We completed an upgrade of our WordPress server infrastructure last week, which we believe will address some recent issues with the service.
Fixes and Tweaks
It is important for each of us to be aware of the increasing security risks to our increasingly connected lives. From laptops and tablets to smartphones and wearable technology, and 24/7 access to our personal data, the risk of sensitive information being exposed is very real.
Travel with, save, or record ONLY the data that is necessary and essential. Always redact or remove unnecessary sensitive data. Always keep your data backed-up and encrypted, when possible.
Add a passcode to your cell phone, tablet, or laptop right now! iOS devices automatically encrypt your data once a passcode has been set. Android devices can encrypt your data with a few minor settings changes.
- Use Strong & Unique Passwords or Passphrases:
Especially for online banking and other important accounts.
- Use Multi-Factor Authentication when available:
Middlebury is introducing MFA for O365 and other services in 2016. Use MFA wherever possible.
- Check Your Social Media Settings:
Review your social media security and privacy settings frequently. Enable MFA whenever possible. Keep your social media accounts current or close them.
Stay informed about the latest technology trends and security issues such as malware and phishing. Visit http://go.middlebury.edu/infosec for more information. For targeted training visit: http://go.middlebury.edu/infoseced .
Contact ITS – Information Security at email@example.com to set up a training session for your department.
WordPress Comment Spam
We received no reports of issues and did not notice an increase in spam comments this week during our test removal of one of the several comment spam measures we use in WordPress, so we’ve decided to leave the one we removed on Monday turned off.
WordPress Plugin and Theme Removals
We have removed the OnSwipe plugin, which was no longer getting updated. This plugin created a tablet view of a blog for non-responsive themes. If you still need this functionality, you can switch to one of our responsive themes, like any of the “Twenty” series or enable the WPtouch plugin.
We have also removed the JournalCrunch theme, which was no longer getting updated and was not being used by any sites.
Additionally, the Magazeen, colorpaper, Blogtheme, Bueno, Monotone, and Mystique themes were disabled, but not removed. Sites using one of these themes will still be using it, but the themes cannot be enabled on any new sites. Sites using these themes are encouraged to switch.
In each of these cases, the theme or plugin is using an old, common program to generate thumbnail images that has had issues in the past. Moving away from this script will help improve the availability and responsiveness of our WordPress service.
Fixes and Tweaks
- The Course Hub will now check to see if you have Panopto content before allowing you to delete a Panopto Resource from your course. You will need to delete the videos in Panopto before removing the resource.
- Fixed various widths and margins in the CCI WordPress theme sidebar. [From our colleagues in College Communications].
The migration of Middlebury’s email services to Microsoft’s Office 365 cloud environment is well underway. As of Friday, August 26th, we have moved 87% of all mailboxes to the cloud. Thank you so much for the help and feedback to date, it wouldn’t be possible without your support. The migration schedule can be found at http://go.middlebury.edu/cloud, updated daily.
For those of you that use Exchange Public Folders for departmental calendars, etc., we have an update. Public Folders will be unavailable for access from Tuesday, August 30th through Noon EST on Wednesday, August 31st. Public Folders are handled differently from mailboxes in Microsoft Exchange, and because of that difference they will be unavailable during their migration to the cloud.
When they are available again on August 31st, some users may need to re-open the Public Folders they normally access. We apologize for any inconvenience this may cause.
Here are the instructions for Outlook 2016 for Windows:
In Outlook, press Ctrl-6 to open the Folder View. You should see something like this:
To add a public folder to your Favorites, right-click the folder, then select Add to Favorites…. You should now be able to access it whenever you need it, including in the Calendar screen under “Other Calendars.”
Thanks again for your support and understanding. Please contact the Helpdesk with concerns or issues.
Please join me in welcoming Mike Schuster back to Information Technology Services. Mike will be returning to ITS effective Monday August 29th, 2016. Mike will continue in his current role as the Salesforce Administrator/Developer in support of the college’s Saleforce related initiatives.
Did you know that most passwords are easily broken? A few “secrets” can help you make a stronger more memorable password.
- Longer is better – use at least 8 characters with upper and lower case, numbers and symbols.
- Create an easy-to-remember passphrase with four or more words substituting special characters for some of the letters.
- Use a unique password for each service or account.
- Change your password or passphrase regularly:
- Be sure you’re on the correct website before entering your password or passphrase
- Set a password for access to your mobile device
- Don’t include personal information such as usernames, account numbers, address or phone numbers in your password or passphrase.
- Don’t reuse the same password for multiple services
- Don’t use a single word, in any language
- Don’t use consecutive repeating characters or a number sequence
- Don’t share your password or passphrase – even with managers, co-workers or the Help Desk
- Don’t send your passwords through email
- Consider using a password safe or password manager such as LastPass, 1Password or Password Safe
- Visit http://go.middlebury.edu/password to reset your network password
- Configure passwords on all of your mobile devices
- Why never to provide your passwords through an email: http://www.phishing.org/