Hab Adkins's Archive

August 2018

0 Commentsby   |  09.06.18  |  Uncategorized

August 2018, By The Numbers

  • 221 end-user support requests resolved
  • 140 development and administration issues resolved (new August record)
  • projects-in-progress
  • projects completed (meal plan system migration to Adirondack, blogs.acu.edu update)
  • projects requested (blogs.acu.edu update, Discover-Cognos transition support, Oracle database major upgrades)
  • 99.91% average uptime

Do you want to Meet?

Hangouts Meet is Google’s enterprise-friendly version of Hangouts, which you can use for video conferencing.  Hangouts Meet provides an improved interface that is designed for HD-quality video meetings and includes a free call-in number for users who cannot participate online.  You can start a new Meet by visiting meet.google.com or adding the Hangouts Meet conferencing option to Google Calendar events.

Project Updates

  • Single sign-on update – Later this month we will update our single sign-on service to a newer release, which keeps us up-to-date and prepares us to implement multi-factor authentication later this year.
  • Slate migration – Undergraduate admissions will go live with Slate CRM next week, which will introduce an improved and modern system for recruiting and admissions just in time to share admissions decisions with next year’s class.
  • InnoSoft Fusion for SRWC – The Student Recreation and Wellness Center is implementing a recreation management system to streamline and centralize processes that are spread across multiple systems.  We are creating the integration with Banner and the ID card system so that data will automatically flow between the systems.

Do You Have a Personal Backup Plan?

Most of us would like to say that we are incredibly diligent about protecting our data and backing it up on a regular basis. However, we know that this is not always the case. Fortunately, backups are easier than ever before thanks to the options available.  Find out more about the importance of backups and the steps you can take.

Do You Have a Personal Backup Plan?

0 Commentsby   |  09.03.18  |  Security

The only way to protect yourself against valuable data loss is through regular backups. Ideally, important files should be backed up at minimum once a week, or every day, depending on how critical they are to you. This can be done manually, automatically, or using a combination of the two methods. (Briefly review this 2017 backup awareness survey to see how often most computer owners backup their data. Do you fall into the daily, weekly, monthly, annually, or never category?)

When it comes to backups, just like security, you want to find a balance between being thorough but efficient. We have all heard disastrous stories about losing homework due to the blue screen of death or a lost cell phone that tragically stored the only copy of family photos. Also, you could fall victim to ransomware or another malicious attack that leaves you with no choice but to reimage your computer. It never hurts to consider your backup strategy and come up with a plan that leaves you feeling safe and secure. Here are some tips to get you started.

  • Data loss happens all the time, but it is entirely preventable. You just need to create a backup plan.
  • Your critical data should never reside in a single place.
  • The ideal backup strategy will typically include both an online backup service (e.g., Dropbox, Box, OneDrive, Google Drive, CrashPlan, iCloud) and an offline backup utility (e.g., external hard drives, flash drives) to ensure your data is secure no matter what happens to your mobile device or computer.
  • Running consistent, automatic backups is a straightforward process that will take little time to set up and will require even less to maintain.
  • Backups can be configured to run in real time when files on your computer are changed.
  • Routinely test your backup solution to ensure you can recover your data if you do actually need to restore from a backup.

(This content was provided by Educause.)

July 2018

0 Commentsby   |  08.09.18  |  Uncategorized

July 2018, By The Numbers

  • 110 end-user support requests resolved
  • 61 development and administration issues resolved
  • projects-in-progress
  • projects completed (Banner Advancement 9, Banner Advancement custom forms, and remote IT services transition)
  • projects requested
  • 99.99% average uptime

ACU Files End-of-life

Xythos (aka Files, ACU Files, myACU Files, dropbox system) will be removed from service on Thursday, December 20, 2018.  The change will impact those who use Xythos for classes, personal web space, personal home space, and departmental shares.  Information Technology personnel are coordinating with individuals and departments to ensure a smooth transition well in advance of the end date.  Users of these services will receive targeted communications with more details soon. 

Project Updates

  • Banner 9 status – With the go-live of Banner Advancement 9 on July 23rd, we only have a few remaining items left in the Administrative Banner modernization project, which includes migration of two custom forms and the Banner Financial Aid 9 go-live.  We anticipate completion of the work later this fall.
  • Dining services change – The university’s transition to Chartwells required our work to integrate Chartwells’ point-of-sale (POS) system with our ID card system, in addition to work by our colleagues in Enterprise Infrastructure for network connectivity and construction projects.
  • Slate CRM go-live – Residential graduate admissions and undergraduate admissions are transitioning to Slate CRM after use of Talisma since 2006. Slate gives the admissions groups an improved and modern system for recruiting and admissions.  We are creating the integration with Banner so that data will automatically flow between the two systems.

Are You Ready for Ransomware?

0 Commentsby   |  08.02.18  |  Security

What Is Ransomware?

Ransomware is a type of malicious software that encrypts your files. Often, the only way to decrypt and gain access to the files is by paying a “ransom” or fee to the attackers. The attackers might provide the decryption key allowing you to regain access to your files. Ransomware may spread to any shared networks or drives to which your devices are connected. We are continuing to see ransomware attacks and expect their frequency to increase.

How Can I Get Infected with Ransomware?
Common vectors for ransomware attacks include e-mails with malicious attachments or links to malicious websites. It’s also possible to get an infection through instant messaging or texts with malicious links. Antivirus may or may not detect a malicious attachment, so it’s important for you to be vigilant.

How Can I Protect Myself Against Ransomware?
There are two steps to protection against ransomware:

  • Preparation. Back up your information regularly. Once a ransomware infection occurs, it’s often too late to recover the encrypted information. Your research project or other important information may be lost permanently. For more information on backups, visit RIT’s best practices web page.
  • Identification. Ransomware typically appears as phishing e-mails, either with links to malicious websites or infected files attached. You might also see a ransomware attack perpetrated through a pop-up telling you that your computer is infected and asking you to click for a free scan. Another possible vector is malvertising, malicious advertising on an otherwise legitimate website.

Probably the Most Important Steps You Can Take to Prepare…

  • Ensure that your information is backed up regularly and properly. Because ransomware can encrypt the files on your computer and any connected drives (potentially including connected cloud drives such as Dropbox), it’s important to back up your files regularly to a location that you’re not continuously connected to. To determine the backup capabilities available to you contact your IT service desk.
  • Ensure that you’re able to restore files from your backups. Again, work with your IT support personnel to discuss how to test restore capabilities.
  • Ensure that antivirus/antimalware is up to date and functioning. Antivirus may detect malicious attachments.
  • Ensure that you’re keeping your system (and mobile devices) up to date with patches. If you’re prompted by your computer or mobile device to accept updates, accept them at your earliest convenience.
  • Don’t do day-to-day work using an administrator account. A successful ransomware attack will have the same permissions that you have when working. (If you’re not using an account with administrator privileges, the initial attack may be foiled.)

What Do I Do If I Think I’m Infected?

  • Report the ransomware attack to your service desk immediately.
  • Isolate or shut down the infected computer. (If you’re on Wi-Fi, turn off the Wi-Fi. If you’re plugged into the network, unplug the computer. Infected systems should be removed from the network as soon as possible to prevent ransomware from attacking network or shared drives.)

(This content was provided by Educause.)

June 2018

0 Commentsby   |  07.11.18  |  Uncategorized

June 2018, By The Numbers

Here are Computing Services’ statistics for June 2018:

  • 157 end-user support requests resolved
  • 84 development and administration issues resolved
  • 10 projects-in-progress
  • projects completed (PageUp, Banner Finance 9 update, and Ellucian Ethos Integration)
  • project requested (move to Strata Information Group for remote IT services)
  • 99.87% average uptime

New Services and Transitions

The month of June included the introduction of new services and some transitions:

  • PageUp go-live – The new talent management system, PageUp, went live on June 1st, which completed a collaborative project with Human Resources that started in mid-October 2017.  PageUp streamlines processes and includes integration with Banner.
  • Ellucian Ethos Integration go-live – The Ethos Integration platform standardizes integrations between Banner and third-party applications.  We are working with multiple vendors to establish integrations in the coming months.
  • Remote IT services change – We transitioned to Strata Information Group (SIG) for remote administration of Banner updates and Oracle databases, which signaled the end of a six-year relationship with Ellucian for similar services.  The move to SIG provides operational efficiencies for some of our most critical applications and will allow us to control costs better.  We appreciate the work that Ellucian completed on our behalf, including the move to Banner 9.
  • Student Financial Services work – We helped Student Financial Services prepare Fall 2018 aid and bills, submit regulatory reports, test Banner Financial Aid 9, and navigate personnel changes. We anticipate similar tasks this month as the Fall 2018 term nears.

 

Secure Remote Access—Easy as A, B, C

0 Commentsby   |  07.01.18  |  Security

It is well publicized that today’s attackers are ever vigilant in their attempts to uncover weak points in networks, computers, and mobile devices to establish a foothold and leverage vulnerabilities, thus resulting in the compromise of critical assets or personal information. Areas of concern that can lead to a breach include the lack of physical security controls available at remote locations, the use of unsecured networks, and the connection of infected devices to internal networks. The challenge is especially daunting when:

  1. Staff, faculty, and students are accustomed to using use free public Wi-Fi hotspots, and some will use them to access institutional e-mails and documents.
  2. Some campus employees will e-mail work documents to and from their personal account, despite numerous security problems this creates.
  3. Some campus employees will use free USB charging ports available at airports and other public places. These ports pose the risk of transferring viruses and malware to unsuspecting users.

Planning for Secure Remote Access

  • Assume the worst will occur and plan accordingly. Laptops and other wireless devices are prone to loss or theft. External networks not controlled by an institution are especially susceptible to compromise and data interception. Finally, remote users’ devices may eventually become infected with malware.
  • Develop an appropriate remote access policy. It should define what’s allowable concerning remote access. Data sensitivity is another factor to be considered, as access to confidential or sensitive information should be restricted.
  • Configure remote access servers to enforce policies. Consider the placement of remote access servers at the network perimeter, so it serves as a single point of entry to the network and enforces the security policy before any remote access traffic is permitted into internal networks.
  • Ensure personal devices are secured against common threats. Remote devices should receive the same security applications, software, and devices as those found on campus. They should employ antivirus software and data loss protection capabilities, whenever possible.
  • Employ strong user authentication. Many external security threats will be mitigated through the deployment of multifactor authentication.
  • Create a remote access policy. Users should take every reasonable precaution to ensure their remote access connections are secured from interception, eavesdropping, or misuse. To facilitate this, anyone remotely accessing campus resources for business, maintenance, or upgrade actions should use a virtual private network (VPN) provided by the institution. Also, remind staff and faculty not save or store sensitive or restricted institutional data on any remote host or external computing (access) device.

Additional Requirements for System Administrators and End Users

  • Apply computer and mobile device security software, applications, and operating system patches and updates regularly.
  • Install and use antivirus, antispyware, and VPN software on computers, laptops, and mobile devices, keeping software definitions up-to-date and running regular scans.
  • Install and enable a hardware and/or software firewall.
  • Configure devices so that authentication is required (e.g., password, passphrase, token, or biometric authentication), runs in “least privilege” mode (e.g., the user instead of admin), and times out after a 15-minute period of inactivity.
  • Activate and use a “lock” feature before leaving the computing device unattended.
  • Set the security settings to the highest level on Internet browsers and adjust downward as necessary for Internet use.
  • At no time should a campus employee provide usernames or passwords to anyone, not even family members.

(This content was provided by Educause.)

May 2018

0 Commentsby   |  06.06.18  |  Uncategorized

May 2018, By The Numbers

Here are Computing Services’ statistics for May 2018:

  • 161 end-user support requests resolved
  • 86 development and administration issues resolved
  • 12 projects-in-progress
  • project completed (includes go-live of Blue course evaluation system)
  • project requested
  • 99.95% average uptime

Fiscal Year 2018 – The Rise of Integrations

We maintain a service portfolio of 135 services that power critical functions for the university.  We implemented 14 new services and removed 12 services during fiscal year 2018 (June 2017 through May 2018).    All 14 new services are data integrations with services like Banner and single sign-on, which follows a multi-year trend where most new projects involve integration work.  Seven of the new integrations improve the student experience, including AcademicWorks and CampusLogic for financial aid and Adirondack for on-campus housing management.

Professional Development Never Stops

The information technology industry requires us to consistently explore new technologies and gain expertise so that we adequately support the campus and remain relevant.  Every year we set learning goals to address this, which are attained by attending conferences, reading books and trade publications, and taking online courses from platforms like Coursera and Udemy.  We also participate in team activities to explore emerging technologies and discuss ways these technologies could benefit the campus.  Along the way, we gain knowledge, skills, and have fun.

Beef Up Your Physical Security

With the threat of hacking, malware, phishing, and other digital threats constantly looming, it can be easy to overlook the importance of physical security best practices.  Employing good physical security practices does not have to include hiring a detachment of the queen’s guard (though this might be an excellent attraction for prospective students!).  Here are a few basic physical security tips that can substantially improve the institution’s security risk profile.

Beef Up Your Physical Security

0 Commentsby   |  06.05.18  |  Security

Employing good physical security practices does not have to include hiring a detachment of the queen’s guard for your campus (though this might be a nice attraction for prospective students!). Instead, just getting the word out to your community about the importance of a few basic physical security tips can substantially improve your institution’s security risk profile. Below are some tips to share with your community:

  • Prevent tailgating. In the physical security world, tailgating is when an unauthorized person follows someone into a restricted space. Be aware of anyone attempting to slip in behind you when entering an area with restricted access.
  • Don’t offer piggyback rides. Like tailgating, piggybacking refers to an unauthorized person attempting to gain access to a restricted area by using social engineering techniques to convince the person with access to let them in. Confront unfamiliar faces! If you’re uncomfortable confronting them, contact campus safety.
  • Put that shredder to work! Make sure to shred documents with any personal, medical, financial, or other sensitive data before throwing away. Organizing campus-wide or smaller-scale shred days can be a fun way to motivate your community to properly dispose of paper waste.
  • Be smart about recycling or disposing of old computers and mobile devices. Make sure to properly destroy your computer’s hard drive. Use the factory reset option on your mobile devices and erase or remove SIM and SD cards.
  • Lock your devices. Protecting your mobile devices and computers with a strong password or PIN provides an additional layer of protection to your data in the event of theft. Set your devices to lock after a short period of inactivity; lock your computer whenever you walk away. If possible, take your mobile devices and/or laptop with you. Don’t leave them unattended, even for a minute!
  • Lock those doors and drawers. Stepping out of the room? Make sure you lock any drawers containing sensitive information and/or devices and lock the door behind you.
  • Encrypt sensitive information. Add an additional layer of protection to your files by using the built-in encryption tools included on your computer’s operating system (e.g., BitLocker or FileVault).
  • Back up, back up, back up! Keeping only one copy of important files, especially on a location such as your computer’s hard drive, is a disaster waiting to happen. Make sure your files will still be accessible in case they’re stolen or lost by backing them up on a regular basis to multiple secure storage solutions.
  • Don’t leave sensitive data in plain sight. Keeping sensitive documents or removable storage media on your desk, passwords taped to your monitor, or other sensitive information in visible locations puts the data at risk to be stolen by those who would do you or your institution harm. Keep it securely locked in your drawer when not in use.
  • Put the laptop in your trunk. Need to leave your laptop or other devices in your car? Lock it in your trunk (before arriving at your destination). Don’t invite criminals to break your car windows by leaving it on the seat.
  • Install a remote location tracking app on your mobile device and laptop. If your smartphone, tablet, or laptop is lost or stolen, applications such as Find My iPhone/iPad/Mac or Find My Device (Android) can help you to locate your devices or remotely lock and wipe them.

(This content was provided by Educause.)

April 2018

0 Commentsby   |  05.08.18  |  Uncategorized

April 2018, By The Numbers

Here are Computing Services’ statistics for April 2018:

  • 118 end-user support requests resolved
  • 65 development and administration issues resolved
  • 13 projects-in-progress
  • project completed (custom Banner form conversions)
  • project requested
  • 99.99% average uptime

Did You Know?

Computing Services personnel have an average of 17 years of service in the information technology industry and an average of 10 years of service to ACU.  Our highly-skilled team creates, installs, maintains and supports a dynamic service portfolio that includes a diverse set of technologies and vendors.  We are proud of our ability to attract and retain talented people who believe in ACU’s mission to educate students for Christian service and leadership throughout the world.

Use Strong Passwords and Passphrases

Identity theft is one of the fastest growing crimes out there, and it can take a lot of time, effort, and money to recover from this sort of crime.  Your passwords are the key to a host of information about you, and potentially those close to you. If someone can access your personal information, it can have serious long-term effects—and not just online!  Follow these recommendations to protect your identity while making the Internet more secure for everyone.

Use Strong Passwords and Passphrases to Lock Down Your Login!

0 Commentsby   |  05.01.18  |  Security

Your passwords are the key to a host of information about you, and potentially those close to you. If someone can access your personal information, it can have serious long-term effects—and not just online! Follow these recommendations from the World Password Day website to protect your identity while making the Internet more secure for everyone:

  • Use a passphrase instead of a password. Passphrases are usually 16 characters or more and include a combination of words or short sentence that is easy to remember (e.g., MaryHadALittleLamb!)
  • Use a fingerprint or biometric requirement to sign in when available. This provides an extra layer of protection for devices and apps.
  • Request single-use authentication codes that can be sent to your phone or delivered by an app.
  • Take advantage of whatever multifactor authentication methods are available for your service. Learn more about adding MFA to any account.
  • Use a password manager or password vault software to help keep track of all your passwords and avoid password reuse.

(This content was provided by Educause.)