MU Alert Test – Spring 2018

Marshall University will be conducting a test of the MU Alert emergency messaging system on Wednesday, January 24, 2018 at 10 a.m.. This is an opt-in service available to MU community members. Subscribers are asked to be sure they receive a message by noon on Wednesday, and if necessary update their contact information via the myMU interface. If the information is correct and no message was received, please email mualert@marshall.edu with details on which method (text, email, and/or voice) did not work and the details for each pertinent method. Please sign up or update your information prior to 5:00 p.m. on Tuesday, January 23rd to be included on the test.

Additional information is available on the MU Alert website.


National Cyber Security Awareness Month Info Table

Interested in how cyber security affects you?

On Tuesday, October 17th, and Thursday, October 19th, from 11a.m.-1p.m. each day, Marshall University’s Information Technology (IT) division will be hosting the Hackers for Charity student group for a National Cyber Security Awareness Month (NCSAM) table in the lobby of the first floor of the Drinko Library and Information Center.  These students will share practical tips on how to improve your personal information security and avoid online threats.

 

As technology continues to become a large part of our professional and personal lives, it is important to be educated in how to keep private information secure.  We are eager to share with you the resources Marshall University has to not only provide information on the importance of cybersecurity but demonstrate the steps you can take to become more cyber secure in your everyday life.  Additional information regarding weekly topics and resources can be found at www.marshall.edu/it/ncscam/topics

For the month of October, MUIT’s Instagram and Twitter will be posting weekly tips on cybersecurity, follow the hashtag #CyberAware and follow us @MarshallU_IT.

For more information about NCSAM, visit www.staysafeonline.org/ncsam.

Marshall University Information Technology Contact: Crystal Stewart

-Kristin Salustro, MUIT Marketing Intern

 


MUIT participating in National Cyber Security Awareness Month (NCSAM)

The Marshall University Information Technology (IT) department is participating in National Cyber Security Awareness Month (NCSAM) to raise awareness of Cyber Security issues. Throughout the month of October, Marshall IT will be sharing information from the national campaign on Twitter, their website and through newsletter articles.

 

 

“This is the fifth year in which Marshall IT has participated in national cyber security awareness events,” said Jon Cutler, chief information security officer. “This is another opportunity for our team to share practical advice on information security with our campus community. We know many folks are concerned about online threats. So now we share information about how they can protect not only themselves but also the campus against cyber-criminal activity. We believe you will find each of the weekly topics to be helpful and welcome any feedback in how those messages can be improved.”

National Cyber Security Awareness Month began 14 years ago as a collaborative effort between government and industry to ensure every American has the resources they need to stay safe and secure online. NCSAM is celebrated across the country each October under the leadership of the U.S. Department of Homeland Security and the National Cyber Security Alliance.

Different cybersecurity issues will be addressed each week including basic online safety and security, workplace cybersecurity, recognizing and combating cybercrime, our continuously connected lives and what to do if you are a victim of cyber-crime.

“We know the Marshall campus community has a lot of questions about cyber security. Use of technology is a part of our everyday lives – both professionally and personally,” Cutler said. “Are you concerned when hearing reports in the news of yet another hacker security breach? Does the growing number of smart-devices in our lives put us and others at risk? Participation in National Cyber Security Month provides another opportunity to share a wide variety of resources which will help us gain a better understanding of online security issues and provides some simple steps you can take to protect yourself.”

For more information about NCSAM, visit www.staysafeonline.org/ncsam. You are also invited to follow and use the hashtag #CyberAware on Twitter throughout the month of October.


MUAlert Test

Marshall University will be conducting a test of the MU Alert emergency messaging system on Wednesday, September 6, 2017 at 10 a.m.. This is an opt-in service available to MU community members. Subscribers are asked to be sure they receive a message by noon on Wednesday, and if necessary update their contact information via the myMU interface. If the information is correct and no message was received, please email mualert@marshall.edu with details on which method (text, email, and/or voice) did not work and the details for each pertinent method. Please sign up or update your information prior to 5:00 p.m. on Tuesday, September 5th to be included on the test.

Additional information is available on the MU Alert website.


[TechInfo] Is this legit?

[TechInfo] Is this legit? ‘New Microsoft Office 2016 is Here for Only $9.95’

Informational Advisory – Microsoft Office Upgrade Offer

This advisory was sent via email to nearly 900 @Marshall recipients who have recently received an e-mail from ‘Microsoft Home Use Program MicrosoftHUPsupport@digitalriver.com . This is a legitimate message and you are receiving this because you have previously enrolled for or purchased media from the Microsoft ‘Home Use Program’ for Microsoft Office on your home computer. (See Frequently Asked Questions section below on how to unsubscribe from these mailings).

But before you pay $9.95 to upgrade, please read the rest of this message below…

 

 

If you are an Marshall faculty or staff member eligible for ‘Home Use Rights’ (see Microsoft’s definition of employee below in the frequently asked questions section) in most cases you will be better served by upgrading your home computer software using the no-cost Office 365 media.

If you are no longer a Marshall University employee, but you are still an active student, you can also use O365 media described below.

 

 

 

Frequently Asked Questions

  • Can I use Office 365 Media on a Personally Owned PC/Windows or Apple Macintosh OS?
    Yes. the Microsoft Office 365 download is intended for PERSONALLY-OWNED machines. There are separate versions for Microsoft Windows PC’s and Apple Macintosh OS X computers.
  • Is there a difference in the O365 software and Microsoft Office software installed on my University-owned computer?
    In some cases yes. Functionally, both products are Microsoft Office – Word, Excel, Outlook, etc. – and you have a choice of ‘new’ (Office 2016) or ‘previous’ (2013) releases. However, with the O365 release, Microsoft will make future updates available to you. These updates may appear on a different release schedule than your University-owned computer. You will still have the option to ‘accept’ or ‘defer’ these major updates. You may wish to maintain the same major version (e.g. Office 2013 vs. Office 2016) running on both your personally- and University-owned computers.
  • Where can I get more information on accessing the Office 365 software?
    Please visit our website for more details.
  • What is an eligible employee for purposes of the ‘Home Use Program’?
    Microsoft defines ‘eligible employee’ as follows… “those individuals who use the covered licenses at work are eligible to purchase these Office applications for use on a personal device during the term of their employment. This temporary license expires with the employer’s Software Assurance coverage, or upon termination of employment with the covered organization.”
  • How can I request Microsoft/DigitalRiver to stop sending me these upgrade offers?
    Locate the e-mail message in your inbox (Subject:  The New Microsoft Office 2016 is Here for Only $9.95!). At the very bottom of the message, locate the ‘Click here to unsubscribe’ web link. This will take you to a webpage which will already contain your e-mail address. Click the [Unsubscribe] button. That’s it.

Please direct any additional questions to IT Service Desk itservicedesk@marshall.edu so that we can upgrade our existing question & answer section on the IT website.

 


Computer Security Advisory: ‘WannaCry’ Ransomware

Computer Security Advisory for All University Faculty & Staff E-mail Recipients

Starting last Friday (5/13/2017) computer security researchers and news media began sharing information about a new computer security attack called ‘WannaCry’. This attack is another variation of malicious software referred to as ‘ransomware’. When a computer becomes infected with ransomware, this malicious code attempts to encrypt (scramble and password-protect) as many data files as it can find available. This occurs not only to the local computer but also to any attached drives and network shares to which  your user account has write access. This tactic is called ransomware because the only way to regain access to those encrypted files is to pay a fee – a ransom often starting at $300 and up – to the criminals. If the victim does not pay, then the only other recovery method is to restore the files from a secure backup location.

There have been no major outbreaks reported on the University campus network nor detected by campus network security services. We attribute this in part to faculty and staff cooperation with regular computer software updates, increased information security awareness, and not being heavily targeted (yet) by computer criminals.

If you are responsible for software updates whether on your personally-owned computer, a University-owned computer or a group of your department’s computers, we ask that you take a moment to review the following guidance.

How can you minimize risk to University- and personally-owned computers?

We trust that the following guidance should sound familiar when we remind you that the best defense is to already be following computer security best-practices:

  • Is Your Software Updated and Supported? – Be sure all of your computers – whether located on-campus or off-campus – are running the latest supported operating system, security and application software appropriate for your academic or business unit. This is not simply so we can say we run the ‘latest-and-greatest’. Rather software authors focus their efforts on their latest products so they will include the latest security features as well as fix known-security bugs. For a PC: we strongly suggest Microsoft Windows 10 ver 1607 and later and Symantec Endpoint Protection v. 14. Windows XP, Windows Vista and Windows 8.0 are no longer supported; For a Mac: you should be at Mac OS 10.12.x and Symantec Endpoint Protection for Mac v. 14. Mac OS prior to 10.10 (Yosemite) is no longer supported. Marshall University Information Technology provides the above recommendations. Please consult with your campus IT Support team for configurations supported by the MU School of Medicine and Marshall Health.
  • Are you Patched? – Be sure all of your computers – whether located on-campus or off-campus – are configured to automatically receive and apply security updates when they are released. For a PC: Use Windows Update and make sure both Critical and Important Updates are applied. For a Mac: Go to your Apple menu click ‘About this Mac…’ and then ‘Software Updates’ or open the App Store and click on the ‘Updates’ icon.
  • Is Your Important University and Personal Data Backed-up? – Take steps now to have a backup copy of important documents and data. For items which are essential to University or Department operations, these should be saved to a secure location (such as a campus-managed fileserver) which has a regularly scheduled backup. For personal items, use of an external hard drive or high-capacity thumb-drive which can be attached for backup then promptly disconnected, is highly recommended. Remember, ransomware will attempt to encrypt any and all data files which you have write access. Recovery is limited to those items which were inaccessible by the user (campus-managed backups) or were offline (disconnected hard drive or thumb-drive) at the point of infection.
  • Are You Being Cautious with E-mail and Websites? – Always exercise suspicion for unsolicited e-mail and unfamiliar web sites, particularly those which urge you to ‘open this attached file’ or ‘click this web page link’ for some urgent action. Many of us work in areas where we do receive unsolicited documents and in those cases, ask a trusted colleague or an IT support resources for a second opinion before opening the message. A mobile device may be used in cases where you want to preview the file, but understand that the malicious payload may only be designed to affect a desktop or laptop computer. This allows you to delete the file or entire message before ever attempting to preview/open it on the computer.
  • Report Suspicious Computer Behavior, Alerts, or E-mail Messages – We understand that it is difficult for everyone to stay up-to-date and how they should respond to an ongoing stream of important computer security issues. You can assist by reporting  unexpected or suspicious activity to computers located to your closest campus Information Technology Support or IT Information Security professional.Please reach out to one of the following IT Service Desk or IT Service Provider contacts:

MUNet End of Support for Windows Vista

Windows Vista End of Life 11 April 2017 Microsoft

Important Computer Security Reminder for All Marshall University Faculty, Staff and Students:

Marshall University Campus network support will no longer be provided for computers with Microsoft Windows Vista operating system  after June 30, 2017.*

This notice is intended Marshall University campus clients who are still using the Windows Vista operating system. Your response is needed because most security experts agree that Windows Vista clients will become sought-after targets for malicious users as a result of Microsoft’s end of support.

 

Microsoft announced in 2012 that on April 11, 2017 they would no longer provide extended support services for the Windows Vista operating system. According to the Microsoft website, this means that they will no longer provide automatic fixes, updates or online technical assistance:

Windows Vista Support is Ending https://support.microsoft.com/en-us/help/22882/windows-vista-end-of-support

Marshall University Information Technology announced our end of support of Windows Vista on July 2012. While most campus computer systems have long since been upgraded from Windows Vista, some systems continue to operate on the MUNet without direct support from IT.  These include a limited number of systems which are managed at the department level or are student-owned.

Marshall IT is committed to working with campus departments in our shared responsibility to ensure a safe and reliable campus network. Periodically upgrading the operating system and/or replacement of unsupported computer hardware is a necessary part of system ownership; it is also crucial to protecting the security and reliability of the system, the data they contain and the networks to which they are connected. Failure to regularly update puts at risk both that system as well as other systems which share the same network.

Windows Vista Upgrade Resources

  • Software – As a reminder, operating system upgrades for all University-owned computers are covered thru client workstation budgeting process. So these computers are eligible to upgrade to Windows 10 or a currently supported OS (Windows 8.1 or Windows 7 SP1). at no additional charge.
  • Reimaging – Additionally the IT Service Desk team provides no-charge desktop/laptop reimaging services (using the currently supported operating system and application software) for University-owned computers.
  • Hardware – If replacement of a University-owned computer device is preventing your upgrade, please contact the Marshall IT Service desk to confirm when your system is scheduled for lifecycle replacement or if other replacement options need to be considered.

Requesting An Exception for Windows Vista End-of-Life

*Note: The Marshall Office of Information Technology will be working with IT Service Providers and their departments on a case-by-case basis to evaluate requests for Windows Vista clients which are providing business-critical functions for the University. Marshall departments and business units should submit their exception requests in writing/e-mail to the MU Office of Information Security (infosec@marshall.edu ).

Requests must include the following details:

  • The reason(s) for requesting the exception. Multiple machines may be listed on a single request.
  • The machine host name(s) in question, including the IP address and MAC address of each device.
  • Point of contact information (telephone and e-mail) for the department head.
  • Point of contact information (telephone and e-mail) for the department IT service provider or individual most familiar with the support of the computer or application requesting an exception.
  • The length of time for the requested exception, with a maximum of one year
  • The plan for upgrading or retiring the device at the end of the exception period
  • The data classification level of each device (see section 3 of “ITG-4 Guidelines for Data Classification“)
  • Which of the three device categories does the Windows Vista machine belong:
    • Individual Use – no sensitive data accessed or stored
    • Privileged use – administrative access to information systems
    • Institutional use – stores significant quantities of sensitive data
  • Proposed set of compensating controls which has (or can be) implemented for each device (i.e. client can function without any network access; client campus and/or Internet access can be restricted to a specific IP or range of IP addresses)

As always, if you need additional technical assistance please contact
the IT Service Desk, located on the first floor in the Drinko Library, e-mail itservicedesk@marshall.edu or call 304-696-3200.


MU Alert System Test – January 25, 2017

Marshall University will be conducting a test of the MU Alert emergency messaging system on Wednesday, January 25, 2017.  This is an opt-in service available to MU community members.  Subscribers are asked to be sure they receive a message by noon on Wednesday, and if necessary update their contact information via the myMU interface.  If the information is correct and no message was received, please email mualert@marshall.edu with details on which method (text, email, and/or voice) did not work and the details for each pertinent method.  Please sign up or update your information prior to 5:00 p.m. on Tuesday, January 24th to be included on the test.

Additional information is available on the MU Alert website.

1502_mualert_digitalslide2017

IT Upgrade: WiFi (Requires Action for All Users)

Over the holiday break the IT Infrastructure Communications Team began upgrading the Wireless LAN Controllers and the radius authentication servers.  Those upgrades were completed early this morning.  Due to the nature of our authentication protocols you will now have to “accept” a new security certificate to connect to the WiFi network.  During this upgrade the security certificates on the radius servers were moved to our InCommon provider.  Although each device connects differently; the iOS (iPhone and iPad) certificate should look like this other devices will have similar notices:

apple-trust

 

 

 

 

If this message does not appear and you are unable to connect to the wireless network, you may need to turn off wireless on your device and turn it back on to re-establish the connection to your device.  If it still fails, you can try “forgetting” the network from your device and re-connecting.

Detailed instructions for connecting a device to the wireless network can be found at: www.marshall.edu/wifi .

Please check your cellular/wireless mobile devices to avoid unwanted data usage over the cell network.

If you require further assistance, please contact the IT Service Desk:

304.696.3200   (Huntington)
304.746.1969   (Charleston)
itservicedesk@marshall.edu