Category Archives: Post for MiddPoints

@MiddInfoSec: Preventing Device Theft

With an increasing amount of storage space and institutional connectivity on personal devices, the value and mobility of smartphones, tablets, and laptops make them appealing and easy targets. These simple tips will help you protect against and prepare for the potential loss or theft of a laptop or mobile device.

    • Don’t leave your device alone, even for a minute. If you’re not using it, lock your device in a cabinet or drawer, use a security cable, or take it with you. Middlebury has seen laptops stolen in the College library and from individual’s cars. Don’t assume your devices are safe because you feel at home with your surroundings.
    • Report any lost or stolen device promptly. Both institutional and personal devices may contain Middlebury data. Even if you only lose a personal device, work with the College’s Information Security workgroup to ensure that institutional or sensitive data is accounted for. Information Security may also be able to help you recover the device. If a device is lost or stolen contact the helpdesk at x2200 immediately.
    • Do not store extremely sensitive or internal data. Never store protected or sensitive data on your laptop. Refer to the Data Classification policy for clear definitions of data types. (
    • Keep your master and working copy of all data on network storage. Keeping your master and working copies of all of your data on Middlebury Google Drive or other secure network file storage such as Middfiles. This ensures that your data is protected and backed-up if your laptop is stolen or lost. Photos, papers, research, and other files are irreplaceable, and losing them may be worse than losing your device.
    • Record the serial number. Keep the serial number and asset tag of your device and store it in a safe place. This information can be useful for verifying your device if it’s found. This is especially important when you travel. Airport and police agencies may ask for this information when reporting lost or stolen devices.
    • Enable device tracking and wiping services. Use tracking and recovery software included with most devices (e.g., the “Find iDevice” feature in iOS) Some software includes remote-wipe capabilities. This feature allows you to log on to an online account and delete all of the information on your laptop. Mobile resources can be found here:
    • Apple iCloud:
    • Microsoft Account:
    • Android Device Manager:


Take the library with you

Take the library with youYou CAN use library databases from off campus! Just start at the library website: When you’re off campus, links on library web pages like Research Guides, Summon and the Journals list will ask you to log in with Midd credentials.

Questions? Ask a librarian:

ACTT In-Progress Project Presentation for GoogleApps for Edu and OneDrive

Tuesday, May 17th from 3-4pm LIB 105A or Polycom 712833 The new ACT Team process includes in-progress project presentations. These presentations are meant to inform the community about how things are going, what has been done and what still needs to be done, what is going well and what are the challenges.


In this meeting we will look at the GoogleApps for Edu and OneDrive projects. In-progress project presentations are open meetings, anyone may attend. Please feel free to share the invitation with anyone you feel is interested in the topics discussed.

ACTT In-Progress Project Presentation Video Streaming Service

Tuesday, May 10th from 3-4pm LIB 105A or Polycom 712833 The new ACT Team process includes in-progress project presentations. These presentations are meant to inform the community about how things are going, what has been done and what still needs to be done, what is going well and what are the challenges.


In this meeting we will look at the Video Streaming Service project. In-progress project presentations are open meetings, anyone may attend. Please feel free to share the invitation with anyone you feel is interested in the topics discussed.  

Join us at our first Write-In

Middlebury Write-In

On Wednesday, May 4th from 8-11 PM, the Writing Center at Middlebury College will join 75 other colleges and universities who sponsor a Write-In between the weeks of April 24-May 5. Supported by CTLR, the Writing Program and the Library, the Write-In fosters a writing community by creating a calm time and space in LIB 201, LIB 145 and the Harman Reading Room for students to write together. A Peer Writing Tutor and a Research Librarian will be on hand in LIB 201 to provide support. During the Write-In, students may work on academic papers, do personal writing, or brainstorm writing for fellowships, internships, and jobs. We’ll provide snacks and prizes. See Swarthmore’s International Write-In page for more information.

Why come to a Write-In?

Writing can be lonely, solitary work. Joining a group of other student writers can be motivating, productive, and calming.

How will this work?

  • Come to Davis Family Library 201 any time between 8-11 PM. Stay from 15 minutes to 3 hours.
  • Sign in to receive prizes
  • If you want, we’ll give you a pen and a pad.
  • Have some tasty snacks (Cheese and Crackers, Chicken Satay, Rice Krispie Treats, Brownies)
  • Meet with a Peer Writing Tutor or Research Librarian.
  • Stay in Lib 201, or go to one of our two reserved quiet spaces: Lib 145 and the Harman Reading Room.

What kind of writing should I do?

  • Academic writing (Start your end of the semester papers this week!) (We’ll provide some research questions.)
  • Personal writing (No idea where to start? We’ll provide some writing prompts.)
  • Brainstorm writing for fellowships, internships, and job applications (We have a handy worksheet to get you started.)

Who is making this great event happen?

@MiddInfoSec: Don’t Get Hooked

You may not realize it, but you are a phishing target at school, at work, and at home. Phishing attacks are a type of computer attack that use malicious emails to trick targets into giving up sensitive information. Ultimately, you are the most effective way to detect and stop phishing scams. When viewing email messages, texts, or social media posts, use the following techniques to prevent your passwords, personal data, or private information from being stolen by a phishing attack.

    • Verify the source. Check the sender’s email address to make sure it’s legitimate. Remember that the name of the sender is not the important part. The sender’s email address is what you are really looking for. If in doubt, forward your message to
    • Read the entire message carefully. Phishing messages may include a formal salutation, overly-friendly tone, grammatical errors, urgent requests, or gimmicks that do not match the normal tone of the sender.
    • Avoid clicking on erroneous links. Even if you know the sender, be cautious of links and attachments in messages. Don’t click on links that could direct you to a bad website. Hovering your mouse over a link should disclose the actual web address that the link is directing you too, which may be different from what is displayed in the message. Make sure this masked address is a site you want to visit.
    • Verify the intent of all attachments with the sender before opening them. Even when you know a sender, you should never open an attachment unless have checked with the sender to verify the attachment was sent intentionally. Word and Excel documents can contain malicious macros which could harm your computer. Other files, such as zip files and PDF files, could download malware onto your system. Always verify the intent of attachments with the sender before you open them from an email.
  • Verifying a message is always better than responding to a phish. If you ever receive a message that provides reason to pause, it is always better to forward the message to or to send a separate email to the sender to verify its intent, before clicking a link or opening an attachment that could potentially impact the security of your computer..
  • Change your passwords if you have fallen for a phish. If you think you have fallen for a phishing attack, change your password at go/password and then contact the helpdesk at x2200. It is also a good practice to change your personal passwords outside of the College.


Watch for phishing scams. Common phishing scams are published at sites such as , , These resources will also allow you to report phishing attacks if you should fall victim outside of the College. Again, if you think you have fallen victim to a phishing attack, always start by changing your passwords.

What’s an Approval Profile, and Why Does the Library Want to Change Ours?

A brown-bag lunch will be held on May 3 at 12:30 pm, in the Crest Room of the McCullough Student Center, to explore the subject of the library’s approval profile. Douglas Black, the library’s Head of Collections Management, will be presenting, with some sweets and coffee to augment your own lunch. He’ll give some history of the approval program in library acquisitions over the years and lead discussion on its role in the academic library collection of the 21st century.

For context, the library selects, acquires, and provides access to materials in many different ways:

  • upon request by students, faculty, and staff
  • automatic purchase of e-books and streaming media based on usage
  • subscriptions
  • package deals on journal subscriptions and purchased journal archives (“backfiles”)
  • one-time purchases of electronic databases, which often require annual maintenance fees
  • gifts/donations
  • and through automatic purchase via an “approval profile.”

Under the approval model, the library utilizes a library vendor (in our case, YBP Library Services) to purchase automatically books that meet certain criteria (e.g., subject, hardbound only, no workbooks, scholarly publishers only, within a certain price range, etc.).  Middlebury typically purchases about 3,000 volumes/year this way, at an average annual cost of $97,000 in the last few years. We recently conducted a thorough analysis of the program’s effectiveness, finding that print books purchased through the approval profile are used much less than those specifically requested. The library believes some of that money could be spent more effectively and would like to gather input from members of the campus community on reshaping the profile.

Please feel welcome to contact your liaison or Douglas Black ( or x3635) with any questions (whether or not you can attend the meeting), or comment here in the blog.

ACTT Extended Team Meeting Agendas for April 19th and 26th, 2016

The new ACT Team process includes Extended Team meetings. These closed meetings allow the Team to work with expert staff and focus on evaluating solutions that inform recommendations.


The next two meetings will be discussions with vendors that can help meet the needs for the Video Streaming Service project.

  • Tuesday, April 19th, 2016 – Panopto
  • Tuesday, April 26th, 2016 – Ensemble