University University Feature

On DLSU’s online services and security issues: ITS Director addresses complaints raised by students

The My.LaSalle and Animo.sys systems have been the bread and butter applications for Lasallians during enlistment season. These online services, delivered by the Information Technology Services (ITS) office, allow students to enlist, drop, and adjust their classes anywhere using an internet-capable device. As useful as these systems are, numerous complaints continue to plague the services every time enlistment comes around. In an interview with The LaSallian, ITS Director James Sy responds to the complaints faced by the aforementioned systems.


003 ITS Director addresses complaints - animosys


Online services

The University’s online service systems trace their roots from the global services shift towards the internet in the 90s. The MLS System currently in use was developed as a response to this global shift, and was adapted to automate student and faculty services. The system was developed in-house by University programmers using the Oracle Database systems.

In a similar fashion, the University adapted the Animo.Sys system in 2012 as a response to the growing course enlistment management needs of the students. Unlike MLS which was homegrown, Animo.Sys was based on the Oracle PeopleSoft Campus Solutions System. The choice of this system was decided by a study that the ITS conducted in 2012.

“We commissioned a third-party organization to do a study and PeopleSoft, along with Banner, came out as the best solutions in the realm of school management software,” Sy explains.

As useful as the systems are, recurring problems plague them come enlistment season every term. One of the biggest concerns of students over the systems is that they frequently crash. This prevents students from enlisting properly, and creates an opinion that the systems are old and are in need of updates.

Contrary to this, Sy clarifies that the systems are constantly updated. “I admit that the user interface may seem unappealing, but in fact we use the latest version of Oracle PeopleSoft Campus Solutions which is also used by 900 other universities worldwide,” he states.

In response to crashing complaints, Sy confesses that capacity issues do exist. “Yes, there are capacity issues, especially when there is trouble scheduling the users entering the system, and I apologize for that,” he says. “Only around 2,000 users can be accommodated at a time and that’s the reason why enlistment is spread out on three days. I believe it’s better to just spread out the enlistment dates because acquiring a server to accommodate 20,000 users for just a few hours is very impractical.”

ITS also receives regular complaints over its other online services. One trouble that students normally report is the slow Wi-Fi and internet speeds around the campus. According to Sy, the problem with the slow Wi-Fi within campus has always been in terms of coping with demand. “Our current bandwidth of more than 1 Gbps is eight times more than what we had five years ago, yet this supply has not been able to cope with demand,” he reveals.

Sy says that the ITS has been continuously exerting efforts to improve the school’s needs on technology systems. By August 2017, he discloses that the ITS will be increasing the bandwidth to 1.5 Gbps to accommodate more users.


Security concerns

Another issue that students normally raise is on the security of computers inside the University. Last July 4, a College of Computer Studies (CCS) student posted a warning online about a Google Chrome extension called Gumshoe. John Paul San Pedro (III, BS-CS-ST), in his post, came across the malicious extension on a computer in the G306A computer laboratory.

According to San Pedro, the extension copies whatever username and password is entered on any site using the computer it is installed in. Students and professors alike forwarded concerned messages to ITS regarding this issue.

Sy states that the University’s computers are equipped with virus scanners, but were not able to detect Gumshoe because it was an extension. “Endpoint anti-virus systems are installed in every computer; however, Gumshoe was not tagged as a virus because it is simply an extension. We cannot disable the installation of browser extensions because such flexibility is occasionally needed by CCS students for their classroom exercises,” Sy explains. Due to this, Gumshoe was able to bypass DLSU’s security measures.

Removing Gumshoe proved to be difficult for the ITS staff. Sy illustrates that browser extensions can be easily cleared from the computer systems, but this compromises the “legitimate” extensions that CCS students use for their exercises. “We disabled the installation of Gumshoe unit by unit in order to avoid removing the existing legitimate extensions installed. All in all, manually removing the extensions from all infected computers took us four days,” Sy shares.

To prevent data theft, Sy recommends that users always browse in Incognito Mode. “In Incognito Mode, Google Chrome by default disables extensions because it does not control how they (the extensions) will handle your personal data while on the internet. Regardless, users must still be careful because this (Incognito Mode) does not guarantee complete safety from such situations,” Sy expresses.


Students’ insights

Students have expressed mixed opinions regarding the safety of DLSU’s computers. Although the University’s computers are only usually used when needed, some students felt unsafe using the computers following the Gumshoe incident.

Earl Arce (II, POM-BSA) believes that the security system is safe enough. However, the outdated software of the computers are prone to potential vulnerabilities such as hacking.

Paul Tirona (III, BS-CS-NE) adds that the use of a secure network such as MyWifi blocks dangerous websites and applications. Nonetheless, the system becomes vulnerable once someone knowledgeable enough accesses the server remotely.

According to Sy, CCS students, in particular those taking up the Network Engineering Specialization, undergo a class called Ethical Hacking. This ensures that students are taught proper usage of hacking techniques, and helps avoid cases where students try to gain access into the University’s servers with malicious intent.

“I trust that our students are professional and ethical enough not to hack our systems,” Sy says. “Having said that, you cannot actually prevent them from ‘trying it out’ with our systems. In fact, we would welcome their feedback if they do find any potential loophole in our systems.”

Blaise Cruz

By Blaise Cruz

Vivean Pallera

By Vivean Pallera

Eliza Santos

By Eliza Santos

Leave a Reply