Projects in Flight

This page includes descriptions of the projects that are in flight and how they align to support each of our five Berkeley IT Strategy focus areas. 

Enhance Institutional Resilience

  • Active Directory Delegation Re-architecture - Strengthening campus information security, this initiative reconfigures delegated organizational unit (OU) structures and establishes a centralized Privileged Access Management (PAM) structure. The project focuses on remediating excessive permissions and aligning deprovisioning timelines with University policy to resolve open audit items.
  • Attack Surface Management - Automate asset inventory and ensure compliance with Bigfix and EDR installation requirements, this project evaluates a new technical solution. By testing data integration and specific use cases, the initiative aims to reduce manual tracking efforts and determine if the demonstrated product should be selected for full implementation.
  • Secure Computers Initiative Project - Utilizing a $1 million budget to mitigate cybersecurity risks, this one-time initiative replaces aging, non-compliant devices across campus with Berkeley-managed desktops. The project employs tailored distribution strategies for the general campus and Letters & Science (L&S) to ensure compliance with university security standards.
  • Cirrus Social Logins - Secure, flexible authentication for non-affiliated users is the primary goal of this project, enabling groups such as alumni to log into university systems using existing social identity providers like Google and LinkedIn. This initiative focuses on reducing operational overhead and improving the user experience while enhancing institutional security by limiting the creation of non-essential CalNet credentials.
  • Duo Desktop Enforcement Pilot Project - Establishing a technical mechanism to enforce campus cybersecurity policies, this pilot ensures that workstations meet mandatory security requirements like EDR software installation and device encryption. The project involves technical testing and a phased rollout to identify the most effective deployment strategy for broader campus implementation.
  • Enterprise Systems Archiving & Purging - Bringing student and financial systems into compliance with University security standards, this project identifies and removes non-required protected data to meet retention policies. This initiative will implement automated archiving processes to improve system performance, reduce operational costs, and ensure the secure storage of historical information.
  • Fire/Security Alarms Upgrade Phase 1 - Modernizing the campus Security Information System (SIS) through server virtualization and hardware overhauls, this project implements redundancy to align with UC security policies. The initiative aims to enhance the oversight of fire, intrusion, and environmental alarms by enabling secure remote administration and 24x7 system management.
  • Grace Periods - By establishing standardized account deprovisioning timelines, this project strengthens campus security and updates business processes to ensure employee access is revoked in a timely manner. The initiative involves modernizing technical system settings and communication workflows to ensure account access accurately aligns with employment end dates.
  • Storage for Researchers - A new FY26–27 pilot program is being established to provide research faculty with a base allocation of 5 TB of storage across five diverse service tiers. Designed to meet growing productivity and compliance needs, this project will implement a centralized ServiceNow request workflow and immutable backup features to inform a sustainable long-term funding model by 2027.

Align Resources

  • PeopleCards Portal Project - Decommissioning the existing regional portal is the primary objective of this migration, which moves HR functionality and data to the ServiceNow HR Service Hub and Employee Service Center (ESC) Pro instance. This effort aims to centralize employee services, secure sensitive data by removing it from the legacy portal, and streamline HR processes into a single, scalable platform.
  • Program Management Practice - A standardized framework for managing IT programs is being established through this project, defining roles, processes, and competencies to improve efficiency and reduce project delays. This initiative will deliver new templates, Smartsheet integrations, and training programs to ensure consistent and effective program execution across the organization.
  • Wi-Fi Keys V2 - Decoupling the existing Wi-Fi Keys service from the regional portal, this project creates a standalone, resilient web app for managing eduroam accounts and Berkeley-IoT devices. This initiative will enhance system performance under heavy load, introduce AirGroups support, and reduce the time required for future service updates.

Build Community

  • Network Access Simplification (Program) - Streamlining campus network connectivity, this program modernizes user onboarding and device registration through an "Anywhere/Any Way" access model. The effort focuses on implementing infrastructure upgrades and simplifying the end-user experience for connecting to wired, wireless, and remote network services.
  • Wi-Fi-Certificate-Based-Authentication - To simplify the campus eduroam onboarding experience, this project replaces manual password entry with vendor-specific certificate profiles, thereby enhancing security and reducing support tickets. This initiative will integrate the SecureW2 service to automate device configuration and retire the 2.4GHz spectrum on wireless networks to minimize interference.

Enable Data Intensive Innovation

  • BearGPT - Leveraging a partnership with UCSD to provide a secure, private AI platform for UC Berkeley staff, this project specifically targets administrative efficiencies in creating job descriptions and navigating university policies. The effort aims to evaluate the effectiveness of General AI and "JD Helper" tools to inform a potential wider campus implementation.
  • CCMS Implementation - Replacing the university's legacy curriculum and catalog management systems is the primary goal of this project, which involves configuring and deploying the Coursedog platform. This program aims to seamlessly integrate the new software with the Student Information System (SIS) to modernize academic data management.
  • Data Center: Offsite Colocation - Expanding the university's data center infrastructure, this project establishes a high-performance, low-latency computing facility at NASA’s Moffett Field. The program involves a multi-year process of design, procurement, and installation to deliver a fully operational remote data center environment.
  • AI Sandbox Pilot - A secure, P3-compliant AI platform, is the focus of this two-year pilot designed to support high-value academic and administrative use cases across the UC Berkeley campus. This project leverages distinct workgroups to manage technical delivery, user experience, risk mitigation, and financial sustainability to ensure a scalable and cost-effective campus-wide AI service.

Strengthen IT Service Management (ITSM) Foundations

  • CMDB Development - Maturing the university's IT Service Management practices, this project establishes a Configuration Management Database (CMDB) that accurately links incidents, changes, and requests to specific infrastructure assets. The initiative focuses on deploying an out-of-the-box ServiceNow solution with automated data loading to ensure high data integrity and minimize maintenance overhead, and contributing to future AI enablement.
  • ITSM Practice Foundations - Incident, Request, Change, and Knowledge Management are the specific practices being standardized to improve service delivery and customer experience across Berkeley IT. This initiative focuses on defining clear roles, documenting processes, delivering foundational training, and establishing a unified public service catalog.
  • Service Ownership and Catalog Foundations - Defining clear service ownership roles and delivering role-based training, this project aims to standardize IT service management and establish a comprehensive public service catalog. It focuses on resolving inconsistencies in service delivery through the implementation of standard workflows, templates, and Service Improvement Plans (SIPs).