Hab Adkins's Archive

September 2017

0 Commentsby   |  10.04.17  |  Banner, Security, google, tips

By The Numbers

Here are Computing Services’ statistics for September 2017:

  • 226 end-user support requests resolved (new record for September)
  • 93 development and administration issues resolved
  • 15 projects-in-progress
  • project completed
  • 1 projects requested
  • 99.97% average uptime

October is National Cyber Security Awareness Month

For more than a decade, colleges and universities have promoted National Cyber Security Awareness Month (NCSAM) each October as part of a collaborative effort to ensure that everyone has the resources they need to stay safe online.  Here are some practical ways to be involved:

  1. Security Training – Information Technology is offering cyber security awareness training for faculty and staff. This training is comprised of three modules, “Email Security,” “Safe Social Networks,” and “URL Training.” Each module takes around 15 minutes to complete.  Please contact the Helpdesk for the web address.
  2. Security Measures with Google – Did you know that Google provides users with tools to help protect your account?  Do you know what a phishing message looks like and how to handle it?   We are partnering with ACU’s Innovation Foundry to offer a Gmail security session on Thursday, October 19th at 11 am.  Please join us in the Innovation Foundry on the top floor of the ACU Library to learn more.  If you plan to attend, then please visit the events page to RSVP.
  3. Information Security is Our Responsibility – In honor of NCSAM — and because information security is everyone’s responsibility — we offer the following tips to help you remain vigilant with your accounts and devices.

It’s All In My Head

How do you manage information that is critical to your department’s operation?  How do you train and prepare a new hire when they join your team?  Do you know what tools ACU provides for managing your information?  We are offering a knowledge management session on Thursday, October 5th at 11 am in the Innovation Foundry.  Please join us to learn about the tools and methods that will make your department more efficient.  If you plan to attend, then please visit the Innovation Foundry events page to RSVP.

Did You Know?

Do you find it challenging to find a time that works for everyone that needs to be included in a meeting?  Google Calendar provides a Suggested Times feature, which will automatically find times and locations for you.  Suggested Times is an excellent alternative to third-party tools such as Doodle where you have to poll people for availability.  Use of the feature requires that all meeting participants share free/busy access to their calendars at a minimum.

Banner 9 Project Updates

Here are the highlights of a busy month of September as well as upcoming work:

  • We trained 125 users in the basics of Banner 9 during August and September.
  • We are preparing updates to many of the existing Banner 9 components later this month.
  • We are ramping up work to migrate Banner forms customizations to Banner 9.  We will reduce our custom form count by almost 75%. We are partnering with Ellucian to help us migrate some of these custom forms.
  • We are still targeting completion of the Administrative Banner upgrades to version 9 by the end of this year.

Information Security Is Our Responsibility

0 Commentsby   |  10.01.17  |  Security

Did you know? According to a 2016 Raytheon survey, 86 percent of young adults think that keeping the Internet safe and secure is a responsibility we all share — up 4 points from 82 percent in 2015.

As digital citizens, we are getting better about consistently protecting ourselves, our devices, and our family and friends. However, the Internet is always “on,” so we must remain vigilant and continue to connect with care to protect our mobile devices — including laptops, tablets, smartphones, and wearable technology — as well as our personal information.

  • Protect your device. Add a passcode to your cell phone, tablet, or laptop right now!
  • Use strong passwords or passphrases. Especially for online banking and other important accounts.
  • Enable multifactor authentication. Wherever possible, enable multifactor authentication, which helps secure your accounts by requiring hardware or biometrics in addition to your password.
  • Check your social media settings. Review your social media security and privacy settings frequently. Enable two-step verification whenever possible.
  • Educate yourself. Stay informed about the latest technology trends and security issues such as malware and phishing.
  • Get trained. Contact your institution’s IT, information security, or privacy office for additional resources and training opportunities.

(This content was provided by Educause.)

Major Change for Banner General Forms

0 Commentsby   |  09.22.17  |  Banner

Please note these important details regarding changes we are making to some of the old Banner 8 functionality in Administrative Banner:

  • What is changing? We are disabling access to most General forms in Banner 8.  Banner General includes forms with the letter G in the first place of the seven-letter acronym (e.g., GOAMTCH).  This change does not include some custom forms that begin with the letters GZ.  Users who try to access a General form in Banner 8 will see an error.  You must use Banner 9 to access these forms.
  • When will the changes take place? The changes will be in place by the time you arrive to work on Thursday, September 28th.
  • How do I access Banner 9? Please contact the Helpdesk.
  • Where can I find more information about Banner 9? We have answered the most common Banner 9 questions in a frequently asked questions page that is accessible through the “Banner 9 FAQs” quicklink in myACU.
  • What should I do if I experience a problem? Please contact the Helpdesk at helpdesk@acu.edu or (325) 674-4357.

 

August 2017

0 Commentsby   |  09.04.17  |  Banner, Business Intelligence, Security

August 2017 by the Numbers

  • 247 end-user support requests resolved (new record for month of August and most for single month)
  • 104 development and administration issues resolved (new record for month of August)
  • 13 projects-in-progress
  • project completed
  • 9 projects requested
  • 99.91% average uptime

Reach Out

Please remember to reach out to the Helpdesk with all of your technical inquiries and problems. The Helpdesk can be contacted by phone at 674-HELP (x4357), or at helpdesk@acu.edu. We have added a call-back feature, so you do not have to wait in the phone queue. For technology problems that are disruptive during a class, please call 674-NEED (x6333) for immediate help.

Computer Security Change

At the recommendation of the Board of Trustees, IT worked with a security company to conduct a security and risk assessment. One of the resulting recommendations was that we implement a setting to lock computers after 30 minutes of inactivity to increase safeguards around unattended workstations. This change is implemented for faculty and staff PCs and is in the process of being rolled out for Macs.

Did You Know?

We use tools to monitor availability and performance of critical applications, such as single sign-on and myACU.  Our system status report is available under the Technology tab in myACU or can be accessed directly.

Discoverer Transition

The Business Intelligence office has converted 116 reports, but many still need to be reviewed for accuracy and approved by users.  This Discoverer Transition post outlines the expectations and responsibilities for Discoverer users.  Please contact Will Wyatt, will.wyatt@acu.edu, if you have any questions.

Optimizing and Enhancing Operations

We help the university to optimize and enhance operations by adopting new applications, automating manual work, and creating integration between Banner and third-party applications.  This fall we will complete multiple projects in this realm, including automation of manual processes to change records for students who cancel enrollment and enhanced data integration between Salesforce and Banner.

Avoiding Ransomware Attacks

Phishing attacks — which often contain ransomware — pose a major risk to everyone, leaving people vulnerable to information and privacy losses, identity theft, and extortion.  Learn more about the warning signs of phishing and ransomware, the potential risks of falling prey to an attack, and how you can protect yourself.

Banner 9 Project Updates

Here are the highlights of a busy month of August as well as upcoming work:

  • In preparation for the start of the Fall 2017 term, we installed updates to Accounts Receivable, General and Student.
  • We trained over 100 users in the basics of Banner 9 and have two more sessions scheduled in September.
  • The first Financial Aid 9 update is ready for testing with a go-live to-be-determined.
  • We are preparing updates to existing Banner 9 components during September and October.
  • We are ramping up work to migrate Banner forms customizations to Banner 9.  We will reduce our custom form count by almost 75%.

Avoiding Ransomware Attacks

0 Commentsby   |  09.01.17  |  Security

Ransomware is a type of malware designed to encrypt users’ files or lock their operating systems so attackers can demand a ransom payment. According to a 2016 Symantec report, the average ransom demand is almost $700 and “consumers are the most likely victims of ransomware, accounting for 57 percent of all infections between January 2015 and April 2016.”

Similar to a phishing attack, ransomware executes when a user is lured to click on an infected link or email attachment or to download a file or software drive while visiting a rogue website. Sophisticated social engineering techniques are used to entice users to take the desired action; examples include

  • an embedded malicious link in an email offers a cheap airfare ticket (see figure 1);
  • an e-mail that appears to be from Google Chrome or Facebook invites recipients to click on an image to update their web browser (see figure 2); or
  • a well-crafted website mimics a legitimate website and prompts users to download a file or install an update that locks their PC or laptop.
Figure 1. Phishing e-mail with ransomware embedded in a link
Figure 1. Phishing e-mail with ransomware embedded in a link
Figure 2. A fake Google Chrome e-mail
Figure 2. A fake Google Chrome e-mail

To avoid becoming a victim of ransomware, users can follow these tips:

  • Delete any suspicious e-mail. Messages from unverified sources or from known sources that offer deals that sound too good to be true are most likely malicious (see figure 3). If in doubt, contact the alleged source by phone or by using a known, public e-mail address to verify the message’s authenticity.
  • Avoid clicking on unverified email links or attachments. Suspicious links might carry ransomware (such as the CryptoLocker Trojan).
  • Use e-mail filtering options whenever possible. Email or spam filtering can stop a malicious message from reaching your inbox.
  • Install and maintain up-to-date antivirus software. Keeping your operating system updated with the latest virus definitions will ensure that your security software can detect the latest malware variations.
  • Update all devices, software, and plug-ins on a regular basis. Check for operating system, software, and plug-in updates often — or, if possible, set up automatic updates — to minimize the likelihood of someone holding your computer or files for ransom.
  • Back up your files. Back up the files on your computer, laptop, or mobile devices frequently so you don’t have to pay the ransom to access locked files.
Figure 3. An example ransomware e-mail message
Figure 3. An example ransomware e-mail message
(This content was provided by Educause.)

July 2017

0 Commentsby   |  08.07.17  |  Banner, Business Intelligence, Security, Uncategorized

Did You Know?

We increased third-party application integrations by 34% over the last four years, which represents the largest growth in our service portfolio.  This increase follows a national trend where institutions are frequently adopting cloud-based solutions that integrate with core services like Banner and single sign-on.  Some of our most recent integrations include Barnes & Noble for ID card usage in the bookstore, TeamDynamix for IT support ticket management, and What’s Happening on the Hill for Student Life activities.  We have five new integrations scheduled for completion over the next six months.

Discoverer Transition

The Business Intelligence office is on track to transition Discoverer reports to Cognos by December 31, 2017. Discoverer users have been contacted about transition plans. Please visit the Analytics blog for more information about the transition.

Are You Considering A New Software Implementation?

Please include us, even if the IT impact seems minimal so that we can ask questions, provide feedback, and plan ahead before committing.  We compiled some questions on our New Software Inquiry page to help guide those who are exploring a new software or service. You can share this page with a potential vendor so that they can answer the questions directly.

Are You Practicing Safe Social Networking?

Millions of Internet users engage in social networking, and many of them assume they are in a safe, controlled environment. However, social networking presents unique security challenges and risks.  Here are some tips to use social media safely and own your online presence.

Banner 9 Project Update

We are making more progress towards completion of the Administrative Banner updates we have planned for the rest of the year:

  • We will install updates to many existing Banner 9 components over the next two weeks, which will resolve numerous issues and prepare us for the start of the Fall 2017 term.
  • We are providing user training sessions to better prepare folks for Banner 9, with seven sessions scheduled over the next two and a half weeks.
  • The first Accounts Receivable 9 update is tentatively scheduled to go live this month.
  • The first Financial Aid 9 update is ready for testing with a go-live to-be-determined.

July 2017 by the Numbers

  • 164 end-user support requests resolved (new record for month of July)
  • 65 development and administration issues resolved (new record for month of July)
  • 11 projects-in-progress
  • project completed
  • 5 projects requested
  • 99.99% average uptime

Are You Practicing Safe Social Networking?

0 Commentsby   |  08.01.17  |  Security

Who Else Is Online? Social media sites are not well-monitored playgrounds with protectors watching over you to ensure your safety. When you use social media, do you think about who might be using it besides your friends and connections? Following are some of the other users you may encounter.

  • Identity thieves. Cybercriminals need only a few pieces of information to gain access to your financial resources. Phone numbers, addresses, names, and other personal information can be harvested easily from social networking sites and used for identity theft. Cybercrime attacks have moved to social media, because that’s where cybercriminals get their greatest return on investment.
  • Online predators. Are your friends interested in seeing your class schedule online? Well, sex offenders or other criminals could be as well. Knowing your schedule and your whereabouts can make it very easy for someone to victimize you, whether it’s breaking in while you’re gone or attacking you while you’re out.
  • Employers. Most employers investigate applicants and current employees through social networking sites and/or search engines. What you post online could put you in a negative light to prospective or current employers, especially if your profile picture features you doing something questionable or “less than clever.” Think before you post a compromising picture or inflammatory status. (And stay out of online political and religious discussions!)

How Do I Protect My Information? Although there are no guaranteed ways to keep your online information secure, following are some tips to help keep your private information private.

  • Don’t post personal or private information online! The easiest way to keep your information private is to NOT post it. Don’t post your full birthdate, address, or phone numbers online. Don’t hesitate to ask friends to remove embarrassing or sensitive information about you from their posts, either. You can NEVER assume the information you post online is private.
  • Use privacy settings. Most social networking sites provide settings that let you restrict public access to your profile, such as allowing only your friends to view it. (Of course, this works only if you allow people you actually know to see your postings — if you have 10,000 “friends,” your privacy won’t be very well protected.)
  • Review privacy settings regularly. It’s important to review your privacy settings for each social networking site; they change over time, and you may find that you’ve unknowingly exposed information you intended to keep private.
  • Be wary of others. Many social networking sites do not have a rigorous process to verify the identity of their users. Always be cautious when dealing with unfamiliar people online. Also, you might receive a friend request from someone masquerading as a friend. Here’s a cool hint — if you use Google Chrome, right-click on the photo in a LinkedIn profile and choose Google image search. If you find that there are multiple accounts using the same image, all but one is probably spurious.
  • Search for yourself. Do you know what information is readily available about you online? Find out what other people can easily access by doing a search. Also, set up an automatic search alert to notify you when your name appears online. (You may want to set alerts for your nicknames, phone numbers, and addresses as well; you may very well be surprised at what you find.)
  • Understand the role of hashtags. Hashtags (#) are a popular way to provide clever commentary or to tag specific pictures. Many people restrict access to their Instagram accounts so that only their friends can see their pictures. However, when someone applies a hashtag to a picture that is otherwise private, anyone who searches for that hashtag can see it.

My Information Won’t Be Available Forever, Will It? Well, maybe not forever, but it will remain online for a lot longer than you think.

  • Before posting anything online, remember the maxim “what happens on the web, stays on the web.” Information on the Internet is public and available for anyone to see, and security is never perfect. With browser caching and server backups, there is a good chance that what you post will circulate on the web for years to come. So: be safe and think twice about anything you post online.
  • Share only the information you are comfortable sharing. Don’t supply information that’s not required. Remember: You have to play a role in protecting your information and staying safe online. No one will do it for you.

(This content was provided by Educause.)

G Suite Security Tech Tune-Up

0 Commentsby   |  07.14.17  |  Security, google

Earlier this week, Jeff Brawley (Senior Systems Analyst and G Suite Administrator) provided a Gmail security session that walked attendees through tips to address phishing messages and make use of tools that Google provides to help secure your account.  Please see the Innovation Foundry’s post for information, including a link to the presentation.

June 2017

0 Commentsby   |  07.07.17  |  Banner, Security, tips

Did You Know?

Did you know that Google provides users with tools to help protect your account?  Do you know what a phishing message looks like and how to handle it?   We are partnering with ACU’s Innovation Foundry to offer a Gmail security session on Thursday, July 13th at 11 am.  Please join us in the Innovation Foundry on the top floor of the ACU Library to learn more.  If you plan to attend, then please visit the events page to RSVP.

You Can Do That?

Do you find yourself typing the same reply in an email when someone sends you a standard question?  Do you send messages on a regular basis that have a particular format and layout that you end up retyping or copying and pasting from a previously-sent message?  Gmail includes a Labs feature called Canned Responses that can help with this.  Watch this helpful video or follow the steps to set this up in your Gmail account.

Think You’ve Been Hacked?

Compromised accounts happen. Quick identification and response can reduce the harm done to your account and your information. Here are some signs to help you determine if you have been hacked as well as steps you can take to recover.

Banner 9 Project Update

We crossed the halfway point in the Banner 9 upgrade process for Administrative Banner in June with the upgrades to Banner Finance and Banner Student.  Here are some upcoming milestones:

  • Accounts Receivable 9 update testing is underway with a go-live targeted later this month.
  • We are applying updates to address known issues with Application Navigator, General 9, and Student 9. We intend to apply these updates to production by the end of the month.
  • Financial Aid 9 update testing will start this month with a go-live to-be-determined.

We continue to target completion of all Administrative Banner updates by the end of 2017.

June 2017 by the Numbers

  • 183 end-user support requests resolved (new record for month of June)
  • 115 development and administration issues resolved (new record for month of June)
  • 10 projects-in-progress
  • project completed
  • 4 projects requested
  • 99.95% average uptime

Think You’ve Been Hacked? Here’s How to Shake It Off!

0 Commentsby   |  07.01.17  |  Security

Face it: Hackers Gonna Hack. How to know if you’ve been hacked?

  • Your friends tell you. They’ve received a spammy or phishy e-mail from your account.
  • Your phone tells you. Collection companies are calling about nonpayment. Battery and data usage are higher than normal. Charges for premium SMS numbers show up on your bill.
  • Your browser tells you. Unwanted browser toolbars, homepages, or plugins appear unexpectedly. You’re seeing lots of pop-ups or web page redirects. Your online passwords aren’t working.
  • Your software tells you. New accounts appear on your device. Antivirus messages report that the virus hasn’t been cleaned or quarantined. You see fake antivirus messages from software you don’t remember installing. Programs are running or requesting elevated privileges that you did not install. Programs randomly crash.
  • Your bank tells you. You receive a message about insufficient funds due to unauthorized charges.
  • Your mail tells you. You receive a notification from a company that has recently suffered a cybersecurity breach.

Shake it off. Following are the steps you can take to recover.

  1. Change your affected passwords using an unaffected device. Not sure which passwords are affected? It’s best to change them all.
  2. Update your mobile software and apps. Make sure you keep them up-to-date.
  3. Update your antivirus software. Then run a complete scan. Follow the instructions provided to quarantine or delete any infected files.
  4. Update your browser software and plugins. Check frequently for new updates and delete any unnecessary or obsolete plugins.
  5. Is your computer still acting wonky? It might be best to start from scratch with a complete reformat of your machine so you can ensure that all affected software is fixed.
  6. Self-report to credit agencies. If you believe your personally identifiable information has been affected, you don’t want to deal with identity theft on top of being hacked.
  7. Be prepared with backups. Don’t let the next compromise ruin your day. Backup your files frequently. Consider storing at least two separate backups: one on an external drive and one in cloud storage.
  8. Stay ahead of the hackers. Check the Have I been pwned website to see if your accounts were hacked in a known attack.

(This content was provided by Educause.)