April 2017

0 Commentsby   |  05.04.17  |  Banner, Security, Uncategorized

April 2017 by the numbers:

  • 192 end-user support requests resolved (new record for month of April)
  • 117 development and administration issues resolved (new record for month of April)
  • 126 development and administration issues created
  • 11 projects in-progress
  • project completed
  • 5 projects requested
  • 99.82% average uptime

Step Up to Stronger Passwords

A password is often all that stands between you and sensitive data. It’s also often all that stands between a cybercriminal and your account. Here are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.

Banner 9

We successfully updated to Banner General 9 on April 7th and Banner Human Resources 9 on May 1st.  In the next seven weeks, we will upgrade Finance and Student, which will move us past the half-way point in the update process.  We are developing a timeline for the remaining Administrative Banner 9 updates as well as Self-Service Banner 9 updates.  We are still targeting completion of all Administrative Banner updates by the end of 2017.

What else is going on?

  • Custom Administrative Banner forms – We must migrate custom forms to Banner 9, which requires a significant investment in work and/or dollars.  A custom form is a form that was created by ACU programmers and is identified by the letter Z in the second place of the seven-letter acronym.  We are gathering feedback from various users to help us determine if forms need to persist or can be retired in favor of baseline functionality in the Banner platform.
  • New Student Orientation (NSO) course – We partnered with the Academic Advising Center to automatically enroll NSO registrants in a Canvas course that will help prepare incoming students for their time at ACU.  Students are automatically added to this course once they register for one of the NSO orientation sessions.
  • Cybersecurity – The security of the services we administer and support is a crucial element of our work.  This includes routine activities, such as proactively addressing vulnerabilities, applying application updates, and monitoring application activity. In the last month, we collaborated with a third-party security audit firm to complete a security audit, which will help us better protect our users and services.

 

Step Up to Stronger Passwords

0 Commentsby   |  05.01.17  |  Security

A password is often all that stands between you and sensitive data. It’s also often all that stands between a cybercriminal and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.

  • Always: Use a unique password for each account so one compromised password does not put all of your accounts at risk of takeover.
  • Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and/or symbols — such as pAMPh$3let. Complex passwords can be challenging to remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also difficult to type on a smartphone keyboard (for an easy password management option, see “best” below).
  • Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes its exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger — such as rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read on.
  • Best: The strongest passwords are created by password managers — software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account. Keep reading!
  • Step it up! When you use two-step verification (a.k.a., two-factor authentication or login approval), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive an authorization check on your smartphone or other registered device. Without that second piece, a password thief can’t get into your account. It’s the single best way to protect your account from cybercriminals.

(This content was provided by Educause.)

March 2017

0 Commentsby   |  04.05.17  |  Banner, Uncategorized

March 2017 by the numbers:

  • 165 end-user support requests resolved
  • 96 development and administration issues resolved
  • 114 development and administration issues created
  • 10 projects in-progress
  • project completed
  • 3 projects requested
  • 99.95% average uptime
  • 162 people attended Banner 9 information sessions in February and March

Don’t Be Fooled! Protect Yourself and Your Identity

According to the US Department of Justice, more than 17 million Americans were victims of identity theft in 2014. EDUCAUSE research shows that 21 percent of respondents to the annual ECAR student study have had an online account hacked, and 14 percent have had a computer, tablet, or smartphone stolen. Online fraud is an ongoing risk. Here some tips that can help you prevent identity theft.

Banner 9

We are excited to announce that Phase 1 of major improvements to Administrative Banner are coming this week. Banner 9 (formerly Banner XE) will significantly improve your ability to use Banner, with Java no longer required once all project phases are completed.  You can view more details in a separate post on the Computing Services blog.

What else is going on?

  • Next Banner 9 projects – Much of our work is centered around Banner 9 updates right now.  We are working on multiple projects related to the next phases, which include updates to Finance, Human Resources and Student. During the month of April we will identify timelines to address more of our custom forms as well as Self-Service Banner functionality.
  • Project, projects, projects – Spring 2017 has been busy with multiple projects in-progress and six project requests submitted over the course of March and February.  The next few months will be busy between these requests and our ongoing Banner 9 work.

 

Banner 9 Go-live Summary

0 Commentsby   |  04.02.17  |  Banner, Uncategorized

We are excited to announce that Phase 1 of major improvements to Administrative Banner are coming later this week. Banner 9 (formerly Banner XE) will significantly improve your ability to use Banner, with Java no longer required once all project phases are completed.  Here are the important details as we prepare to go live:

  • When will the changes take place? The Banner 9 updates should be in place by the time you arrive to work on Friday, April 7th.
  • What is changing? Phase 1 includes Banner General as well as a new navigation bar that will be visible throughout Administrative Banner.  Banner General includes most forms with a G in the first place of the seven-letter acronym of the form (e.g. GOAMTCH).
  • How will I access Banner 9? The existing short link will be updated on April 7th to send you to the new Administrative Banner home page.  Please contact the Helpdesk if you need the link.
  • What web browser should I use following the update? You will keep using the same browser you use now, since some forms will use Internet Native Banner (Banner 8).
  • Where can I find more information? We have answered the most common Banner 9 questions in a frequently asked questions page that is accessible through the “Banner 9 FAQs” quicklink in myACU.
  • What should I do if I experience a problem? Please contact the Helpdesk at helpdesk@acu.edu or (325) 674-4357.

We look forward to introducing Banner 9 and helping you successfully serve our campus.

Don’t Be Fooled! Protect Yourself and Your Identity

0 Commentsby   |  04.02.17  |  Security

According to the US Department of Justice, more than 17 million Americans were victims of identity theft in 2014. EDUCAUSE research shows that 21 percent of respondents to the annual ECAR student study have had an online account hacked, and 14 percent have had a computer, tablet, or smartphone stolen. Online fraud is an ongoing risk. The following tips can help you prevent identity theft.

  • Read your credit card, bank, and pay statements carefully each month. Look for unusual or unexpected transactions. Remember also to review recurring bill charges and other important personal account information.
  • Review your health insurance plan statements and claims. Look for unusual or unexpected transactions.
  • Shred it! Shred any documents with personal, financial, or medical information before you throw them away.
  • Take advantage of free annual credit reports. In the US, the three major credit reporting agencies provide a free credit report once a year upon request.
  • If a request for your personal info doesn’t feel right, do not feel obligated to respond! Legitimate companies won’t ask for personal information such as your social security number, password, or account number in a pop-up ad, e-mail, text, or unsolicited phone call.
  • Limit the personal information you share on social media. Also, check your privacy settings every time you update an application or operating system (or at least every few months).
  • Put a password on it. Protect your online accounts and mobile devices with strong, unique passwords or passphrases.
  • Limit use of public Wi-Fi. Be careful when using free Wi-Fi, which may not be secure. Consider waiting to access online banking information or other sensitive accounts until you are at home.
  • Secure your devices. Encrypt your hard drive, use a VPN, and ensure that your systems, apps, antivirus software, and plug-ins are up-to-date.

If you become a victim of identity theft:

  • File a report with the US Federal Trade Commission at IdentityTheft.gov.
  • Use the identity theft report to file a police report. Make sure you keep a copy of both reports in a safe place.
  • Flag your credit reports by contacting the fraud departments of any one of the three major credit bureaus: Equifax (800-525-6285), Experian (888-397-3742), or TransUnion (800-680-7289).

(This content was provided by Educause.)

Phase 1 Banner 9 Update Scheduled

0 Commentsby   |  03.16.17  |  Uncategorized

What is changing?

The first phase of major improvements to Administrative Banner are coming in early April.  Most know “Administrative Banner” by one or more of the following names: Big Banner, Internet Native Banner, INB, Banner-Banner and Oracle Banner.  The next generation of the Banner platform, known as Banner 9, will significantly improve your ability to use Banner.  Once all phases of the project are completed, Banner will be completely web-based with no Java requirement. The Phase 1 update includes:

  1. Application Navigator – This new navigation component will help users navigate between Internet Native Banner and the new Banner 9 forms.
  2. Banner General – Forms that begin with the letter G will move to the new web-based interface with Banner 9.

We plan to upgrade all of the Banner modules to Banner 9 by the end of 2017, which will require significant work in the coming months.

How can I learn more?

Here are some actions you can take to learn more about the upcoming changes:

  • Information sessions – If you haven’t already, please attend one of the remaining Banner 9 information sessions that are highlighted in the weekly myACU News emails for employees.
  • Frequently asked questions – We have answered the most common Banner 9 questions in a frequently asked questions page that is accessible through the quicklinks in myACU.

 

February 2017

0 Commentsby   |  03.07.17  |  Uncategorized

February 2017 by the numbers:

  • 161 end-user support requests resolved
  • 84 development and administration issues resolved
  • 99 development and administration issues created
  • projects in-progress
  • project completed
  • 3 projects requested
  • 99.97% average uptime
  • 146 people attended Banner 9 information sessions

Security Tips for Traveling at Home and Abroad

We all like to travel with our mobile devices (smartphones, laptops, or tablets) — whether it’s to the coffee shop around the corner or to a café in Paris. These devices make it easy for us to stay connected while on the go, but they can also store a lot of information — including contacts, photos, videos, location, and other personal and financial data — about ourselves and our friends and family. Here are some ways to protect yourself and others.

Banner XE is Banner 9

Ellucian announced in early February that Banner XE, the next major update, has been rebranded as Banner 9, which is the version number associated with the new release.  Our first set of updates for Banner have been delayed as a result of critical issues that we identified in late February.  We hope to announce a go-live date in the next few weeks.

What else is going on?

  • Banner projects – We are in the midst of multiple projects related to the Banner 9 updates, including finalization of the first phase of updates as well as planning the next phases (Finance, Human Resources and Student).  We are also working on multiple development projects to migrate some of our custom Banner forms into the new Banner 9 interface.
  • Data integration maintenance – We have been working on multiple data integration maintenance projects, which includes Activity Insight (Provost’s Office), Reeher (Advancement), and Follett (ACU Online).
  • Financial Aid – We are working with our colleagues in Student Financial Services to prepare for personnel transitions as well as tasks related to the 2017-2018 financial aid awarding cycle.

 

Security Tips for Traveling at Home and Abroad

0 Commentsby   |  03.03.17  |  Security

We all like to travel with our mobile devices (smartphones, laptops, or tablets) — whether it’s to the coffee shop around the corner or to a café in Paris. These devices make it easy for us to stay connected while on the go, but they can also store a lot of information — including contacts, photos, videos, location, and other personal and financial data — about ourselves and our friends and family. Following are some ways to protect yourself and others.

Before you go:

  • If possible, do not take your work or personal devices with you on international trips. If you do, remove or encrypt any confidential data.
  • For international travel, consider using temporary devices, such as an inexpensive laptop and a prepaid cell phone purchased specifically for travel. (For business travel, your employer may have specific policies about device use and traveling abroad.)
  • Install a device finder or manager on your mobile device in case it is lost or stolen. Make sure it has remote wipe capabilities and that you know how to do a remote wipe.
  • Ensure that any device with an operating system and software is fully patched and up-to-date with security software.
  • Makes copies of your travel documents and any credit cards you’re taking with you. Leave the copies with a trusted friend, in case the items are lost or stolen.
  • Keep prying eyes out! Use strong passwords, passcodes, or smart-phone touch ID to lock and protect your devices.
  • Avoid posting social media announcements about your travel plans; such announcements make you an easy target for thieves. Wait until you’re home to post your photos or share details about your trip.

While you’re there:

  • Physically protect yourself, your devices, and any identification documents (especially your passport).
  • Don’t use an ATM unless you have no other option; instead, work with a teller inside the bank. If you must use an ATM, only do so during daylight hours and ask a friend to watch your back. Also check the ATM for any skimming devices, and use your hand to cover the number pad as you enter your PIN.
  • It’s hard to resist sharing photos or telling friends and family about your adventures, but it’s best to wait to post about your trip on social media until you return home.
  • Never use the computers available in public areas, hotel business centers, or cyber cafés since they may be loaded with keyloggers and malware. If you use a device belonging to other travelers, colleagues, or friends, do not log in to e-mail or any sensitive accounts.
  • Be careful when using public wireless networks or Wi-Fi hotspots; they’re not secure, so anyone could potentially see what you’re doing on your computer or mobile device while you’re connected.
  • Disable Wi-Fi and Bluetooth when not in use. Some stores and other locations search for devices with Wi-Fi or Bluetooth enabled to track your movements when you’re within range.
  • Keep your devices with you at all times during your travels. Do not assume they will be safe in your hotel room or in a hotel safe.

When you return:

  • Change any and all passwords you may have used abroad.
  • Run full antivirus scans on your devices.
  • If you used a credit card while traveling, check your monthly statements for any discrepancies for at least one year after you return.
  • If you downloaded any apps specifically for your trip and no longer need them, be sure to delete those apps and the associated data.
  • Post all of your photos on social media and enjoy reliving the experience!

 

(This content was provided by Educause.)

January 2017

0 Commentsby   |  02.07.17  |  Uncategorized

January 2017 by the numbers:

  • 173 end-user support requests resolved
  • 89 development and administration issues resolved (new record for month of January)
  • 94 development and administration issues created
  • projects in-progress
  • project completed
  • 4 projects requested
  • 99.97% average uptime

Learn What It Takes to Refuse the Phishing Bait!

Cybercriminals know the best strategies for gaining access to our sensitive data. In most cases, it doesn’t involve them rappelling from a ceiling’s skylight and deftly avoiding a laser detection system to hack into servers; instead, they simply manipulate a community member. There are a few ways to identify various types of social engineering attacks and their telltale signs.

Coming Soon: New and Improved Banner

Computing Services will introduce the first phase of major updates to administrative Banner later this month.  Most know “administrative Banner” by one or more of the following names: Big Banner, Internet Native Banner, INB, Banner-Banner and Oracle Banner. The next generation of the Banner platform, Banner 9 (formerly known as Banner XE), will significantly improve the use of Banner, with Java no longer required once all project phases are completed.  We are providing information sessions to help prepare users for the upcoming changes. Please see our separate post for more details regarding the first phase release.

What else is going on?

  • Banner updates – We plan to upgrade all of the administrative Banner modules to Banner 9 (formerly known as Banner XE) by the end of 2017. In addition to work related to the Phase 1 release later this month, we are preparing for the next phases of work, which include Finance, Human Resources and Student.
  • Personnel change – We are excited to announce that one of programmers, Riley Wills, has been promoted to a title of Senior Programmer.  This promotion recognizes Riley’s years of programming experience and his role mentoring both student and professional staff members.
  • Spring maintenance work – We have multiple maintenance projects underway, including data integration updates, preparation for the 2017-2018 financial aid awarding cycle, and security patch updates of key systems.

 

Learn What It Takes to Refuse the Phishing Bait!

0 Commentsby   |  02.01.17  |  Uncategorized

Cybercriminals know the best strategies for gaining access to our sensitive data. In most cases, it doesn’t involve them rappelling from a ceiling’s skylight and deftly avoiding a laser detection system to hack into servers; instead, they simply manipulate a community member.

According to IBM’s 2014 Cyber Security Intelligence Index, human error is a factor in 95 percent of security incidents. Following are a few ways to identify various types of social engineering attacks and their telltale signs.

  • Phishing isn’t relegated to just e-mail! Cybercriminals will also launch phishing attacks through phone calls, text messages, or other online messaging applications. Don’t know the sender or caller? Seem too good to be true? It’s probably a phishing attack.
  • Know the signs. Does the e-mail contain a vague salutation, spelling or grammatical errors, an urgent request, and/or an offer that seems impossibly good? Click that delete button.
  • Verify the sender. Check the sender’s e-mail address to make sure it’s legitimate. If it appears that your institution’s help desk is asking you to click on a link to increase your mailbox quota, but the sender is “UniversityHelpDesk@yahoo.com,” it’s a phishing message.
  • Don’t be duped by aesthetics. Phishing e-mails often contain convincing logos, links to actual company websites, legitimate phone numbers, and e-mail signatures of actual employees. However, if the message is urging you to take action — especially action such as sending sensitive information, clicking on a link, or downloading an attachment — exercise caution and look for other telltale signs of phishing attacks. Don’t hesitate to contact the company directly; they can verify legitimacy and may not even be aware that their name is being used for fraud.
  • Never, ever share your password. Did we say never? Yup, we mean never. Your password is the key to your identity, your data, and your classmates’ and colleagues’ data. It is for your eyes only. Your institution’s help desk or IT department will never ask you for your password.
  • Avoid opening links and attachments from unknown senders. Get into the habit of typing known URLs into your browser. Don’t open attachments unless you’re expecting a file from someone. Give them a call if you’re suspicious.
  • When you’re not sure, call to verify. Let’s say you receive an e-mail claiming to be from someone you know — a friend, colleague, or even the president of your college or university. Cybercriminals often spoof addresses to convince you, then request that you perform an action such as transfer funds or provide sensitive information. If something seems off about the e-mail, call them at a known number listed in your institution’s directory to confirm the request.
  • Don’t talk to strangers! Receive a call from someone you don’t know? Are they asking you to provide information or making odd requests? Hang up the phone and report it to the help desk.
  • Don’t be tempted by abandoned flash drives. Cybercriminals may leave flash drives lying around for victims to pick up and insert, thereby unknowingly installing malware on their computers. You might be tempted to insert a flash drive only to find out the rightful owner, but be wary — it could be a trap.
  • See someone suspicious? Say something. If you notice someone suspicious walking around or “tailgating” someone else, especially in an off-limits area, call campus safety.

(This content was provided by Educause.)