Single Sign On into our different applications, and that’s different for students. So your apps portal will show, if you’re a student, Canvas and outlook and Adobe for staff. You’ll see in your apps portal work day, you’ll see Jagger, if auntie, all the different systems that we use to manage kind of work and business processes internally. So even down to the security of the apps themselves, we try to have control over and make sure we’re not giving people stuff that they shouldn’t have access to, and make sure those that do have access have the right access at the right time. So it’s kind of this delicate balancing act.

Tim Van Norman 19:26
Well, this all sounds great, and I love talking about this SSO, MFA and stuff like that. But as we’re looking at it, I’ve noticed, I’ve realized as well, that when I use my Microsoft authenticator, it actually uses all three. So in order for me to get into Microsoft authenticator, I have to have my fingerprint. And I was talking to somebody earlier today, and it has their face print in order to, in order to do that, so that now requires all three to do that. So it’s it actually elevates it even more, because my daughter could could hit yes on a phone or type in a number, but she’s not going to have my fingerprint. So it’s a really nice additional level.

Nick Wilkening 20:14
It, you know, I will say the advent of the smartphone, and the ease with which you can get into your smartphone, like, think of it like this too. In order to even get into my iPhone, I have to authenticate with a pin that allows me to actually get into my iPhone to verify my authenticator prompt, which does use my facial recognition to authenticate my approval of that. So the security, you know, it’s, it’s kind of this constant race. Security gets better. Bad actors get better. Security gets better, bad actors get better. So it feels like we’re, you know, in a good space to be able to handle some of the more, you know, straightforward, simple attacks with what we have. And we’re building in better defenses every day. I want to use one analogy super quick that I try to highlight to anybody whenever we talk about information security, whenever you get into a car, you put on your seat belt, you when you when you purchase a new car, you try to get the latest safety measures. You try to make sure you do everything you can to follow the speed limit, drive defensively, be smart in your car when you’re driving on the freeway. It’s the same approach. When we look at information security, we try to do a number of different things that we can do to defend and protect our car, our information security posture. Odds are eventually you’re going to get in a car wreck at least once in your life, right? Hopefully it’s nothing, nothing super bad, and hopefully it never happens. But the odds are there, we kind of take that approach in information security. The odds are we eventually will get attacked. Someone will get through, someone will be successful. But our goal is to build a resilient network where we can contain down that down to the smallest level possible, or hopefully make it so difficult that a bad actor looks and says, that’s too difficult. I’m moving on to the next thing. So that’s really why we ask for MFA or strong complex passwords, things like password managers, all these things that might be an inconvenience or a frustration, which we totally get. They help us put our seat belt on before we get on the 405, that’s really what we’re trying to get to when we look at this.

Tim Van Norman 22:26
And that also leads to the other part of least access, least level of access. So there’s things that I don’t have access to and I don’t need access to it. I might be an administrator on some things, I don’t even need access to certain other things. And it something that the literally, the person beside me has has administrator access to. And that’s really I find important to understand that in this world, we don’t you as much as it might be nice to know everything you shouldn’t know everything.

Nick Wilkening 23:03
Least privilege is the best and worst thing ever, right? I don’t need enough, but, oh man, I need more, especially as we get asked to do more and more, and you feel like you could be faster and more efficient with it. But we also want to make sure we’re giving the the requisite need to know for anybody that has those requests, absolutely good point.

Tim Van Norman 23:21
Well, and should my account get hacked, it automatically limits how much anybody can get in get into. So absolutely, it’s really useful.

Nick Wilkening 23:30
Good point.

Brent Warner 23:31
I love it. We are going to run out of time. So Nick, we’re going to, we’re, we’re going to turn this into a, maybe a two parter, or have you, have you back very shortly, because we had so much else that we wanted to talk about and get into in depth with. And it’s just like, oh, just starting level. We want to talk about this stuff. So I think we’re going to, we’ll call it a pause, I guess, here and and we’ll see as soon as we can, to get the revisit for part two. But just for now, we’ll say thank you so much for for coming on and sharing all this. Because I think it’s really useful for people to really understand, you know, how much is going on that we don’t always understand what’s happening on each steps or, like, Why do I have to do this type of thing every time? So really appreciate you sharing that.

Nick Wilkening 24:16
Thanks for having me. I love the ability to get in here and talk talk shop. It’s an awesome opportunity. So thank you for having me. Thank you.

Tim Van Norman 24:26
Thank you for listening today. For more information about this show, please visit our website, at TheHigherEdTechPodcast.com

Brent Warner 24:32
As always, we do want your feedback, so please go to TheHigherEdTechPodcast.com and let us know your thoughts.

Tim Van Norman 24:38
For everyone at IVC that’s listening. If you need help with technology questions, please contact IVC technical support. If you have questions about technology in your classroom, please stop by a 322 or contact me. Tim Van Norman AT tvannorman@ivc.edu

Brent Warner 24:53
and if you want to reach out to me about the show, you can find me on LinkedIn at @BrentGWarner.

Tim Van Norman 24:58
I’m Tim VanNorman

Brent Warner 24:59
And I’m Brent Warner, and we hope this episode has helped you on the road from possibility to actuality. Stay safe everybody.