Main Notices

School of Medicine Office 365 and Exchange mailbox consolidation

Information Technology will be making changes to School of Medicine Office365 accounts over the next week.  If you have an Office365 account with a mailbox as well as an Exchange mailbox, then our goal is to make it so that you will no longer have a separate inbox in Office365.  Any email addressed to your username@marshall.edu or username@live.marshall.edu will be delivered to your username@marshall.edu Exchange mailbox.   In addition, we will be archiving all of your current Office365 email to a PST file that will be stored in your O365 OneDrive account for retrieval.

We will be sending you another email the day before we consolidate your account as a courtesy reminder.   This conversion process should take anywhere from 1 to 6 hours under normal conditions.

Please contact the IT Service Desk via chat at www.marshall.edu/it, phone 304-696-3200, email itservicedesk@marshall.edu, or in person on the first floor of Drinko Library and Information Center with any questions or issues.

[Service Upgrade]: Barracuda Essentials

Marshall University Information Technology is applying a major upgrade to the email firewall service, called Barracuda Essentials, on Sunday, May 19, 2019. Barracuda Essentials provides advanced protection against fraudulent email for both Faculty/Staff email (on-premise Exchange) and Student email (Office365). It also provides security for outgoing mail to external sources, assisting in the discovery and remediation of internal, compromised accounts. MUNet account-holders will have access to a self-service interface, allowing them to view and search for messages that have been blocked or quarantined.

For more information on the benefits of this upgrade and frequently asked questions, please visit hwww.marshall.edu/it/email-security.

  • When will this occur?
    The upgrade is scheduled during the maintenance window on Sunday, May 19.
  • Who does this affect?
    All Marshall University mailboxes will be protected by Barracuda Essentials, including faculty/staff email (on-premise Exchange) and student email (Office365).
  • What do I need to do?
    No action needs to be taken on your part. Just keep an eye out for Barracuda Essentials quarantine notifications. They will have a different appearance than the former Barracuda Spam Firewall quarantine notifications, though they will have the same function.
  • What will the new Quarantine Notifications look like?
    The new Quarantine Notifications will come from quarantine@ess.barracuda.com with the Subject “Barracuda Email Security Service Quarantine Notification.”

 

    • Below is a screenshot of what a Quarantine Notification will look like in Microsoft Outlook:

Please contact the IT Service Desk via chat at www.marshall.edu/it, phone 304-696-3200, email itservicedesk@marshall.edu, or in person on the first floor of Drinko Library and Information Center if you need technical assistance.

Employee Loses $$$ In Bogus E-mail Scam

(Please don’t let this this be you.)

The Marshall University Information Technology team have received a number of reports from faculty and staff who have been recipients of a new twist on an old e-mail scam.   You may have heard of phishing before, but these scams are referred to as whaling.  They use a “big fish” to reel you in.  A whaling attack is a method used by cybercriminals to masquerade as a senior player at an organization and directly target senior or other important individuals at an organization, with the aim of stealing money or sensitive information or gaining access to their computer systems for criminal purposes.

The scam goes like this:

Step 1. Are you busy? You receive an e-mail appearing to be from someone in your organization in a position of authority.  It may be the president, a VP, your Dean or department head.  The message simply says something along the lines of ‘Are you busy?’, “Hi,” or “Urgent”.

Step 2. The follow-up exchange.  Focused on the belief that this person is requesting your help, you reply offering your assistance.  To which the sender goes on to say something like, “I’m in a meeting right now and that’s why i’m contacting you through here. I should have call you, but phone is not allowed to be use during the meeting.  I don’t know when the meeting will be rounding up, And i want you to help me out on something very important right away.

Step 3. Buy something, I’ll Reimburse you.  You are still engaged and determined to help.  You  have missed the warning flags of the non-Marshall e-mail address, the poor spelling/grammar, then the imposter makes this request, “i need you to help me get an [Apple iTunes, Google Play, or other gift card] from the store, i will REIMBURSE you. I need to send it to [nephew, donor, VIP, etc.] and it is very important cause i’m still in a meeting and i need to get it sent Asap.

Step 4. Scratch-and-Send.  If you are still engaged, here is where the money is lost.  The imposter will ask you to do something like this, “I want you to procure [qty 5, 10, 15] of $100 worth [Apple iTunes,  GooglePlay, other gift card]. After purchase, You should scratch-off the back code and email clear pictures of all the codes because I am sending them out to the [nephew, donor, VIP, etc.] via email. Make use of the credit card. Kindly keep the physical card after emailing the pictures to me for proper documentation.”

Step 5. I wish I hadn’t done that.  If you allow yourself to get to step 5, there is little chance of getting your money back.

The best protection against this scam is common sense and to apply these three steps:  STOP. THINK. CONNECT.

  1. STOP – Verify the senders address / do not respond to the scammer. In every case, the scammer was using a non-Marshall.edu e-mail account with a look-a-like display name for someone on campus. (E.g.  ‘Jerome Gilbert’ jgilbert2018@gmail.com, or jgilbert.marshall.edu@outlook.com ). If you are just quickly looking at the display name, you may think this is a message from the President.  It is not.
  2. THINK – Is there something unusual about this request? Verify the senders e-mail address. Why are they asking me to do this? Why didn’t they simply ask their administrative assistant or their significant other?
  3. CONNECT – Reach out to a trusted colleague.  Ask for a second opinion, contact the IT Service Desk or report the message to Phishing@marshall.edu.  Messages reported to this address will be reviewed, and someone will follow-up with you if any additional action is needed.  Where appropriate, the scammer e-mail address will also be blocked on the campus e-mail servers. You may find that someone else may have received this very same ‘important’ request.

For additional information security information, please visit www.marshall.edu/infosec.

–Source: IT Announcements e-mail 3/15/2019

Limited Services Available due to weather

Even though most University services are closed due to inclement weather, the Drinko Study Center will remain open normal hours.
The IT Service Desk will NOT have walk up service after 4:00 pm today and will resume normal services at 10:00 am tomorrow. Service Desk assistance will still be available via chat, email, and telephone.
Drinko Library will be closing at 4:00 pm today and will reopen at 10:00 am tomorrow. 

V: Drive Migration to One Drive [MUIT Services Change/Update]

Marshall University will be migrating all V: Drive storage to Microsoft OneDrive in the coming months. We will be creating V: Drive space for all new students for the 2019 spring term but will no longer provision V: Drive space for new users after February 2019.  We are continuing through February to accommodate any faculty who have specific V: Drive needs outlined in their syllabi. We ask that all faculty update your syllabi to reflect the use of Microsoft Office 365 OneDrive account instead.

All Marshall University Faculty and Staff that use the V: Drive for storage should, as soon as possible, migrate all your data to your OneDrive account.  Existing users will have access until Fall 2019, and it is recommended to have all contents moved from your V: Drive before the start of the Fall 2019 term.  You can do so by going to portal.microsoftonline.com, logging in with your MUNet username and password, choose “work or school account”, and simply drag and drop files into OneDrive. Alternatively, you can install the OneDrive desktop app and drag and drop files into a folder in that location.

Some of the benefits of using OneDrive are:

  • More storage space – 1 Terabyte (vs. 5 GB on V: Drive)
  • Recovering deleted items in Office 365
  • Access from multiple devices
  • Office 365 Mobile app available so you can access from anywhere on the go
  • Collaboration / sharing with colleagues or family and friends
  • Integration with other Microsoft Office 365 Applications

Additional information can be found at www.marshall.edu/it/office365 and individual training sessions can be scheduled by emailing it_training@marshall.edu.

As always, if you need technical assistance, please contact the IT Service Desk via chat, phone 304-696-3200, email itservicedesk@marshall.edu, or in person.

MATLAB/MathWorks Updates and fixes – 10/25/18

Marshall University Information Technology has received the following from MatLab/MathWorks:

“MathWorks recently introduced “Updates” available between the normal twice-yearly releases of MATLAB and Simulink. Each of these Updates contains a cumulative set of bug and security fixes that you can apply to an existing installation. Starting in R2018b, users will receive notification on the MATLAB desktop when Updates are available.

The current release, R2018b, already contains these bug and security fixes. For previous releases, bug fix and security Updates for R2013b – R2018a are now available. Learn more and download bug fix and security Updates for these previous releases if you use them.

MathWorks provides information about bug and security issues of general interest through the Bug Report System on MathWorks.com. Issue descriptions, workarounds, and Updates are communicated there. To be notified automatically via email about new bugs, security issues, and Updates, create a watchlist to track issues of interest.

Sincerely,
MathWorks Customer Service Team
mathworks.com/contact 

Single Sign On Change Notification

As part of our effort to bring a unified Single Sign On (SSO) experience to more of MUIT services, we are preparing to migrate to a new Shibboleth Identity Provider (IDP) server that will allow us to integrate with Active Directory Federation Services (ADFS). Once this migration is complete, those attempting to log-in to services protected by shibboleth will no longer see the traditional Marshall Shibboleth SSO page.

Once the migration is complete, users will see the standard ADFS login page instead.


What is Shibboleth?

As a federated system, a Shibboleth IdP supports secure access to resources across security domains. Information about a user (known as attributes) is sent from a home identity provider (IdP) to a service provider (SP), which prepares the information for protection of sensitive content and use by applications.

What is ADFS?

Active Directory Federation Services (ADFS) is a software component developed by Microsoft that can be installed on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries.

Which systems will be affected?

Bb Transact for Eaccounts

eRezLife

InCommon federation including CILogon, Educause, Eduroam

Poll Everywhere

Tapingo

WVAquavit


Please note that this is re-directing to ADFS for authentication only. The remainder of the process is handled by shibboleth just as it always has for attribute release, etc.  As of right now, we are planning on migrating to the new server during the standard maintenance window on 10/21/18.

 

Please contact the IT Service Desk for any questions, 304-696-3200, or chat below.

 

 

MATLAB Support Change

Below is an update from MATLAB:

If you have installed MATLAB on a platform that is impacted by a support change.

MathWorks periodically updates platform support and has made the following changes:

New Platforms

  • Ubuntu 18.04 LTS: Support begins with R2018b.
  • SUSE Linux Enterprise Desktop 15: Support begins with R2018b.
  • SUSE Linux Enterprise Server 15: Support begins with R2018b.

Dropped Platforms

  • Windows 8.1: Support has ended as of R2018b.
  • macOS 10.11 “El Capitan”: Support has ended as of R2018b.

See the complete set of system requirements and the platform road map for the latest information on planned platform changes to MathWorks products.

Sincerely,
MathWorks Customer Service Team
mathworks.com/contact

MU Information Security Alert

A number of fradulent emails have been circulating with various subjects and @live.marshall.edu senders, all with message bodies looking similar to the image below.  Many accounts are continuing to be compromised. Please DO NOT CLICK any links in messages which look similar to the image below, or any other messages before verifying the sender, verifying the URL, and ensuring you expect the message and that it is legitimate.

IF YOU HAVE ALREADY CLICKED A LINK IN A MESSAGE SIMILAR TO THE ONE ABOVE, CHANGE YOUR PASSWORD AS SOON AS POSSIBLE and contact the IT Service Desk at (304)696-3200. 

 

IF YOU RECEIVE A FRAUDULENT EMAIL MESSAGE, WE ASK YOU TAKE THE FOLLOWING ACTION(s):

  1. (Optional) Report a suspicious email message sent to your @marshall.edu email address by forwarding the message to phishing@marshall.edu. You will receive an auto-reply confirming receipt of the message as well as additional instructions.
  2. Delete the message from your inbox.
  3. As long as you did not attempt to open the attachment, reply/click on the web link, or provide any personal information, no additional action is needed; however…
  4. If you attempted to open an attachment or visited a website where you submitted your username, password or other sensitive information, you should immediately contact the Marshall IT Service Desk at (304) 696-3200 / itservicedesk@marshall.edu.

 

Security Tip: Use of the ‘Skeptical Hover Technique’ Most email applications allow you to simply hover your mouse – without clicking – over an embedded web link to preview where the hidden link will try to send you if you should click it.

 

ALWAYS be suspicious of any unexpected email messages (regardless of the source) which include file attachments,  web URL’s, or are written with a sense of urgency that you must provide computer passwords or reveal personal financial information.

 

Phishing Scams and Compromised Accounts – What Should I Do?

https://www.marshall.edu/it/departments/information-security/compromise/

 

InfoSec Tips #7: Don’t Be Tricked

http://www.marshall.edu/it/training/infosec-tips-7/

 

Thank you for your continued awareness,