“The work of Berkeley IT technical and administrative teams shines through in their services and support to the greater campus community. This page highlights a sampling of our achievements in FY24 and exemplifies how we live Berkeley’s principles of community through what we can accomplish together.”
— Tracy Shinn, Associate Vice Chancellor for Information Technology & Chief Information Officer
Expanded Digital Accessibility
The Digital Accessibility Program (DAP) fosters inclusivity, ensures legal compliance, and enhances the digital experience for the campus community by pursuing work to meet WCAG Standards and accessibility policies; ensuring adherence to the Department of Justice (DOJ) consent decree obligations for publically available audio, video, and websites on the berkeley.edu domain and its subdomains plus BerkeleyX MOOCs; developing reporting; conducting training; and meeting auditor recommendations. The DAP team, part of Berkeley IT’s Campus IT Experience unit, works with campus stakeholders providing workshops, training, resources, and open office hours to help meet DOJ deadlines.
Summary of accomplishments
- Audio: 49 Channels with over 2,800 episodes.
- Video: 337 channels with over 43,000 videos.
- Websites: berkeley.edu + 1,466 subdomains.
- DAP has completed 81 website audits (manual and automated testing) across 33 divisions + UC Irvine, who manages aprecruit.berkeley.edu, and provided the functional owners of the websites with actionable reports.
- Berkeley X MOOCs on 2U/edX: DAP audited/QA’d and provided remediation support for 38 MOOCS in FY24 before their launch.
- FY24 External Audit: DAP is providing remediation analysis, guidance, and verification for the FY24 external audit which includes 99 YouTube videos, 12 Vimeo videos, and 41 Podcast episodes.
- Annual mandatory training for covered Individuals for FY24/YR2: 78.44% completion rate out of 21,694 assigned individuals. FY25/YR3: Will be assigned in UC Learning System starting March 2025. On-demand training and resources are also available to the community.
- Consent Decree Milestones: all seven major milestones prescribed by the Consent Decree have been successfully completed through FY24.
Key Collaborator in Gender Recognition & Lived Name Program
Ensured the ability to indicate one’s lived name and select from appropriately representative gender options — woman, man, and nonbinary — on university-issued documents and information systems, and created an efficient process for current employees and UC affiliates to retroactively amend their gender designations and lived names on university-issued documents, including eligible academic documents and in information systems.
Our Information Security team was a primary collaborator in rolling out the Gender Recognition and Lived Name (GRLN) Program, which provides new options for all faculty, staff, and students. Since the launch of this program, lived name and pronouns flow into the campus directory from several source systems. This allows employees (including student employees) the ability to select how their lived name, pronouns and other demographic info should be shared. Demographic visibility includes displaying this info to viewers based on these options: Logged In, Public, or Not Visible. This rollout also included the replacement of our CalNet Directory Update web service with a new tool that better supports usability, privacy, and inclusion.
In launching the GRLN program, our team successfully implemented comprehensive updates to a complex network of more than 200 systems and processes impacted by the UC GRLN policy, ensuring inclusivity and compliance with regulatory requirements. Beyond the task of policy alignment and enforcement, the team raised awareness about the importance of lived names, preferred names, and gender diversity. This initiative showcases Berkeley’s dedication to fostering an inclusive and equitable campus environment through innovative and efficient practices. In April 2024, the GRLN project team was selected as a recipient of the Chancellor’s Oustanding Staff Award (COSA). The COSAs are presented to staff and teams who demonstrate excellence in performing their job duties and significantly contribute to the UC Berkeley campus community. These awards are among the highest honors bestowed upon staff by the Chancellor. Visit the GRLN project website for more information.
One IT Student Leadership Program
Funded by a two-year Encore Grant from the Student Technology Fund, the One IT Student Leadership Program provided support for student employment programming across Berkeley’s IT community. Main support areas included: outreach and recruitment to prospective applicants; hiring support, management guidance, training, and community building for supervisors; and engagement facilitation for current student staff.
Selected accomplishments from FY24
-
Launched the Berkeley Supervisors of Student Employees Community. Several Berkeley IT supervisors of students are actively participating.
-
Hosted three Bakar Achieve Scholars as summer interns in Berkeley IT.
-
Presented a student staff experience panel at the April One IT Forum, and held a One IT Info Bytes session featuring student teams from Berkeley IT Campus Applications & Data (check out the recording and slide deck).
-
Organized community events to facilitate student staff engagement - including welcome back coffee chats and appreciation dinner - that Berkeley IT student employees attended; a Student Staff Experience Survey; focus groups with student staff, leads, and supervisors; and the Step Into Tech: One IT Student Opportunities Fair, where IT departments answered questions about available student job opportunities.
-
Hosted five One IT student leadership community of practice sessions in which supervisors of students from Berkeley IT participated (check out the meeting notes).
Berkeley IT Culture Champions
This program advances Berkeley IT's Diversity, Equity, Inclusion, and Belonging (DEIB+) efforts by creating a team to foster a welcoming, diverse community. Participants develop DEIB+ curricula and training tailored to their unit, implementing techniques to enhance inclusion and community. Meet this year’s Culture Champions
Successful Open Berkeley Partnership with Arts & Humanities
After working on Do-It-Yourself (DIY), custom-built websites, the Arts & Humanities division of the College of Letters & Science chose to partner with Open Berkeley in order to adopt a cost-effective and sustainable model for their websites while also investing in campus solutions. They have moved 14 DIY sites to Open Berkeley so far, and are in-progress on five more.
“Arts & Humanities has 19 departments and 14 research centers, and as a traditionally underfunded division, we were facing dozens of aging custom websites that were a security risk and failing accessibility standards. The challenge was finding something sustainable, accessible, secure, cost-effective, and something that reduced staff burden.” — Sarah Fullerton, Director of Communications
They chose Open Berkeley because it is:
-
incredibly easy to use;
-
able to accommodate several customization options;
-
supported by a campus unit, has technical support and drop-in hours, and runs a training program;
-
helpful in creating accessible content;
-
affordable;
-
user-friendly for all (it does not require a web developer).
Hosted UC Tech Conference with Record-Breaking Attendance
In FY23, we focused on planning the annual UC Tech Conference, a premier event uniting technologists from all University of California campuses. FY24 marked the successful execution of this large-scale event, with Berkeley IT's project management and communications teams working diligently through October to finalize details and transition responsibilities to the UC Davis team for 2024. UC Berkeley proudly hosted over 1,000 participants, setting a new record with 570 attending in person and 336 joining virtually. The event also featured 89 sponsor booth attendants and the incredible support of over 120 volunteers!
Highlights
A summary of just a few of the highlights from the conference:
-
An abundance of well-attended accessibility sessions.
-
Over 20 Birds of Feather connections made on a wide range of tech topics.
-
A welcome from Chancellor Christ, watch her video
-
An inspiring keynote with John O’Brien from EDUCAUSE.
-
Lots of lucky raffle winners of amazing sponsor prizes, see who won
-
A festive and celebratory UC Tech Awards at the Berkeley Marina.
-
The deeply informative and impactful Equity in Health Panel moderated by Dr. Aaron Neinstein, Vice President of Digital Health (UCSF) with panelists Dr. Medell Briggs-Malonson, Chief of Health Equity, Diversity, and Inclusion (UCLA Health); Dr. Crystal Wiley Cené, Chief Administrative Officer for Health Equity, Diversity, and Inclusion (UC San Diego Health); and Dr. Courtney Lyles, Associate Professor of Medicine (UCSF).
Network User Experience Improvements
Network user experience was boosted by increasing capacity, improving security and stability, and providing a way for students to connect home devices. Supported access to information, online learning, collaboration, administrative efficiency, innovation, research, and student engagement by continuing to modernize and improve the stability, usability, capability, and capacity of various network services, including Core and Building networking, Wi-Fi, Campus Firewall, and VPN.
Summary of accomplishments
-
We dramatically expanded and enhanced the capacity of Campus infrastructure to ensure improved resiliency, performance, and reliability for eduroam and other Wi-Fi services.
-
The network backbone was upgraded to introduce capabilities for providing 100Gb/s connectivity end to end throughout campus, enabling data mobility and improved access to computational resources. Infrastructure capable of future support for 400Gb/s was also implemented.
Improved Campus Safety Technologies
Campus IT Infrastructure and other IT groups worked with partners on campus such as Facilities Services and UCPD to improve the systems relied on for community safety and physical security.
Summary of accomplishments
-
Ongoing modernization and enhancement of video and building access physical security systems to improve effectiveness, reliability, and management efficiency.
-
Continual implementation of network and communications infrastructure such as fiber, conduit, and cabling in support of new access and security systems.
-
Improved community safety by mapping and implementing recurring testing and maintenance of Campus Blue Light Emergency Phones.
Completed an RFP to Replace the Course Management System
The 2022 Task Force on the First Year Experience, under the direction of the EVCP, recommended a comprehensive curriculum management system. We gathered requirements and completed an RFP in coordination with campus partners. Coursedog was selected as a vendor in October 2023 and the project launched in November 2023 with an official kickoff with Coursedog in March 2024. The implementation is currently underway with an anticipated Go-Live in the Summer of 2025.
Reduced Google Storage Costs
In late 2019, rumors circulated about changes to Google Workspace services and costs, with no clear information from Google. In Summer 2021, Google announced new pricing and services for educational institutions, leading to a negotiated agreement with Internet2/NET+ benefiting the University of California system. By November 2021, an agreement was signed with Google with storage limit enforcement set for November 2024. Since then, our bConnected team has been working with the campus community to meet these new Google storage limits.
Summary of accomplishments
-
UC Berkeley’s storage footprint went from 12.6 PB in January 2023 to 8.5 PB in July 2024 and dropped to 2.1 PB in November 2024.
Looking ahead
-
The focus is shifting to lifecycle management to prevent future issues.
-
Retain institutional content while removing other unnecessary content.
-
Building support for departments to manage content more effectively.
Onboarded Campus Units to IS-3 Risk Management Program
The Information Security Office, in partnership with the entire campus, completed a 4.5-year program to onboard all central IT, academic, and administrative units into the campus IS-3 cyber risk management program. Berkeley’s Cyber Risk Management Program is a holistic program to help units manage both their cyber risk and compliance with IS-3, UC's systemwide electronic information security policy. This unit onboarding project was focused on awareness for Unit Heads and Unit Information Security Leads (UISLs) of their information security-related roles and responsibilities; awareness of information security risks within the unit; and providing units with concrete, unit-specific, prioritized recommendations on how to address areas of highest risk. Throughout the project, the emphasis has been on providing value to the unit, building relationships, and incremental progress over time.
In the end, we identified 84 academic and administrative units. ISO met with every Unit Head and UISL and worked with them (in cohorts) through a facilitated process of asset inventory and high-level security self-assessment. They completed, and ISO assessed 95 unit self-assessments. Onboarding started in 2020, and the tail of the final cohort is wrapping up now in 2024. In 2025, this project will transition to an ongoing, operational program of regular reviews and updates, continuing to focus on addressing areas of highest risk; measurable, incremental improvement over time; and maintaining relationships. The operational program also includes developing an annual toolkit that focuses on a key risk area relating to IS-3. These toolkits will provide information and actual tools, such as services and templates, to help units make progress in the focus area. Over time, we envision having a robust tool chest of tools and services to help units manage their information security risk. Keep an eye on our Cyber Risk Management Program Service page for updates.
Enriched Berkeley’s Security Posture with Prisma Cloud
The Information Security Office (ISO), along with the Cloud Operations (bCloud) team, launched Prisma Cloud, Palo Alto Networks’ cloud-native security solution, that provides Cloud Security Posture Management (CSPM) and Cloud Workload Protection (CWP) components in November 2023. This service, which was already monitoring all eligible accounts, now sends tickets on security issues.
Prisma Cloud Benefits
-
Works with the bCloud-supported Amazon Web Services (AWS), Microsoft Azure (Azure), and Google Cloud Platform (GCP).
-
Extends intrusion detection and vulnerability scanning/monitoring to the cloud environments.
-
Helps Campus cloud users meet MSSEI requirements 1.2, 1.3, 3.1, 4.1, 4.2, 4.3, 12.1, and 12.2.
-
It improves our cloud security posture and reduces campus risk.
-
Facilitates moving high-risk data into the cloud (P3 and P4 compliance).
Provides cloud account administrators visibility into the security data used by ISO
Berkeley Desktop Improvements
We identified and implemented improvements that streamlined user support while maximizing the adoption and security of Berkeley Desktop by deploying Endpoint Security Detection & Response (EDR) agents. To implement EDR, significant work was completed to enable encryption on MacOS and Windows computers. Implementing EDR software addresses gaps, strengthens our cybersecurity posture, and defends against advanced cyber threats. Learn more about EDR expansion
Improved Institutional Resilience Through IS-12
Berkeley IT worked with campus units to ensure IT resources could be recovered during disasters. This project involved collaboration across departments to prepare for natural and human-made emergencies, improving resilience for institutional information.
Summary of accomplishments
- The IS-12 policy was implemented in all campus departments; 73 total departments with 18 out of scope.
- A total of 364 plans are in UC Ready. Once fully completed, departments can use these plans to recover their systems during a disaster or other campus emergency.
- We identified 74 Unit IT Recovery Leads (UITRLs) who act as liaisons to help us implement the IS-12 policy in their department and work with their team to achieve compliance.
- The Campus Applications & Data team improved and tested business recovery plans.
- The Campus IT Infrastructure (CITI) team continued enhancing their IS-12 plans and conducted testing in CITI services and systems to close gaps identified in prior assessments.
- Information Security Office tested and documented rollover and rollback procedures for disaster recovery operations in Security Operations and CalNet.
Added a Layer of Protection to Alumni Accounts
During FY24, teams completed preparatory work to roll out two-factor authentication to our alumni community in the fall of 2024. CalNet 2-Step Verification helps users ensure that they are the only person who can access their CalNet account, even if someone steals their password. The two steps include first logging in using CalNet credentials, then the second step is reconfirming identity using a verification device. All employees, affiliates, students and alums are required to use 2-Step verification at UC Berkeley, including faculty, staff, visiting scholars, post-docs, volunteers, undergraduates, and graduate students. Only CalNet Guests are exempt from the requirement. Learn more about CalNet 2-Step authentication
Launched Award-Winning Web Application Security Testing Course
In partnership with the School of Information's Master of Information and Cybersecurity Program, our Web Application Security Testing Course was selected as an exemplar for the 2024 EDUCAUSE Horizon Report | Teaching and Learning Edition, was a finalist for the 2023 Gartner Eye on Innovation Award for Education and received the 2023 California College Personnel Association Outstanding Use of Technology.
The Web Application Security Testing program is a collaboration between ISO and the School of Information that provides graduate students exposure to app security testing focusing on both the technical and business processes. It allows us to provide testing for approximately nine critical apps per year, at a cost of a little over $7,000 (which is considerably cheaper than the average range of costs reported by NetworkAssured). We worked with:
-
Legal and Policy teams, to create a Student Code of Conduct.
-
IT service teams, to create a virtual machine environment where students test from.
-
Portswigger, a vendor that provided free software licenses for its web attack proxy tool, Burp Suite Professional. This partnership allowed the program to save nearly $7,000 in annual costs.
Over the course of four semesters, students have tested twelve applications built on various application stacks (e.g. PHP, Java, etc.). Students discovered 123 flaws demonstrating the effectiveness of the instruction. The Web Application Security Testing Program at Berkeley continues to thrive and has plans to extend testing services to other University of California campuses.