It is important for each of us to be aware of the increasing security risks to our increasingly connected lives. From laptops and tablets to smartphones and wearable technology, and 24/7 access to our personal data, the risk of sensitive information being exposed is very real.
Travel with, save, or record ONLY the data that is necessary and essential. Always redact or remove unnecessary sensitive data. Always keep your data backed-up and encrypted, when possible.
Add a passcode to your cell phone, tablet, or laptop right now! iOS devices automatically encrypt your data once a passcode has been set. Android devices can encrypt your data with a few minor settings changes.
- Use Strong & Unique Passwords or Passphrases:
Especially for online banking and other important accounts.
- Use Multi-Factor Authentication when available:
Middlebury is introducing MFA for O365 and other services in 2016. Use MFA wherever possible.
- Check Your Social Media Settings:
Review your social media security and privacy settings frequently. Enable MFA whenever possible. Keep your social media accounts current or close them.
Stay informed about the latest technology trends and security issues such as malware and phishing. Visit http://go.middlebury.edu/infosec for more information. For targeted training visit: http://go.middlebury.edu/infoseced .
Contact ITS – Information Security at firstname.lastname@example.org to set up a training session for your department.
The migration of Middlebury’s email services to Microsoft’s Office 365 cloud environment is well underway. As of Friday, August 26th, we have moved 87% of all mailboxes to the cloud. Thank you so much for the help and feedback to date, it wouldn’t be possible without your support. The migration schedule can be found at http://go.middlebury.edu/cloud, updated daily.
For those of you that use Exchange Public Folders for departmental calendars, etc., we have an update. Public Folders will be unavailable for access from Tuesday, August 30th through Noon EST on Wednesday, August 31st. Public Folders are handled differently from mailboxes in Microsoft Exchange, and because of that difference they will be unavailable during their migration to the cloud.
When they are available again on August 31st, some users may need to re-open the Public Folders they normally access. We apologize for any inconvenience this may cause.
Here are the instructions for Outlook 2016 for Windows:
In Outlook, press Ctrl-6 to open the Folder View. You should see something like this:
To add a public folder to your Favorites, right-click the folder, then select Add to Favorites…. You should now be able to access it whenever you need it, including in the Calendar screen under “Other Calendars.”
Thanks again for your support and understanding. Please contact the Helpdesk with concerns or issues.
Please join me in welcoming Mike Schuster back to Information Technology Services. Mike will be returning to ITS effective Monday August 29th, 2016. Mike will continue in his current role as the Salesforce Administrator/Developer in support of the college’s Saleforce related initiatives.
As you may have heard, Middlebury is in the process of moving our e-mail infrastructure to the cloud in stages – see http://go.middlebury.edu/cloud for details. While this has generally gone smoothly so far, there can be issues if people who have been migrated try to access other mailboxes that have not, or vice versa, especially on Macs. (Outlook for Windows generally works well, possibly after some adjustments as explained at http://go.middlebury.edu.mailmove.) In most cases we can move mailboxes together with the people who access them, but due to the nature of Public Folders they all need to be moved at once (currently scheduled for 8/30).
Bottom line: Mac users may find themselves unable to access Public Folders between the time that their own account is moved and August 30th. (Middfiles and other file servers will be unaffected; this is only for shared folders in Outlook e.g. department calendars.)
If this is an issue for your work, please comment here or e-mail email@example.com to discuss so we can find a solution.
We appreciate your patience as we strive to keep our systems functioning optimally.
Middlebury College ITS
We are pleased to announce a change we are making to Middlebury’s email and calendar service. After years of running these applications on our own infrastructure, we are moving them to the cloud—specifically to Microsoft’s Office 365 suite of services.
There are several benefits to this move:
- Stronger security. Microsoft is able to devote more resources to security than we ever could. As hackers become increasingly sophisticated, this has never been more important. Microsoft’s cloud-based services include an important second level of security that recognizes “trusted” devices, which can include mobile devices or a home computer. This means that even if someone learned your user name or password, they still would need a special code to access your account from a device other than your own. Middlebury users will not be compelled at the outset to use this service, though we think it will be attractive to many people and we will be encouraging and supporting its use going forward once the transition to Microsoft’s cloud-based email and calendar service is complete.
- Better and faster access. Putting data in the cloud will allow us to automatically synchronize data across devices and provide better and faster access regardless of your location.
- Increased storage. Microsoft’s scale allows it to provide greater storage capacity at less cost. This means we will be able to back up data on a nearly real-time basis. And you no longer will need to worry about size of your email archive.
We don’t anticipate any significant disruption in services when we make the change. If you use Outlook, the switch will happen overnight, and your mailbox and calendar will look exactly as they did the previous day once you restart your computer. In some cases, it has been necessary to replace your outlook profile, but if that is necessary, we’ll assist you. The webmail site is very similar to what you are using today, but there are slight differences consistent with a new version. For those employees who use an email client other than Outlook or webmail, we will provide instructions on how to adjust your account settings.
The process of transitioning mailboxes and calendars to the Microsoft cloud service will begin next week and continue through September, with faculty and students transitioned before the start of the semester and members of administrative departments scheduled by department in batches with advanced notice and on premise support. The schedule of moves is available here: http://go.middlebury.edu/cloud.
This fall we will begin a transition of content currently stored on Middfiles to the cloud. This change will bring with it many of the same benefits as those described above and in addition facilitate collaboration – allowing you to share your data with colleagues at Middlebury and elsewhere with ease. We’ll keep you posted as we get closer to that move.
We are excited to deliver these significant improvements to the services we provide to the community. Once complete, we are confident they will result in better service with a reduction in cost and risk. If you have any questions, please contact our helpdesk at firstname.lastname@example.org.
The Middlebury ITS Team
ITS will implement a new “spam quarantine” feature on Friday, July 22, 2016. This change will help keep spam and phishing messages out of your mailbox, better protecting the Middlebury College community from phishing attacks and other email-borne threats. The new quarantine feature will change how you manage messages identified as spam by the mail system. Spam email will now be placed in a separate quarantine area, rather than being directed to your Junk Email folder.
Important: All messages in your quarantine area should be treated with special caution as they are most likely harmful to you and others! Do not click any links in these messages or release them to your Inbox unless you are absolutely sure that the message is legitimate. Be particularly suspicious of messages asking you to update your account, reset your password, expand your email storage quota, etc. Remember, any message that asks for your password or username is not to be trusted. For more information about how to protect yourself from phishing attacks, please see go/phish.
Messages identified as spam will be stored in the Spam Quarantine for 15 days. If you have received suspect messages, Microsoft will send you a daily “Spam Notification” email message. The messages are sent from email@example.com, once per day.
You can check your Spam Quarantine at any time by logging into go/quarantine (or directly via https://admin.protection.outlook.com/quarantine).
If you are missing a time-critical message, check your Junk E-Mail folder first, then check the Spam Quarantine, via go/quarantine.
For more details on managing the spam with the Spam Quarantine, as well as tips on how to use the the Blocked Senders/Safe Senders tools to allow or block specific email message senders, please visit go/spam.
To help raise awareness about community efforts to prevent significant security issues, Middlebury Information Security has launched a ‘Security Scout of the Month’ award.
This month Information Security would like to recognize Amy Dale who promptly and accurately responded to potential malware activity by unplugging her computer and reaching out to the Help Desk for immediate assistance.
When asked, Amy shared this advice about computer security, “My previous work experience, particularly at AOL, helped prepare me to be more alert and aware of scams. A previous manager always said, “when in doubt, leave it out.” In other words, when you’re the least bit hesitant, then don’t open/click/download, etc. “
This astute awareness and keen insight is why Amy is this month’s ‘Security Scout of the Month’.
We are excited to celebrate the hard work and security conscious efforts of our community. Please watch for the next ‘Security Scout of the Month’ and help us recognize these efforts.
If you would like to recognize an individual for their information security contributions or would like to raise an information security concern, please contact firstname.lastname@example.org.