An incident that occurred last fall involving Central Information Technology Services (ITS) that led to the damage of several computers has been linked to a Microsoft tool.
The incident took place when an information technology (IT) administrator installed an IT operation on their computer, causing many other computers to subsequently be impacted as well due to the System Center Configuration Manager (SCCM). According to Niyazi Bodur, the chief information officer of ITS, the SCCM is a “powerful Microsoft system that allows centrally managed domain joined computers to be controlled.” SCCM has the power to enable administrators to remotely install a new operating system, upgrade and fix existing operating systems, collect inventory information and allow the Help Desk to provide assistance remotely.
Bodur, alongside Donald Hall, provost and executive vice president for academic affairs, elaborated further on the incident with SCCM and how other computers were impacted as a result.
“The incident last fall was related to one local IT administrator aiming to re-build one computer, but mistakenly issuing the command to rebuild all computers in the domain,” Bodur and Hall wrote in an email. “Becoming aware of this ITS stopped the process, but a number of computers were affected and they were rebuilt. This caused loss of data to a small percentage of the University community.”
ITS support is a distributed function, as stated by Bodur and Hall. ITS manages computers that belong to certain academic departments, schools and administrative divisions. Computers in other divisions and departments are managed by local IT administrators.
Bodur and Hall outlined some of the progress that has been made in order to assure that a similar incident does not occur again at Binghamton University.
“The complete SCCM system has been re-built to make sure that the incorrect job is completely purged,” Bodur and Hall wrote in an email. “The local IT administrators’ access is limited to the computers in their own units only.”
Additionally, when the incident first occurred, access was taken away from people outside of ITS, in order for ITS to organize and regroup. Bodur explained that if any large changes need to be implemented through SCCM in the future, two administrators will need to confirm that these changes are necessary and that they will not result in any negative repercussions.
Bodur and Hall later addressed how SCCM will continue to assure that any actions that are taken involving a number of computers are approved and overseen.
“Jobs that affect a large number of computers must be prepared by one administrator and reviewed by the ITS SCCM Administrator before being deployed,” Bodur and Hall wrote in an email. “ITS has engaged Dell Technologies Consulting to assist us further to establish industry best practices to manage SCCM in the most efficient and safe manner.”
Moving forward, Bodur has emphasized that SCCM is powerful, but can become dangerous in situations such as this one, therefore it has to be handled accordingly.
Jacqueline Ayala Flores, a sophomore majoring in psychology, expressed her thoughts about the importance of minimizing technology risks at BU.
“I think trial and error is especially important in helping avoid technology struggles,” Ayala Flores said. “Because there was a mistake made, we can use it as a learning experience to determine the effects of what could go wrong and most importantly how to react and solve problems when they arise.”
Yuki Wada, a sophomore majoring in business administration, explained why there should be transparency between groups like ITC and BU’s student body.
“I think students should be made aware of these events happening,” Wada said. “A lot of events may not be advertised and are just overlooked, but being knowledgeable about what is happening on campus can help us work together to find solutions.”