How One University CIO Got His IT Organization Up and Running

On Sept. 6, 2005, the University of California, Merced campus, opened its doors with 875 students, on its way to becoming a full-sized UC campus of about 25,000. The challenge of building a 21st century research university from scratch was daunting. Buildings needed to be built, faculty hired, curriculum developed, students recruited, and an entire organizational and governance model defined and staffed. I had joined this adventure about three years earlier in August 2002 as CIO, with the mission of deploying all things IT and telecommunications.

At the time, California was in the middle of a budget crisis and resources were scarce. When I came on board, the Merced campus had only 10 IT staff, mostly focused on desktop support and connectivity for existing staff in leased facilities. With only modest increases in staffing projected, we were expected to oversee the design and construction of voice, data and video network infrastructure in the five planned campus buildings and student residence complex; build the collaboration infrastructure (directories, e-mail, calendaring, document management, Web portal); and deploy major administrative applications (notably the student information system, which handles key functions such as admissions; course registration; billing, grade and transcript management; and financial aid). We also had to oversee the installation of AV facilities in classrooms, deploy instructional computer labs and develop a support organization for all of the above.

Making things even more problematic, there were no governance structures in place for defining a vision, developing a strategy or prioritizing needs. Not only was the (small) founding staff entirely consumed by trying to build their own assigned pieces of the university, but only some of the deans were on board and no faculty members were hired. Nevertheless, people cared passionately about what IT facilities would look like.

In light of that passion, key UC Merced staff (before I was hired) went on a retreat to articulate a vision for the school’s IT. So when I first visited Merced as a candidate for the CIO job, I was handed a draft mission statement for IT and a set of core values. But these contained little that was applicable in a practical way.

I strongly believe in a mission statement that directly informs a set of strategies that can, in turn, guide technology approaches and decisions. So my first challenge was to establish a new mission statement and strategies without rejecting the principles that had been previously articulated. It soon became clear to me that we did not have the resources to build everything that people wanted. It was also apparent that we would always be understaffed. In short, we needed to build an infrastructure for a 25,000-student campus with resources that already were insufficient for the 1,000-student campus planned for opening day. The one advantage we did have was help from our sister campuses. For example, UCLA was (and still is) running financial and payroll systems on our behalf.

Out of all of this, I evolved my plan of attack: Focus on the users to create an experience that would make UC Merced unique. In other words, structure our services in such a way that access would be simple and natural for students, faculty and staff, as opposed to being built from the perspective of the various university departments. Build identity management as a core application and reduce staff needs via automated provisioning. Identity management is particularly critical in a university environment where individuals can be any combination of applicant, student, faculty, staff, alumnus or affiliate at the same time. For example, a graduate student may be an alumnus and is likely to be a teaching assistant. We needed to create a standards-based infrastructure that would be open, flexible, extendable and, above all, scalable.

Making the user experience as easy as possible was a top priority. To meet that goal, I was determined to develop a universal portal, informed by the identity-management system so that access to appropriate information and applications would automatically evolve along with an individual’s role. This also meant integrating the user functions of administrative systems, such as the student information system, into the portal/single sign-on framework. It made sense for us to deploy open-source software developed by the university community, so we chose uPortal (developed by several JA-SIG institutions) and the Central Authentication Service (CAS, developed at Yale University). This would allow users to access applications from within the portal without having to re-enter IDs and passwords.

Working feverishly, “just in time” became our mantra. One day, before we started accepting applications in December 2004, we integrated the self-service feature of our admissions system and assigned user IDs. We deployed the first phase of identity management in early summer 2005 so that we could automatically provision e-mail and other access to the incoming class. We completed networking the student residences at 9 the night before students arrived so they would have Ethernet drops and wireless connectivity from day one. Projection became available in the classrooms some time during the day classes began.

The Hard Road from Theory to Practice

Not everything evolved in the state we had hoped for. We had last-minute surprises as we discovered that contractors had not completed all of the details. We wound up doing things such as keeping our electrically operated projection screens permanently lowered because there was no power to make them operate. Procurement of equipment, especially for AV, was sometimes delayed because of arcane rules governing state purchasing and the avalanche of requests that fell on the purchasing department. Even the receiving department wasn’t always able to distribute desperately awaited items on time. We had to resort to such workarounds as using a portable PA system and borrowing end-of-life projectors from a sister campus. And, of course, we had the occasional bug in a software package. For example, we had to partially disable our state-of-the-art network-intrusion detection system when it began protecting the network so well that some new users were unable to obtain network addresses.

Nevertheless, everything essential was ready in time for our first entering class. There’s a lot left to do, but we have a pretty good idea how to do it without having to undo anything we’ve deployed to date. For instance, we still need to integrate into our portal such applications as document management, calendaring and course registrations.

Looking back, a very small but highly talented and motivated IT staff performed miracles. Nevertheless, I don’t believe it would have been possible if we had not established a very clear vision of what we wanted to do and how to get there. Even with limited resources, this vision allowed us to make quick decisions about interim solutions compatible with long-term strategy. For example, one professor wanted to have his students take online tests as part of a summer course he ran before our official opening. So we acquired a simple standalone package that used XML, allowing us to easily export the test questions for future courses.

As a leader, the CIO’s job is to articulate and obtain buy-in to a shared vision. In my mind, it was that vision that enabled us to be ready for the campus opening on time, even if it was “just in time.”