Support Service Department

The IT Support Unit is responsible for the installation and maintenance of the IT infrastructure, ensuring the highest functionality and availability of computer systems and networks. This unit's primary responsibilities include:

• Setting up computers with necessary peripheral devices (routers, printers, etc.)
• Verifying proper functionality of computer hardware
• Installing and configuring software, including:
  • Operating systems
  • Antivirus programs
  • Office applications
  • Teaching and training software, such as SQL Server, MySQL, Visual Studio, etc.
• Developing and maintaining local networks, including LAN and WiFi
• Ensuring the security and privacy of the IT infrastructure
• Training users on the use of hardware and software
• Troubleshooting to identify and resolve issues
• Keeping logs of problems and their solutions
• Identifying equipment for purchase
• Maintaining and repairing equipment
• Supporting and maintaining CCTV systems
• Supporting and maintaining the SIP telephone system
• Maintenance and configuration of servers

Through these efforts, the IT Support Unit ensures the robust performance and security of the college's IT infrastructure, facilitating efficient operations and a secure technological environment.

2010: Initiated the development of EduPortal - The development phase for the educational portal began.

2011: Platform testing - Conducted tests to ensure functionality and performance.

2012: Student data migration to the platform - Transferred educational data to the platform.

2013:

• Launched EduPortal 1.0 - Initial release with core modules.
• Launched EduOasis 1.0 Learning Management System (LMS) - Introduced an additional platform for managing educational resources.

2014: Integration between EduPortal and EduOasis LMS - Combined the two educational platforms.

2015: Upgraded EduPortal to version 2.0 - Included advanced modules and implemented an automatic attendance tracking system.

2016: Upgraded EduOasis LMS to version 2.0 - Enhanced and improved the educational resources platform.

2017:

• Integrated EduPortal with the Ministry of Higher Education, Research and Innovation (MOHERI) database system.
• Integrated Office365 with EduPortal - Connected with Microsoft Office365 suite.

2018: Upgraded EduPortal to version 3.0 - Major update using Bootstrap frameworks for improved design and responsiveness across all devices.

2019: Integrated EduPortal with Tally - Connected with Tally accounting software for financial management.

2020:

• Integrated virtual classroom system with EduPortal - Connected with Microsoft Teams for collaborative learning.
• Launched online exam proctoring in EduOasis LMS - Added features for supervising online exams.

2021:

• Upgraded EduOasis LMS to version 3.0 - Significant update enhancing features and user experience.
• Launched online admission system within EduPortal - Implemented an online admission system for the educational portal.
• Integrated EduPortal with the Higher Education Admission Center (MOHERI) - Additional integration for admission processes.

2022:

• Launched Kawader Strategic Management System - Implemented the Kawader system for educational planning.
• Integrated with Cambridge One educational resources - Connected EduOasis LMS with Cambridge One platform.

2023: Upgraded EduOasis LMS to version 4.0 - Major update with new features and improvements for the LMS.

2024: Launched electronic course description generator and student performance tracker in EduPortal - Introduced tools for creating course descriptions and tracking student performance on the educational portal.

The SSD aims to achieve the following objectives in the upcoming period:

• Enhance System Performance: Upgrade existing systems to improve speed, reliability, and user experience.
• Ensure Cross-Platform Compatibility: Transition to technologies that support multi-platform operations.
• Strengthen Data Security: Implement advanced security measures to protect sensitive information.
• Promote Scalability and Flexibility: Develop scalable solutions to accommodate future growth and changing requirements.
• Adopt Modern Development Practices: Integrate contemporary development methodologies and tools to boost efficiency and maintainability.

SSD has developed and IT Security policy of MCBS which aims to protect sensitive information and data from unauthorized access, disclosure, alteration, or destruction. It safeguards information technology systems, networks, and applications from security threats and vulnerabilities. Additionally, it promotes awareness and education among employees regarding their responsibilities in maintaining information security. The policy also supports incident response and recovery efforts in the event of a security breach or incident. It provides a framework for ongoing monitoring, assessment, and improvement of the organization's information security posture. Furthermore, it facilitates the secure exchange of information with external partners, clients, and stakeholders and enforces the use of complex passwords that include a combination of alphanumeric characters and special symbols.

The last internal audit report recommended several actions to enhance IT security. It suggested conducting a thorough review of the IT security policy and updating it as necessary. It also recommended incorporating password guidelines into the organization's policy framework or establishing a new policy focused on password management. Implementing two-factor authentication was advised to enhance user authentication processes and mitigate potential risks of unauthorized access. Proper classification of data based on its importance was also recommended. The report stressed the need for regular vulnerability assessments and penetration testing to identify potential vulnerabilities and threats and to test the effectiveness of existing security controls. Establishing a security awareness program that includes ongoing training, simulated phishing exercises, and other activities to reinforce security best practices and engage stakeholders in security awareness efforts was also advised. Additionally, the report recommended establishing a separate IT risk register to identify, assess, and manage unique IT risks effectively, including cybersecurity threats, data breaches, system downtime, and regulatory compliance risks specific to IT systems.

The risk assessment conducted at MCBS aims to identify and evaluate the risks associated with the IT environment. This includes analyzing the organization's systems, processes, and infrastructure to identify potential vulnerabilities and threats to confidentiality, availability, and integrity. The assessment found that MCBS faces significant risks related to the management of confidential student and financial data, the availability of critical systems and services, and the integrity of academic and administrative processes. These risks include unauthorized access to sensitive information, system failures or outages, cyberattacks, natural disasters, data corruption or manipulation, unauthorized changes or modifications to systems or data, and inadequate access controls or monitoring.

To mitigate these risks, MCBS has implemented a comprehensive IT risk management program. This includes regular risk assessments and vulnerability scans to identify and prioritize potential threats and vulnerabilities. Access controls, including strong passwords, encryption, and multi-factor authentication, have been implemented. Regular data backups and disaster recovery plans ensure the availability and integrity of critical systems and data. Employee training and awareness programs prevent insider threats and promote good security practices. Regular testing of IT security controls and incident response plans ensures their effectiveness. Overall, the risk assessment underscores the importance of effective IT risk management practices in safeguarding the confidentiality, availability, and integrity of critical systems and data at MCBS. By implementing appropriate measures to mitigate identified risks, MCBS can ensure the security and reliability of its IT environment and protect its reputation and operations.

The Policy on Business Continuity and Disaster Recovery ensures the availability and continuity of critical operations by deploying servers and enterprise applications both within the College premises and outside to ensure uninterrupted services. It also implements comprehensive backup procedures.

The IT Business Continuity Plan is a detailed document designed to ensure uninterrupted operations during unforeseen disruptions.

The SSD operates on a robust IT infrastructure designed to support MCBS's educational and administrative needs. Key components of the IT environment include:

• Network Infrastructure: High-speed, reliable network connections to facilitate seamless communication and data transfer across MCBS campuses.
• Server and Storage Systems: Centralized servers and storage solutions to ensure secure data storage, backup, and accessibility for various applications and services.
• Modern Audio/Visual Equipment’s in class rooms: Classrooms equipped with interactive teaching consoles.
• Software Applications: Utilization of enterprise-grade software applications for student management, learning management (EduOasis, EduPortal).
• Security Systems: Implementation of advanced cybersecurity measures such as firewalls, encryption, and intrusion detection systems to safeguard sensitive data and prevent unauthorized access.