Are You Practicing Safe Social Networking?

0 Commentsby   |  08.01.17  |  Security

Who Else Is Online? Social media sites are not well-monitored playgrounds with protectors watching over you to ensure your safety. When you use social media, do you think about who might be using it besides your friends and connections? Following are some of the other users you may encounter.

  • Identity thieves. Cybercriminals need only a few pieces of information to gain access to your financial resources. Phone numbers, addresses, names, and other personal information can be harvested easily from social networking sites and used for identity theft. Cybercrime attacks have moved to social media, because that’s where cybercriminals get their greatest return on investment.
  • Online predators. Are your friends interested in seeing your class schedule online? Well, sex offenders or other criminals could be as well. Knowing your schedule and your whereabouts can make it very easy for someone to victimize you, whether it’s breaking in while you’re gone or attacking you while you’re out.
  • Employers. Most employers investigate applicants and current employees through social networking sites and/or search engines. What you post online could put you in a negative light to prospective or current employers, especially if your profile picture features you doing something questionable or “less than clever.” Think before you post a compromising picture or inflammatory status. (And stay out of online political and religious discussions!)

How Do I Protect My Information? Although there are no guaranteed ways to keep your online information secure, following are some tips to help keep your private information private.

  • Don’t post personal or private information online! The easiest way to keep your information private is to NOT post it. Don’t post your full birthdate, address, or phone numbers online. Don’t hesitate to ask friends to remove embarrassing or sensitive information about you from their posts, either. You can NEVER assume the information you post online is private.
  • Use privacy settings. Most social networking sites provide settings that let you restrict public access to your profile, such as allowing only your friends to view it. (Of course, this works only if you allow people you actually know to see your postings — if you have 10,000 “friends,” your privacy won’t be very well protected.)
  • Review privacy settings regularly. It’s important to review your privacy settings for each social networking site; they change over time, and you may find that you’ve unknowingly exposed information you intended to keep private.
  • Be wary of others. Many social networking sites do not have a rigorous process to verify the identity of their users. Always be cautious when dealing with unfamiliar people online. Also, you might receive a friend request from someone masquerading as a friend. Here’s a cool hint — if you use Google Chrome, right-click on the photo in a LinkedIn profile and choose Google image search. If you find that there are multiple accounts using the same image, all but one is probably spurious.
  • Search for yourself. Do you know what information is readily available about you online? Find out what other people can easily access by doing a search. Also, set up an automatic search alert to notify you when your name appears online. (You may want to set alerts for your nicknames, phone numbers, and addresses as well; you may very well be surprised at what you find.)
  • Understand the role of hashtags. Hashtags (#) are a popular way to provide clever commentary or to tag specific pictures. Many people restrict access to their Instagram accounts so that only their friends can see their pictures. However, when someone applies a hashtag to a picture that is otherwise private, anyone who searches for that hashtag can see it.

My Information Won’t Be Available Forever, Will It? Well, maybe not forever, but it will remain online for a lot longer than you think.

  • Before posting anything online, remember the maxim “what happens on the web, stays on the web.” Information on the Internet is public and available for anyone to see, and security is never perfect. With browser caching and server backups, there is a good chance that what you post will circulate on the web for years to come. So: be safe and think twice about anything you post online.
  • Share only the information you are comfortable sharing. Don’t supply information that’s not required. Remember: You have to play a role in protecting your information and staying safe online. No one will do it for you.

(This content was provided by Educause.)

G Suite Security Tech Tune-Up

0 Commentsby   |  07.14.17  |  Security, google

Earlier this week, Jeff Brawley (Senior Systems Analyst and G Suite Administrator) provided a Gmail security session that walked attendees through tips to address phishing messages and make use of tools that Google provides to help secure your account.  Please see the Innovation Foundry’s post for information, including a link to the presentation.

June 2017

0 Commentsby   |  07.07.17  |  Banner, Security, tips

Did You Know?

Did you know that Google provides users with tools to help protect your account?  Do you know what a phishing message looks like and how to handle it?   We are partnering with ACU’s Innovation Foundry to offer a Gmail security session on Thursday, July 13th at 11 am.  Please join us in the Innovation Foundry on the top floor of the ACU Library to learn more.  If you plan to attend, then please visit the events page to RSVP.

You Can Do That?

Do you find yourself typing the same reply in an email when someone sends you a standard question?  Do you send messages on a regular basis that have a particular format and layout that you end up retyping or copying and pasting from a previously-sent message?  Gmail includes a Labs feature called Canned Responses that can help with this.  Watch this helpful video or follow the steps to set this up in your Gmail account.

Think You’ve Been Hacked?

Compromised accounts happen. Quick identification and response can reduce the harm done to your account and your information. Here are some signs to help you determine if you have been hacked as well as steps you can take to recover.

Banner 9 Project Update

We crossed the halfway point in the Banner 9 upgrade process for Administrative Banner in June with the upgrades to Banner Finance and Banner Student.  Here are some upcoming milestones:

  • Accounts Receivable 9 update testing is underway with a go-live targeted later this month.
  • We are applying updates to address known issues with Application Navigator, General 9, and Student 9. We intend to apply these updates to production by the end of the month.
  • Financial Aid 9 update testing will start this month with a go-live to-be-determined.

We continue to target completion of all Administrative Banner updates by the end of 2017.

June 2017 by the Numbers

  • 183 end-user support requests resolved (new record for month of June)
  • 115 development and administration issues resolved (new record for month of June)
  • 10 projects-in-progress
  • project completed
  • 4 projects requested
  • 99.95% average uptime

Think You’ve Been Hacked? Here’s How to Shake It Off!

0 Commentsby   |  07.01.17  |  Security

Face it: Hackers Gonna Hack. How to know if you’ve been hacked?

  • Your friends tell you. They’ve received a spammy or phishy e-mail from your account.
  • Your phone tells you. Collection companies are calling about nonpayment. Battery and data usage are higher than normal. Charges for premium SMS numbers show up on your bill.
  • Your browser tells you. Unwanted browser toolbars, homepages, or plugins appear unexpectedly. You’re seeing lots of pop-ups or web page redirects. Your online passwords aren’t working.
  • Your software tells you. New accounts appear on your device. Antivirus messages report that the virus hasn’t been cleaned or quarantined. You see fake antivirus messages from software you don’t remember installing. Programs are running or requesting elevated privileges that you did not install. Programs randomly crash.
  • Your bank tells you. You receive a message about insufficient funds due to unauthorized charges.
  • Your mail tells you. You receive a notification from a company that has recently suffered a cybersecurity breach.

Shake it off. Following are the steps you can take to recover.

  1. Change your affected passwords using an unaffected device. Not sure which passwords are affected? It’s best to change them all.
  2. Update your mobile software and apps. Make sure you keep them up-to-date.
  3. Update your antivirus software. Then run a complete scan. Follow the instructions provided to quarantine or delete any infected files.
  4. Update your browser software and plugins. Check frequently for new updates and delete any unnecessary or obsolete plugins.
  5. Is your computer still acting wonky? It might be best to start from scratch with a complete reformat of your machine so you can ensure that all affected software is fixed.
  6. Self-report to credit agencies. If you believe your personally identifiable information has been affected, you don’t want to deal with identity theft on top of being hacked.
  7. Be prepared with backups. Don’t let the next compromise ruin your day. Backup your files frequently. Consider storing at least two separate backups: one on an external drive and one in cloud storage.
  8. Stay ahead of the hackers. Check the Have I been pwned website to see if your accounts were hacked in a known attack.

(This content was provided by Educause.)

May 2017

0 Commentsby   |  06.05.17  |  Banner, Ellucian, Security

Did you know?

We support teaching and learning by integrating Banner and single sign-on with essential services such as the Canvas learning management system (LMS).  During the Spring 2017 term, 828 courses taught through the main campus used the Canvas course tool, which involved 314 faculty and 3,916 students.

Our Service Portfolio

We maintain a service portfolio of 131 services that support critical operations of the university.  Services include Banner, myACU, single sign-on, CS Gold ID card system, and much more.  We implemented 11 new services and removed nine services during the fiscal year 2017 (June 2016 through May 2017).    Eight out of the 11 new services were data integrations with services like Banner, which continues a multi-year trend where most new projects involve integration work.

Basic Steps to Online Safety and Security

Follow these six National Cyber Security Alliance recommendations to better protect yourself online and make the Internet more secure for everyone.

Google Security Tools

Google provides G Suite users with multiple tools to help protect your account and address potential security issues.  You can use these helpful resources to manage your account and combat phishing attempts.

Banner 9

We will cross the halfway point in the Banner 9 upgrade process for Administrative Banner in June with the upgrades to Banner Finance and Banner Student. Next up is Accounts Receivable 9, which will start this week.  We are refining our project timeline for the remaining Administrative Banner 9 updates, Self-Service Banner 9 updates, and custom form conversions. We are still targeting completion of all Administrative Banner updates by the end of 2017.

May 2017 by the Numbers

  • 222 end-user support requests resolved (new record for month of May)
  • 105 development and administration issues resolved (new record for month of May)
  • 14 projects-in-progress
  • project completed
  • 5 projects requested
  • 99.59% average uptime

Google Security Tools

0 Commentsby   |  06.05.17  |  Security, google

Google provides G Suite users with multiple tools to help protect your account:

  1. Last account activity – When you are logged into Gmail, Google provides a helpful “Details” link in the bottom right corner of the page that provides information about the last activity on your account. The Last account activity help article provides more details.
  2. Report a phishing message – Please use these steps to proactively report a message that you believe is a phishing attempt.
  3. Security Checkup tool – The tool will walk you step-by-step through review of your settings as well as connected devices and third-party applications.  You can follow these steps to use the tool.
  4. New warnings for employees to prevent data loss – Last week, Google released a new feature to help users prevent data loss through unintended replies to an external email address. You can view Google’s post for more details.

Basic Steps to Online Safety and Security

0 Commentsby   |  06.01.17  |  Security

Follow these six National Cyber Security Alliance recommendations to better protect yourself online and make the Internet more secure for everyone:

  • Fortify each online account or device. Enable the strongest authentication tools available. This might include biometrics, security keys, or unique one-time codes sent to your mobile device. Usernames and passwords are not enough to protect key accounts such as e-mail, banking, and social media.
  • Keep a clean machine. Make sure all software on Internet-connected devices — including PCs, laptops, smartphones, and tablets — are regularly updated to reduce the risk of malware infection.
  • Personal information is like money. Value it. Protect it. Information about you, such as purchase history or location, has value — just like money. Be thoughtful about who receives that information and how it’s collected by apps or websites.
  • When in doubt, throw it out. Cybercriminals often use links to try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.
  • Share with care. Think before posting about yourself and others online. Consider what a post reveals, who might see it, and how it could be perceived now and in the future.
  • Own your online presence. Set the privacy and security settings on websites to your comfort level for information sharing. It’s okay to limit how and with whom you share information.

(This content was provided by Educause.)

April 2017

0 Commentsby   |  05.04.17  |  Banner, Security

April 2017 by the numbers:

  • 192 end-user support requests resolved (new record for month of April)
  • 117 development and administration issues resolved (new record for month of April)
  • 126 development and administration issues created
  • 11 projects in-progress
  • project completed
  • 5 projects requested
  • 99.82% average uptime

Step Up to Stronger Passwords

A password is often all that stands between you and sensitive data. It’s also often all that stands between a cybercriminal and your account. Here are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.

Banner 9

We successfully updated to Banner General 9 on April 7th and Banner Human Resources 9 on May 1st.  In the next seven weeks, we will upgrade Finance and Student, which will move us past the half-way point in the update process.  We are developing a timeline for the remaining Administrative Banner 9 updates as well as Self-Service Banner 9 updates.  We are still targeting completion of all Administrative Banner updates by the end of 2017.

What else is going on?

  • Custom Administrative Banner forms – We must migrate custom forms to Banner 9, which requires a significant investment in work and/or dollars.  A custom form is a form that was created by ACU programmers and is identified by the letter Z in the second place of the seven-letter acronym.  We are gathering feedback from various users to help us determine if forms need to persist or can be retired in favor of baseline functionality in the Banner platform.
  • New Student Orientation (NSO) course – We partnered with the Academic Advising Center to automatically enroll NSO registrants in a Canvas course that will help prepare incoming students for their time at ACU.  Students are automatically added to this course once they register for one of the NSO orientation sessions.
  • Cybersecurity – The security of the services we administer and support is a crucial element of our work.  This includes routine activities, such as proactively addressing vulnerabilities, applying application updates, and monitoring application activity. In the last month, we collaborated with a third-party security audit firm to complete a security audit, which will help us better protect our users and services.


Step Up to Stronger Passwords

0 Commentsby   |  05.01.17  |  Security

A password is often all that stands between you and sensitive data. It’s also often all that stands between a cybercriminal and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.

  • Always: Use a unique password for each account so one compromised password does not put all of your accounts at risk of takeover.
  • Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and/or symbols — such as pAMPh$3let. Complex passwords can be challenging to remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also difficult to type on a smartphone keyboard (for an easy password management option, see “best” below).
  • Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes its exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger — such as rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read on.
  • Best: The strongest passwords are created by password managers — software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account. Keep reading!
  • Step it up! When you use two-step verification (a.k.a., two-factor authentication or login approval), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive an authorization check on your smartphone or other registered device. Without that second piece, a password thief can’t get into your account. It’s the single best way to protect your account from cybercriminals.

(This content was provided by Educause.)

March 2017

0 Commentsby   |  04.05.17  |  Banner, Security

March 2017 by the numbers:

  • 165 end-user support requests resolved
  • 96 development and administration issues resolved
  • 114 development and administration issues created
  • 10 projects in-progress
  • project completed
  • 3 projects requested
  • 99.95% average uptime
  • 162 people attended Banner 9 information sessions in February and March

Don’t Be Fooled! Protect Yourself and Your Identity

According to the US Department of Justice, more than 17 million Americans were victims of identity theft in 2014. EDUCAUSE research shows that 21 percent of respondents to the annual ECAR student study have had an online account hacked, and 14 percent have had a computer, tablet, or smartphone stolen. Online fraud is an ongoing risk. Here some tips that can help you prevent identity theft.

Banner 9

We are excited to announce that Phase 1 of major improvements to Administrative Banner are coming this week. Banner 9 (formerly Banner XE) will significantly improve your ability to use Banner, with Java no longer required once all project phases are completed.  You can view more details in a separate post on the Computing Services blog.

What else is going on?

  • Next Banner 9 projects – Much of our work is centered around Banner 9 updates right now.  We are working on multiple projects related to the next phases, which include updates to Finance, Human Resources and Student. During the month of April we will identify timelines to address more of our custom forms as well as Self-Service Banner functionality.
  • Project, projects, projects – Spring 2017 has been busy with multiple projects in-progress and six project requests submitted over the course of March and February.  The next few months will be busy between these requests and our ongoing Banner 9 work.