Skip to main content

University of Messina

An empowerment project between partners

UNIME

“We had the tools, but lacked the skills.
Since we already had an agreement with Microsoft for the licensing of operating systems and Office packages, we also opted for solutions from this software vendor when it came to choosing the centralised Active Directory and machine management platform: Microsoft Intune. Unfortunately, we were never able to ground the project due to understaffing and the lack of expertise within the team.
The collaboration with Cloudia Research made us able to fill these gaps, and not only start the project, but also complete it in a relatively short time.”

Fabrizio La RosaIT Manager di UNIME

The requirement of the University of Messina was to be able to manage in a structured and organised form the machine park in use by the technical administrative staff. The project, carried out by Cloudia Research, affected about a thousand machines, extremely heterogeneous in terms of hardware, Microsoft Windows versions and installed software, and physically distributed over several University sites.

Each machine was potentially a case in itself, so it wouldn’t have been possible for us create a single procedure that would work for all or most of them, forcing us to intervene at least in the initial phase of the project, physically on each workstation.

 

Until the introduction of this innovative project, management by the IT department was limited for various reasons to the initial installation, configuration of the Windows user (who was also the administrator of the machine), and delivery to the end user. Thereafter, maintenance was only carried out in the event of faults, and no maintenance or software updates were planned, leaving the management of the PC solely in the hands of the user.

The case of user change was also not always managed at user/configuration level, so the new user might have to ‘live’ with data and configurations left behind by previous users.

Regarding security, no centralised policy was in place for data management, which was only stored locally, exposing it to risks we can easily imagine.

 

The project was structured around main steps that were necessary to be able to organise the activities of all actors involved. First, an assessment had to be made in order to draw up an outline list of the machines, gathering as much detail as possible, in order to determine which needed to be replaced, which needed formatting, and which simply configured. Secondly, we had to perform a physical intervention on each workstation, in order to format them where necessary, domain them and install a small script, which would preserve the data of each user by saving them later on SharePoint OnLine.

 

The next step involved the configuration and setting of policies, Active Directory and Endpoint Configuration Manager.

New PCs were purchased for all the machines that needed to be replaced ( roughly 200). Installation and configuration were carried out directly via Intune. Endpoint Configuration Manager helped us manage the installation of the operating system, domaining, installation and configuration of software, automatically, quickly and securely.

As a particularly important and innovative aspect, following the completion of these activities, UniMe users were able to enjoy the benefits of Azure Virtual Desktop. Having synchronised data with One Drive, the user from home or from a low performance machine has the possibility to access a virtual machine and still find all his data even from the Cloud.

New Projects

Collaboration between our realities is ongoing, we are indeed planning several activities to be carried out in order to bring more and more technological innovation to University.

 

In the near future, for example, two new projects will be launched.

The first is the continuation of activities related to PDL management. Cloudia Research will provide training and operational support to the internal IT team in the coming months, with the aim of making resources increasingly autonomous in managing and using the new tools.

 

The other project involves the area of computer security. After the great deal of work done over the past year, it was decided to introduce two-factor authentication for all users, effectively increasing the level of security, and limiting if not completely excluding external cyber attacks. The project acquires significant proportions if it is considered that including students, technical administrative staff, lecturers and researchers, the number of users involved is around 35,000, more than 20,000 of whom are active.

Considering that users’ IT skills are quite heterogeneous, the successful implementation of two-factor authentication requires the organisation of all preparatory activities in a well-structured and orchestrated project, and the provision of effective and decisive support.

 

Communications will initially be sent to explain what MFA is, what it is for and why it is activated. Subsequently, there will be a procedure to allow the user to carry out the activation independently, starting with the registration of the device that will be used for authentication. Authentication will become mandatory from a predefined date.

In addition to organising activities in synergy with the in-house IT team, Cloudia Research will be operationally engaged for user support especially around the mandatory date, where the highest number of support requests is expected.

Raising security levels is always a key aspect in the management of any IT ecosystem. In August 2023, for instance, there were spam campaigns at several universities that started from compromised university accounts and were used to send phishing even outside the organisation. MFA authentication is also adopted to avoid or at least severely limit the occurrence of these situations.

 

The aim is always to broaden the scope of action to make the most of the potential of the interaction between our two realities.

Written by Paolo Antonaci – PreSales and Cloud Architect in Cloudia Research