16 Jan 20 Update for Midwinter Conference 2020

It’s been about 6 months since our last update on what the IT department at ALA has been working toward. We’d like to give you an over-the-shoulder look at what has happened since then including new metrics, accomplishments, and our plans for the year ahead. Below you will find: The IT department’s project portfolio for 2020. These are the projects we have identified, scheduled, and prioritized with input from various stakeholders. The IT Scorecard for the month of December 2019. These are new metrics we will be tracking on a periodic basis. We will use these metrics to identify pain points and align resources for them. We expect these metrics to evolve as we find uses for them. Detailed updates for our major projects each with goals, accomplishments, and their future plans. But before we jump into the larger project updates – here are some of the smaller accomplishments we’d like to highlight: Deployed laptops to all ALA staff to increase staff mobility Changed department name from ITTS to IT Deployed MS Teams across organization Started a pilot study to see how Airtable can help with task and project management Upgraded TrackIt to the latest version. This is the software we use to create and manage support tickets Updated the ALA.org site navigation Started designs to provide auto-renewal functions for ALA members Deployed KnowBe4 to educate and train staff how to avoid email phishing attacks

ALA Office Move
Goals:	The IT department’s goals in moving to the new ALA office space are to refresh our entire technology infrastructure with a focus on disaster recovery and security considerations, move data off site to a colocation, enable cloud based services for data center functions, and to implement a new telephone solution using scalable software phones in the new office
2019 Accomplishments:	Designed, specified and priced new infrastructure hardware and software Submitted over a dozen requests for quotes and received responses to them Identified and signed contract for provider of VOIP telephone systems Defined audio and video requirements for webinar and conference rooms Defined requirements for consistent conference room scheduling
Future Plans:	Define and regularly collect metrics for infrastructure performance Complete the implementations for: Co-location (off site) data center New location infrastructure VOIP phone systems Audio and Video solutions across the office space Complete Data Center as a Service designs Improve remote accessibility for offsite staff
eStore/eLearning eCommerce
Goals:	The current goal of the eStore/eLearning project is to add all ALA eLearning offerings to the store, making it is easy for members and other potential registrants to find and purchase/register for any ALA eLearning event in one place. We are enhancing the service integration options, and saving this activity to the customer’s profile in iMIS. We are targeting a deployment for early 2020.
2019 Accomplishments:	Deployed version 1.8 Commenced functional testing for 1.9 which includes these features Adding Calendar Listing Views Adding Group rates and discounts functionality Adjustments to pricing for non-time frame production vs timeframe products Enhancements to subject line functionality for custom emails Enhancements to shopping cart functionality The ability to allow bundle products to be purchased on the store
Future Plans:	Complete user acceptance testing Complete demos with business stakeholders Incorporate feedback to the demos provided by stakeholders Deploy 1.9 to production
Membership Dues and Donations eCommerce
Goals:	The goal for the Membership Dues and Donations project is to improve the membership and customer experience for processing dues and donations. This system is going into its third year of service.
2019 Accomplishments:	Deployed Beta 3.5 to Production which includes these features Database Archiving New functionality for members to view their receipts Deployed Beta 4 to Production which includes these fixes Member receipts discrepancies Last name field duplication
Future Plans:	Finalize testing and deploy beta 5.5 to production which includes these features and fixes: Donations which were missing their state field  Updating iMIS to receive PayPal payments
iMIS Membership System Upgrade
Goals:	The goal of the iMIS membership system upgrade is to move to the current version, allowing us to use a web interface to track our member and customer information. The upgrade includes data dashboards showing trend data that can be used to improve member engagement.
2019 Accomplishments:	Configured and deployed the latest version of our Shibboleth Single Sign-on technology component to our development environment Commenced testing of the latest version of Shibboleth
Future Plans:	Complete testing of iMIS  Perform the upgrade in FY2020
Salesforce Advocacy and Development Project
Goals:	Public Policy and Advocacy Track cultivation of advocates across the organization  Look up ALA members and advocates by zip code & Congressional District Annotate records with “soft touch” data, including points of contact and areas of interest Track interactions and points of contact between Advocacy/Public Policy staff, members of Congress, elected officials, and Federal agencies Surface relationships between advocates and current and past members of Congress and other elected officials Track and report on advocate actions based on zip code / Congressional District Development office (Fundraising) Track cultivation of donors across the organization Annotate records and track “soft touch” data, including points of contact, areas of interest, and likeliness of donations Enhance reporting capabilities Use data to generate leads from the prospect pool and from the advocate population IT Implement an integrated system that is scalable to all departments at ALA Create new business intelligence information Explore Salesforces data analytics module “Einstein” capabilities for future uses
2019 Accomplishments:	Conversion of current membership records and 14 years of donations from iMIS Two-way integration between iMIS and Salesforce of ALA membership information for current members CQ Engage integration with Salesforce which provides legistrative tracking Advocacy office has started using Salesforce with strong adoption Integration from iMIS to Salesforce for new fundraising Donations Development data is live in Salesforce Integration has processed over 142,000 Creates/updates between iMIS and Salesforce since go live in September 2019
Future Plans:	Prepare Soft Credit issues in iMIS The Office of Development to take over the creation and updating of reports and dashboards in Salesforce to improve adoption within the unit
ALA Connect
Goals:	The goal of the ALA Connect project is provide the ability to do committee work, community work, networking, member engagement, non-member engagement, and marketing of products and services to our members and non-members.
2019 Accomplishments:	Polished and unified the FAQ / Help Page Standardized the navigation menu across all sites Complied a feedback and issue log Fixed all of the Contact Us forms so the right people receive the messages Launched the Workspace module Completed designs for the site redesign and gained signoff from internal stakeholders
Future Plans:	Launch the major site redesign Publish a revised and approved Code of Conduct Prioritize and address issues from feedback and issue log Add a preferred pronouns field to member’s demographics Create alerts for membership renewals Review and update microsite logos where needed
Digital Asset Inventory
Goals:	The goal of the Digital Asset Inventory is to identify the digial assets of the association, providing information needed to inform ALA’s content strategy.
2019 Accomplishments:	Digital Property Footprint goal of being decreased by 30% has been met Web Management group engaged to create and enforce digital protocols Archiving protocols to decommission sites have been established
Future Plans:	Establish accessibility standards across digital properties Collaborate with department partners to create a universal Digital and Content Strategies Create standards that enforce consistency when creating new digital properties Establish evolving usability best practices and standards for digital products
PCI Compliance
Goals:	PCI Compliance is a set of security controls that businesses are required to implement to protect credit card data and comply with the Payment Card Industry Data Security Standard (PCI DSS).
2019 Accomplishments:	Provided security training for email phishing to ALA Staff Achieved 98.1% success in staff phishing tests
Future Plans:	Enhance our security position by adopting a co-location Reengineer technology infrastructure with security as a central consideration as we move into the new office Implement and maintain a set of policies and procedures to operationalize PCI Compliance
IT Staffing Changes
	New User Experience Manager, Nick Aleck

13 Jun 19 IT Update for Annual Conference 2019

eStore/eLearning eCommerce

The current goal of the eStore/eLearning project is to add all ALA eLearning offerings to the store, making it is easy for members and other potential registrants to find and purchase/register for any ALA eLearning event in one place. We are enhancing the service integration options, and saving this activity to the customer’s profile in iMIS. Promet currently estimates a feature complete date to be July 10, 2019.

Accomplishments for 2019 include:

• We are finishing testing for the 1.8 release to be deployed after Annual Conference.

Some of the enhancements/updates that will be a part of Release 1.8:

• Improve shipping calculations with discounts
• Enhancements to kits
• Security Updates
• Update design issues
• Create individualized email notifications for products
• Hide attendee lists from users for free events

Our plan going forward is to:

• Complete functional testing, User Acceptance Testing and deploy the final major releases (1.9 & 1.9.2)

Membership Dues and Donations eCommerce

The goal for the Membership Dues and Donations project is to improve the membership and customer experience for processing dues and donations. This system has been live for over two years.

Accomplishments for 2019 include:

• Deployed Drupal security release v7.62
• Deployed v3.00 Beta 2 release, correcting the 1st and 2nd year membership charges

Our plan going forward is to:

• Test and deploy new releases to fix known issues and security updates
• Develop new features to improve the member and customer experience as required

Salesforce Advocacy and Development Project

The goal of the Salesforce project is to provide a tool that will increase the capabilities for Advocacy and Development.

Detailed Goals:

Public Policy and Advocacy

• Track cultivation of new and existing advocates across the organization
• Look up ALA members and advocates by zip code / Congressional District
• Annotate records with “soft touch” data, including points of contact and areas of interest
• Track interactions and information about current and past members of Congress and other elected officials
• Track interactions and points of contact between Advocacy/Public Policy staff and members of Congress, elected officials, and Federal agencies
• Surface relationships between advocates and current and past members of Congress and other elected officials
• Track and report on advocate actions based on zip code / Congressional District

Development office (Fundraising)

• Track cultivation of new and existing donors across the organization
• Annotate records and track “soft touch” data, including points of contact, areas of interest, and likeliness of donations
• Enhance reporting capabilities
• Use data to generate leads from the prospect pool and from the advocate population

ITTS –

• Implement a well-integrated system that is scalable to other departments at ALA if applicable
• Create new business intelligence information
• Explore Salesforces data analytics module “Einstein” capabilities for future uses

Accomplishments for FY 2019 include:

• Three Demo’s with stakeholders with improved ALA modifications each time
• Data mapping between iMIS membership database and Salesforce completed and Test data imported into Salesforce for UAT (User Acceptance Testing)
• User Acceptance Testing is underway
• Integration between iMIS and Salesforce programing using Dell Boomi (Integration system) has been started

Our plan going forward is to:

• Finish Salesforce/iMIS integration with Dell Boomi
• Complete User Acceptance Testing
• End user Training
• Conversion and go live

In next FY (2020)

• Convert Development Soft-Credits
• Identify and implement any additional Advocacy and Development needs
• Identify any additional ALA standalone underserved system to add to Salesforce

ALA Connect

The goal of the ALA Connect project is provide the ability to do committee work, community work, networking, member engagement, non-member engagement, and marketing of products and services to our members and non-members.

Accomplishments for 2019 include:

• Launch of the Connect Administration Bi-Weekly meeting
• Consolidation of multiple FAQ pages into a single page
• Creation of User Guidelines – to be published after review
• Pilot deployment of Workspace to ALA Task Force to explore Online Deliberation and Voting
• Launch of pilot study for Mentoring @ ALA
• Working with the Office of Member Relations and community admins to improve site navigation. Initial designs are being refined before presenting to management
• Working with eConverse Media to redesign site layouts. Initial designs are being refined before presenting to management
• Creation of new training materials

Currently, we are:

• Working with Member Relations and community admins improve site navigation / menus
• Working with Higher Logic to refine the Workspace Module before adding it to service offerings
• Working with eConverse Media to improve site layout and improve user experience

Our plan going forward is to:

• Implement Workspace for collaboration on documents with versioning and balloting module
• Refine menu navigation with Member Relations and site admins
• Work with eConverse medio, ALA management, and site admins to improve site design
• Implement Volunteer Manager Module

PCI Compliance

PCI Compliance is a set of security controls that businesses are required to implement to protect credit card data and comply with the Payment Card Industry Data Security Standard (PCI DSS).

Accomplishments for 2019 include:

• Completed a vulnerability scan which provided for a PCI Compliance baseline (October 2018)
• Resolved priority vulnerabilities found in the October scan
• Completed an additional vulnerability scan to create a new baseline (May 2019)
• Provided security training for email phishing to all ALA Staff

Currently, we are working on:

• Creating remediation plans for open issues
• Resolving vulnerabilities
• Completion and verification of security training for email phishing for all ALA Staff

Our plan going forward is:

• Educating our users and stakeholders about PCI compliance by developing relevant staff training materials
• Working to improve our compliance posture
• Implementing and maintaining a set of policies and procedures to operationalize PCI Compliance

iMIS Membership System Upgrade

The goal of the iMIS membership system upgrade is to move to the current version, allowing us to use a web interface to track our member and customer information. The upgrade includes data dashboards showing trend data that can be used to improve member engagement.

Accomplishments for 2019 include:

• Upgraded to the most recent version of our Shibboleth Single Sign-on Technology Component

Currently, we are working on:

• Testing the Shibboleth Single Sign-0n Technology Component Upgrade

Our plan going forward is to:

• Complete Final User Acceptance Testing of iMIS
• Perform the upgrade in September 2019

Digital Asset Inventory

The goal of the Digital Asset Inventory is to identify the digial assets of the association, providing information needed to inform ALA’s content strategy.

Accomplishments for 2019 include:

• Sending the digital property survey was sent to staff in late February
• Conducting post survey interviews with staff
• Identification of 265 digital properties (excludes ALA Connect, email marketing, social media)
• There is a high number of sites and high volume of content to maintain which leads to outdated, infrequently updated content.

Our plan going forward is to:

• Decrease the Digital Property Footprint (goal is to decrease number of sites by 30-40%)
• Develop & Enforce Digital Protocols
• Leverage the inventory deliverable as a reusable tool for ALA
• Enforce standards when creating new properties
• Enforce archiving protocols around decommissioning sites
• Bring usability standards and best practices to ALA
• Commence work on Digital/Content Strategy

Miscellaneous Infrastructure Accomplishments:

• Windows 10 Laptop Rollout
• Enhance Joblist/YourMembership site to participate in ALA’s single sign on
• Migrated ASGCLA/RUSA blogs back in-house
• Deployed Libraries Ready to Code project to ALA website
• Did a system wide cleanup in sympa removing users with obvious “email address no longer in use”

ITTS Staffing Changes

• New eCommerce Manager, Nathan Strong
• New IT Project Manager, Shakir Akbari
• New Data Analyst, Stan Kessler
• New Training Specialist, Patrick Harrington
• Continue the search for a User Experience Manager

28 May 19 ALA Power Outage Scheduled for Saturday, June 1st from 8am-9am

30^th East Huron will be shutting down our electrical power on Saturday, June 1^st from 8am-9am. Our online services will be unavailable during this time as well.  One exception is email.  That will be available through that time period.

Thank you.

Sherri

_____________________________________________________

Sherri Vanyek
Director, Information Technology
American Library Association
50 East Huron
Chicago, IL. 60611

Phone: (800) 545-2433 x2437
Direct:  (312) 280-2437
Email: svanyek@ala.org

ala.org

11 Jan 19 Information Technology & Telecommunication Services (ITTS) Midwinter 2019 Update

Information Technology Assessment

ALA contracted with DelCor Technology Solutions (DelCor) to conduct an Information Technology Assessment in August 2018.  The results of the information technology assessment will be reported by DelCor during the ALA 2019 Midwinter conference in Seattle in January 2019. ALA provided DelCor with the necessary information to perform the assessment.

 eStore/eLearning eCommerce

The goal of the eStore/eLearning project is to add all ALA eLearning offerings to the store so that it is easy for members and other potential registrants to find and purchase/register for any ALA eLearning event in one place. We are adding more service integrations and adding this activity into iMIS.

Accomplishments for 2018 include:

• Successfully pushed out 5 major releases to the ALA Store, with new features and back-end eLearning-related functionality
• Improved search and overhauled cross-selling functionality (recommended items)
• Enhanced marketing capabilities (added blogs, improved product images, introduced custom pages for product groups)
• Added workflow for publishing content to facilitate more users working on the Store
• Integrated Zoom, Adobe Connect and Moodle options into the eLearning product type
• Created a new eLearning homepage and calendar view for events

Currently, we are working on a major release to:

• Finalize iMIS integration for event creation and transaction recording
• Improve order process
• Complete GoToWebinar integration

Our plan going forward is to:

• Complete functional testing and perform User Acceptance Testing on the final major releases
• Test and schedule migration of eLearning products to define responsibilities and workflows
• Finalize customer service plan for once items are in the store
• Provide documentation and training

Promet currently estimates a feature complete date of the end of February.

Membership Dues and Donations eCommerce

The goal for the Membership Dues and Donations project is to improve the membership and customer experience for processing dues and donations.  This system has been live for just over two years but has had several issues. We are trying to get back to a regular cadence of new releases to fix a number of outstanding issues.

Accomplishments for 2018 include:

• Successfully pushed out a security release
• iMIS web service provider rolled out a major release that caused the vendor to have to refactor their code, causing a major delay in rolling out new releases
• Vendor refactored business logic for complex pricing rules

Currently, we are working on rolling out a major release to:

• Install the new iMIS web services in our production environment in January 2019

Our plan going forward is to:

• Test new releases to fix known issues and security updates
• Install these new releases in our production environment
• Work on new features to improve the member and customer experience as required

ALA Connect

The goal of the ALA Connect project is provide the ability to do committee work, community work, networking, member engagement, non-member engagement, and marketing of products and services to our members and non-members.

Accomplishments for 2018 include:

• Migration of 2,500+ committees/communities from the old ALA Connect
• Launch of the system with basic functionality in May 2018
• Working with Higher Logic on solving issues related to our 33 microsites and nested infrastructure
• Working with Higher Logic on solving permission related issues

Currently, we are working with Higher Logic:

• To solve issues related to our 33 microsites and nested infrastructure
• To solve permission related issues

Our plan going forward is to:

• Work with staff starting in January 2019 to standardize the functionality (menus, design, use, etc.) across the microsites within ALA Connect.
• Implement Mentor Match Module
• Implement Work Space for collaboration on documents with versioning and Balloting Module
• Implement Volunteer Manager Module

SalesForce Project

The goals of the Salesforce project are to provide a tool that will increase the capabilities for Advocacy and Development.

Detailed Goals:

Public Policy and Advocacy unit (Advocacy ) –

• Track cultivation of new and existing advocates across the organization
• Look up ALA members and advocates by zip code / Congressional District
• Annotate records with “soft touch” data, including points of contact and areas of interest
• Track interactions and information about (current and past) members of Congress and elected officials
• Track interactions and points of contact between Advocacy/Public Policy staff and members of Congress, elected officials, and Federal agencies
• Surface relationships between advocates and (current and past) members of Congress and elected officials
• Track and report on advocate actions based on zip code / Congressional District

Development office (Fundraising) –

• Track cultivation of new and existing donors across the organization
• Annotate records and track “soft touch” data, including points of contact, areas of interest, and likeliness of donations
• Better reporting capabilities than currently available
• Use data to generate leads from the prospect pool and from the advocate population

ITTS –

• Implement a well-integrated system that is scalable to other departments at ALA if applicable
• Create new business intelligence information
• Explore Salesforces data analytics module “Einstein” capabilities for future uses

Accomplishments for 2018 include:

• Select third party Salesforce Partner in October
• Identify data integration product to bridge Salesforce and iMIS (Membership DB) in November
• Contract negotiated and signed with Salesforce Partner (Traction on Demand) in December
• Contract signed with data integration company (Dell Boomi) in December
• Contract for twenty-three user licenses of Salesforce signed in December

Our plan going forward is to:

• Traction is now developing timelines and resourcing
• Kick-off meeting and timelines expected in February
• Implement Salesforce in 2019

iMIS Membership System Upgrade

The goal of the iMIS membership system upgrade is to move to the current web-based version which tracks our member and customer information. The upgrade includes data dashboards showing trend data that can be used to improve member engagement.

Accomplishments for 2018 include:

• Setting up a complete test environment
• Test Migration of 700,000+ member and customer information

Currently, we are working on:

• An upgrade to the most recent version of our Shibboleth Single Sign-on Technology Component.

Our plan going forward is to:

• Complete the Shibboleth Upgrade
• Complete User Acceptance Testing of iMIS
• Perform the upgrade in February/March 2018

Infrastructure Upgrades

The current project is part of the lifecycle of ALA’s internal storage systems.

• ALA is replacing storage devices that have reached the end of their useful life, and that have insufficient capacity to meet current and projected needs.
• The new storage devices need more high-speed ports than are available on the current switches, so the next step to activate the new storage is to add two new switches and reconfigure the switch stacks.

Windows 10 Laptop Rollout

The goal of this project is to replace all desktops with laptops running the Windows 10 operating system.

• Approximately 1/3 of ALA desktops have been replaced
• Another 1/3 will be rolled out in January and February 2019
• The final 1/3 will be rolled out in the next Fiscal Year

ITTS Staffing Changes

• Our new IT Project Manager, Shakir Akbari, starts on January 14, 2019
• Pam Akins, our Technical Services Specialist is leaving ALA to move to California on February 22, 2019
• Patrick Harrington has been hired as a temporary full-time employee to take over Pam Akins responsibilities for training and support

Sherri Vanyek
Director, Information Technology & Telecommunication Services
American Library Association

10 Jul 18 Reminder: Complete Headquarters Outage – Thursday, July 12, 2018 at 7:00pm

Thursday, July 12, 2018, we have scheduled a complete outage to upgrade our core switching gear.  Everything at ALA headquarters will be interrupted.  This includes email, ALA websites, file shares.  Offsite access to email will be available.

We expect to begin at 7:00pm.

Thank you.

Sherri

_____________________________________________________

Sherri Vanyek
Director, Information Technology & Telecommunication Services
American Library Association
50 East Huron
Chicago, IL. 60611

Phone: (800) 545-2433 x2437
Direct:  (312) 280-2437
Email: svanyek@ala.org

ala.org

____________________________________________________

03 Jul 18 Complete Headquarters Outage – Thursday, July 12, 2018 at 7:00pm

Thursday, July 12, 2018, we have scheduled a complete outage to upgrade our core switching gear.  Everything at ALA headquarters will be interrupted.  This includes email, ALA websites, file shares.  Offsite access to email will be available.

We expect to begin at 7:00pm.

Thank you.

Sherri

_____________________________________________________

Sherri Vanyek
Director, Information Technology & Telecommunication Services
American Library Association
50 East Huron
Chicago, IL. 60611

Phone: (800) 545-2433 x2437
Direct:  (312) 280-2437
Email: svanyek@ala.org

ala.org

____________________________________________________

 

18 Jun 18 EU-GDPR Frequently Asked Questions

What does EU-GDPR (or GDPR) stand for?

European Union – General Data Protection Regulation

What is GDPR?

The General Data Protection Regulation (GDPR, also referred to as ‘the regulation’) is a legal framework that sets guidelines for the collection and processing of personal information of individuals whose self-selected primary residence is within the European Union (EU).

When did regulation go into effect?

The Regulation went into effect on the 25th May 2018

What kind of information does the regulation apply to?

The GDPR defines personal data in Article 4 as: “… any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity…”

What companies does the regulation apply to?

Any organization which processes and holds the personal data of data subjects (Individuals) with self-selected primary residence in the EU will be obliged to abide by the regulations set out by GDPR. This applies to every organization, regardless of whether they themselves reside in one of the EU Countries.

Are all types of personal data classified the same in the regulation?

GDPR identifies a special class of sensitive personal data, which includes things such as genetic, biometric, religious or philosophical beliefs, sexual preferences or details, health, and Ethnic information.

Is there an exception for Associations like the ALA?

The regulation in Article 4(18) specifically includes associations.

How many ALA members are in the EU?

As of 6/13/2018 there were 147 identifiable members in the EU or 3 tenths of a percent of ALA’s members. Additionally, ALA collects personal data on non-members.

What is the ALA doing?

Based on legal counsels advice we have updated ALA’s Privacy Policy on the website and have created a Personal Data Notification statement that is being added to forms.  ALA is forming a staff steering committee that will be working on the following:

• Create FAQs and procedures regarding implementing policies for staff.
• Review and understand the GDPR’s key components that relate to the ALA with assistance from our legal counsel.
• Draft language for a notification of a data breach and articulate process for implementing the notification.
• Formulate and document the Data Processing Agreement (DPA) process that all units in ALA should follow. This will include anyone who manages/keeps the master list of ALA vendors and DPAs completed (either sent or received). Send DPA’s out to current vendors to amend to their contract.
• Identify and document all areas within ALA (includes data stored outside of ALA on its behalf) where personal data is entering, leaving, and being stored (Data Flow Mapping).
• Draft policies for senior management review that comply with GDPR regulations on data usage, data sharing, and privacy.
• Create a Gap Analysis against current known practices vs approved GDPR requirements and ALA policies.
• Advise senior management on GDPR issues.

More information on the staff steering committee and its work will be shared with staff when it is available.

What about information specifically on GDPR for libraries/librarians?

https://americanlibrariesmagazine.org/blogs/the-scoop/future-data-privacy/

https://www.oif.ala.org/oif/?p=12363

https://acrl.ala.org/techconnect/post/introducing-our-new-best-friend-gdpr/

Where should I go for more additional information?

https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en

Who should I ask ALA questions about GDPR to?

Questions about GDPR should be directed to Brian K. Willard

 

 

04 Jun 18 ITTS Update Report to the Information Technology Advisory Committee (ITAC) for Annual 2018

1.0 ALA Technology Investment Plan Summary

The ITTS funding for fiscal 2019 includes a significant increase for software licensing costs. Microsoft has redefined its software donation program, moving us from a Charity to a Professional Society. We are anticipating a significant increase. We have budgeted for increases for the ALA Connect Workspace module for document versioning and polling, an increase for Informz marketing automation software and, a customer relationship management (CRM) system to support advocacy nation-wide. It also includes enhancements to our eCommerce implementations, upgrades to our virtual server platforms, and positions for a Project Manager and a Drupal Developer.

The 2018 ALA Technology Investment Plan contains both background on ALA’s “technology debt” and a proposed pathway forward to the implementation of a stable, flexible platform that will support ALA’s membership and programs into the future.  The plan calls for a multi-year, phased approach.  In addition to the baseline systems addressed in the plan, the increased capacity allows ALA ITTS, working with program units, to realistically explore the implementation of targeted products to address specific volunteer and staff productivity needs.

2.0 ALA Web-Related

2.1 eCommerce for Join/Renew/Rejoin/Donate

Between January and May, the site processed 912 donations, 2270 joins, 9088 renewals, 1788 rejoins, and 663 additional joins that had to be converted by ALA Membership to the correct category (either renewal or rejoin). We’re using an agile approach to versioning that includes complete regression testing while working with our vendor to wrap up the last of the Phase 1 issues. Changes to web services and PayPal processing have required ongoing re-factoring of the flows. Security updates interrupted release cycles and caused delays in improvements to accessibility, which are ready to be upgraded in an upcoming version expected before the end of the August 2018.

2.2 eStore & eLearning

Since the December 2017 eStore rollout, ITTS has been working with our vendor to deliver Phase 2: all ALA eLearning in the eStore while continuing to improve and update the eStore. Development is underway on the

• integration of eLearning event products with iMIS;
• the addition of activity records, transaction and user data into iMIS; and
• integrating attendee registration functionality with multiple services.

The development team is currently tackling an improved design for an eLearning landing page, a robust events calendar, and an enhanced workflow and publishing process.

Data migration, design iteration, and comprehensive testing are planned for June and July with an anticipated completion of Phase 2 in August 2018.

2.3 ALA Connect

The new ALA Connect soft launched on May 3, 2018. Members were notified of the launch on May 10, 2018. In the three weeks from May 10 to May 31:

• Total logins: 10,100
• Unique logins: 3 ,367
• Active Communities: 3,449
• Connections made: 282
• Profiles created: 9,396
• Profiles with pictures: 8,961

We are continuing to work out the kinks and train staff on the use of the new platform.

In response to privacy concerns, ITTS has made the following adjustments to ALA Connect:

• Since Geo-tagging displayed a Google map of any user’s location that was found in search in the directory, the geo-tagging features in Higher Logic have been adjusted and will no longer display address, phone or email in the directory search.
• Since Discussion signatures make it possible to easily identify message senders when users are working with the email interface of Connect, we changed the default signature to only include the name, designation, organization and job title fields instead of eliminating the discussion signatures completely. We modified the default discussion signature so that users will no longer see the city, state, country, email address, and phone fields.

2.4 ALA Connect Training

Fifty (50) staff have completed in-person or live online staff training on ALA Connect. Recorded training sessions are available for staff and group administrators. Access to the ALA Connect community, Help in ALA Connect is in the site footer. It contains an FAQ, a help forum, and links to documentation.

Training demos at Annual can be found on the Conference Scheduler and live training opportunities after conference and be found on the support site at: http://www.ala.org/support/alaconnect/howto/schedule-training

2.5 Hyper Text Transfer Protocol Secure (HTTPS) Implementation

Join/Renew/Donate ecommerce, the ALA Store, ALA Connect and eCourses (our Moodle site) are all HTTPS. All blogs and wikis hosted in house at ALA are now encrypted with HTTPS, and all traffic is forced to HTTPS by default.

Our use of multiple systems to serve www.ala.org limits our ability to use HTTPS. When we have replaced the current integrated registration system (Active Matter) with a stand-alone product we will be able to serve HTTPS for www.ala.org.

2.6 General Data Protection Regulation (GDPR) Compliance

We began preparing for GDPR in August 2017 so that we would be ready for the May 25, 2018 deadline. We made recommendations to Senior Management, worked with our attorney to update our Privacy Policy. Senior Management is appointing a steering committee to address privacy issues going forward. Mary Ghikas is serving as ALA’s Data Protection Officer.

We have been communicating with staff about their responsibilities and expect to rollout mandatory training sessions.

ITTS has also been corresponding with staff and member-volunteer web editors about the steps required to bring all ALA websites, webforms, and any paper forms still in use into compliance with the European Union’s General Data Protection Regulation. We updated our Privacy Policy on ala.org and reminded units that all other sites should include a link to the Privacy Policy in their site’s footer. We also published the text required to be used on all webforms that collects any personal data and the text and acceptance to be used for event registrations and set a June 30 deadline for all forms to be upated. ITTS has offered to assist units that don’t create their own webforms with the update. The webform URLS should be added to a Trackit ticket or sent to help@ala.org.

2.7 Moodle

ALA eLearning has seen an average of 500 unique visitors every month (Jan.- Apr.)  The 599 courses currently listed and available by ALA eLearning or in the ALA Store see an average of 1683 (450 unique) logins per week.

The site was upgraded to Moodle 3.3 in December 2017 and an upgrade to a newer version is being planned for this summer.

2.8 Responsive Theme for ALA.ORG and Division Websites

We’re working on a visual update to the ALA global and regional navigation. We’ll have two prototypes available for review by stakeholders by Annual. The Awards & Grants application could not be implemented in the retheme without breaking, so ITTS’ Sean Bires has been building a new approach and meeting with staff stakeholders. The new application will eventually require data migration and a custom CSS.

3.0 Hardware & Software

3.1 New Telephone System

The implementation of the new telephone system is on hold while we look at the possibility of moving to a new facility. Regardless of the real estate outcome, we will review phone options again in the 2020 budget.

3.2 Laptop Rollout

We plan to roll out new laptops to approximately one-third of our staff this summer. This is the first time we are purchasing laptops exclusively. This cycle repeats annually.

3.3 Citrix Farm

We have our new Citrix farm up and running, mostly for remote staff. This will improve external access to some of our applications and stabilize our internal financial system.

We have run into some issues with our financial software, which is scheduled for an upgrade later this summer. Until we complete the upgrade we won’t know whether that resolves the Citrix issues we’re having with it.

3.4 Virtual Servers

We rolled out virtual servers (development, quality assurance, and production) for the new ALA eLearning eCommerce system for webinars and small face-to-face meetings.

3.5 Primary Storage

We are in the process of implementing the planned lifecycle replacement of our main internal storage system. We have experienced problems with that implementation and are working closely with the hardware vendor to resolve the issues and complete the replacement.

3.6 iMIS Membership System Upgrade

We are scheduled to upgrade our iMIS Membership system in mid-July 2018.  This will provide a web-based portal for staff to use. It also includes some basic dashboards.

3.7 Financial System Upgrade

We are scheduled to upgrade our Microsoft GP Financial Software in late July.  We are in the process of signing a contract with an outside vendor for this work.

3.8 Remote Access Software

We will investigate and install remote access software to provide staff with the ability to access software.

3.9 PCI Audit

We had our security consultants run vulnerability scans for PCI compliance. We were able to address all exploitable issues, and are continuing to work to eliminate vulnerabilities of all severities. We are currently working on the GAP analysis report to become PCI compliant.  We have a list of known gaps that will take time to implement.

3.10 Disaster Recovery Plan

We need to refresh the plan based on additions and changes made to our infrastructure.

3.11 Computer Policies

We need to update our computer polices for PCI and GDPR compliance, and for organizational and operational changes, and for changes to the technology landscape.

4.0 ITTS Organizational Changes

4.1 Staffing

We have extended the contract for our Quality Assurance Specialist. This temporary part-time position is responsible for creating test plans, writing and executing manual and automated tests, and clearly documenting defects. This work will help ensure that both new software and fixes meet business requirements. The Quality Assurance Specialist will work closely with existing team members to create a sustainable plan for ensuring our stakeholders are all served well by the technology we provide.

25 Apr 18 ALA Connect Launch Delayed

The launch of the new ALA Connect, scheduled for today, has been delayed due to technical issues. During final testing some critical issues related to navigation, tagging, and the structure of parent-child relationships were discovered.

The vendor is working to resolve these issues. We apologize for the delay and thank you for your patience.

While we’re waiting to get started, check out the resources and training on the support site at http://www.ala.org/support/alaconnect.

We’ll keep you updated, in particular, we will communicate when we have a firm launch date.

If you have questions, please feel free to contact Pam Akins at alaconnectmigration@ala.org.

 

05 Mar 18 Service Interruption

One of our main database servers had an I/O issue this morning. iMIS, Informz, and other service were down when we arrived.  All services have been restored. All scheduled Informz email will be sent out soon.

Thanks to all who reported the issues.