Updates from
the Office of the Associate Vice President for IT and CIO

May 2018

Drupal vulnerabilities patched by quick actions from IT Services staff: Members from across IT Services quickly came together to effectively manage two crucial remote code execution vulnerabilities in the Drupal content management system. Drupal is used to manage content on numerous University websites, including those for UChicago News, UChicago Arts, and the College. Remote code execution gives a cyber attacker the ability to access, take control, and make changes to a website. These vulnerabilities disrupted servers in the University of Chicago’s infrastructure and impacted higher education and other industries beyond the University. Campus partners were notified on the necessary risk remediation steps, helping other UChicago Drupal developers patch their websites to protect the University from future exploitation. Altogether, more than 600 Drupal websites were patched.


Voice communications enhancements offer lifesaving accessibility: Currently, the University of Chicago maintains multiple circuits through AT&T for the purpose of routing telephone calls to and from the University and The University of Chicago Medicine and the public telephone network. Even with the University’s existing efforts to invest resources into this service, the University and the medical center endured five disruptions since July 2016, with the latest impacting voice services on May 1-2, 2018. To further diminish these risks, a two carrier strategy has been engineered to significantly reduce the impact of future disruptions made from using only one carrier. This new method will allow critical phone numbers used by the University and the medical center to be reachable from off-campus. Testing is being conducted to use two 10-digit phone numbers from separate service providers to reach the University’s critical five-digit (on campus) numbers.


Tableau allows users to visualize and conceptualize data clearly: The Analytics and Business Intelligence Solutions (ABIS) team completed the initial implementation of Tableau, a powerful tool to conceptualize data. Several administrative areas have ramped up to use this new service, including the Office of Investments, Division of the Humanities, the Office of the Provost, IT Services, and Human Resources. ABIS provides traditional reporting and analytics services for finance, payroll, student, research, advancement, and other data through the Data Warehouse. The Tableau service is unique as it enables developers and data analysts across the University to use their own local and unique data sources to build, publish, and administer custom dashboards in a highly visual and story-driven way. Tableau will continue to be ramped up as a new University service platform.


Cobb Hall upgrades AV in 28 classrooms this summer: Cobb Lecture Hall is one of the most used classroom buildings on campus. With the continued growth of the College, plus the anticipated growth of the summer programs in 2019, Cobb Lecture Hall will have its audiovisual technology (AV) upgraded, including to add wireless sharing to display capabilities in 28 classrooms this summer. Many of the rooms do not have displays adequate for the room size, and the old equipment requires significant space in the classroom. By bundling the bulk of the classrooms in one project, IT Services is able to save $250,000 and upgrade eight-year-old technology to comply with the new classroom AV standards. This is part of a multi-faceted project to upgrade Cobb Lecture Hall as a whole, including networking upgrades and other interior and exterior work.


Small image of the AVP report

Download the PDF:
Updates from the Associate Vice President for IT and CIO – May 2018