Tag Archives: ITS

Changes to Spam filtering at Middlebury

Middlebury ITS is preparing to introduce a new email security service. Over the next few weeks, ITS will begin routing Middlebury email messages through Microsoft’s email message security service, Exchange Online Protection. Microsoft’s service will perform spam filtering, anti-virus, and other security checks on inbound and outbound Internet email.

 

The way you ACCESS email WILL NOT need to CHANGE in order for you to benefit from this service. Outlook and Outlook Web Access, for example, will continue to behave just as they always have.

 

How you ALLOW or BLOCK email from specific senders WILL CHANGE. With Exchange Online Protection, you will be able to manage blocked and allowed senders right from within Outlook and Outlook Web Access, using the Safe Senders and Junk Mail tools. For tips on how to use Safe Senders and Junk Mail, please see the following Microsoft articles:

 


Middlebury ITS Helpdesk

@MiddInfoSec: Preventing Device Theft

With an increasing amount of storage space and institutional connectivity on personal devices, the value and mobility of smartphones, tablets, and laptops make them appealing and easy targets. These simple tips will help you protect against and prepare for the potential loss or theft of a laptop or mobile device.

    • Don’t leave your device alone, even for a minute. If you’re not using it, lock your device in a cabinet or drawer, use a security cable, or take it with you. Middlebury has seen laptops stolen in the College library and from individual’s cars. Don’t assume your devices are safe because you feel at home with your surroundings.
    • Report any lost or stolen device promptly. Both institutional and personal devices may contain Middlebury data. Even if you only lose a personal device, work with the College’s Information Security workgroup to ensure that institutional or sensitive data is accounted for. Information Security may also be able to help you recover the device. If a device is lost or stolen contact the helpdesk at x2200 immediately.
    • Do not store extremely sensitive or internal data. Never store protected or sensitive data on your laptop. Refer to the Data Classification policy for clear definitions of data types. (http://go.middlebury.edu/dcp)
    • Keep your master and working copy of all data on network storage. Keeping your master and working copies of all of your data on Middlebury Google Drive or other secure network file storage such as Middfiles. This ensures that your data is protected and backed-up if your laptop is stolen or lost. Photos, papers, research, and other files are irreplaceable, and losing them may be worse than losing your device.
    • Record the serial number. Keep the serial number and asset tag of your device and store it in a safe place. This information can be useful for verifying your device if it’s found. This is especially important when you travel. Airport and police agencies may ask for this information when reporting lost or stolen devices.
    • Enable device tracking and wiping services. Use tracking and recovery software included with most devices (e.g., the “Find iDevice” feature in iOS) Some software includes remote-wipe capabilities. This feature allows you to log on to an online account and delete all of the information on your laptop. Mobile resources can be found here:
    • Apple iCloud: http://www.icloud.com
    • Microsoft Account: http://account.Microsoft.com/devices
    • Android Device Manager: https://support.google.com/accounts/topic/6160499?hl=e

 

TOMORROW: Using GitHub for Education to Encourage Open Learning and Facilitate Feedback

Join us tomorrow, May 3rd, 12:15-1:30 PM, in Hillcrest 103 for the DLA’s final Behind the Scenes of the year, led by Albert Kim (Math). Albert will be sharing his experiences using GitHub as a feedback tool in his Data Science class this semester. Lunch will be served, so please RSVP at go/DLAscenes. Full description below.

Inspired by a humanist colleague’s approach to grading papers and discussions taking place in statistics pedagogy circles, Albert Kim (Math) presents his use of the GitHub web-based repository hosting service in his Introduction to Data Science course to encourage open and collaborative development of students’ coding skills and to facilitate the delivery of feedback from instructor to student. This short presentation will be followed by discussion of using digital tools for feedback in the classroom, so come with your questions. Lunch will be served, so please RSVP at go/DLAscenes.

Albert Y. Kim is originally from Montreal Quebec. After completing his PhD in statistics at the University of Washington in Seattle, he worked at Google as a Data Scientist for two years, followed by a two-year visiting stint at Reed College. He joined the Middlebury faculty in August 2015.

 

@MiddInfoSec: Don’t Get Hooked

You may not realize it, but you are a phishing target at school, at work, and at home. Phishing attacks are a type of computer attack that use malicious emails to trick targets into giving up sensitive information. Ultimately, you are the most effective way to detect and stop phishing scams. When viewing email messages, texts, or social media posts, use the following techniques to prevent your passwords, personal data, or private information from being stolen by a phishing attack.

    • Verify the source. Check the sender’s email address to make sure it’s legitimate. Remember that the name of the sender is not the important part. The sender’s email address is what you are really looking for. If in doubt, forward your message to phishing@middlebury.edu.
    • Read the entire message carefully. Phishing messages may include a formal salutation, overly-friendly tone, grammatical errors, urgent requests, or gimmicks that do not match the normal tone of the sender.
    • Avoid clicking on erroneous links. Even if you know the sender, be cautious of links and attachments in messages. Don’t click on links that could direct you to a bad website. Hovering your mouse over a link should disclose the actual web address that the link is directing you too, which may be different from what is displayed in the message. Make sure this masked address is a site you want to visit.
    • Verify the intent of all attachments with the sender before opening them. Even when you know a sender, you should never open an attachment unless have checked with the sender to verify the attachment was sent intentionally. Word and Excel documents can contain malicious macros which could harm your computer. Other files, such as zip files and PDF files, could download malware onto your system. Always verify the intent of attachments with the sender before you open them from an email.
  • Verifying a message is always better than responding to a phish. If you ever receive a message that provides reason to pause, it is always better to forward the message to phishing@middlebury.edu or to send a separate email to the sender to verify its intent, before clicking a link or opening an attachment that could potentially impact the security of your computer..
  • Change your passwords if you have fallen for a phish. If you think you have fallen for a phishing attack, change your password at go/password and then contact the helpdesk at x2200. It is also a good practice to change your personal passwords outside of the College.

 

Watch for phishing scams. Common phishing scams are published at sites such as http://IC3.gov , http://phishing.org ,https://www.irs.gov/uac/Report-Phishing. These resources will also allow you to report phishing attacks if you should fall victim outside of the College. Again, if you think you have fallen victim to a phishing attack, always start by changing your passwords.

Systems Maintenance this Sunday, April 24th

During our regular maintenance window this Sunday, April 24th from 6 am – 10 am we have the following activities scheduled:

  • Networking equipment in the Library data center will be consolidated. There will be brief network outages (up to 15 minutes) for portions of the Davis Family Library, 131 Franklin St, and 118 South Main St

We appreciate your patience as we continuously strive to keep our systems functioning optimally.

 

Regards,

Billy

 

 

Billy Sneed

ITS – Central Systems & Network Services

Middlebury College

 

Welcome to “Self-Service” Software Installation

ITS has been working on options for our customers to install licensed software on their college-owned computers using convenient, “self-service” methods that provide control over when the installations take place. (We are not licensed to provide software on personally owned computers, only college owned.)  To learn how this works on college Windows computers, please visit  KACE Self-Service information.  If you have a college Mac, visit Mac Self Service information for details.

Initially, we have made a few of our most commonly-requested Adobe products available through self-service for both Mac and Windows platforms, as well as the new Microsoft Office 2016.   We will be working to add software titles in the next few months.  Please note that not all software is purchased with licensing to be available for every computer on campus.

Self-service installations work best when you are here on campus using a wired (Ethernet) connection to our network.  Use of VPN or wireless connections may work but they will be much slower and are more likely to experience issues.

We are excited to offer this new service and want to hear about how it worked for you.  Feel free to share your feedback, questions, or concerns with our Technology Helpdesk.

@MiddInfoSec: Phishing Alert – – “Update Announcements”

A phishing email message was sent to @middlebury.edu mailboxes today with a subject line of “Update Announcements”.  DO NOT RESPOND ON THIS MESSAGE!

The phishing email message is an attack designed to trick people into disclosing their username and password.  Do NOT follow the instructions in the message, as it could lead to your Middlebury account being compromised.

If you were tricked by the email and responded,  reset your network password immediately at go/password and then call the Helpdesk at x2200 for further assistance with your account and any possible concerns with your computer.

Here’s a sample of the phishing email message:


Dear middlebury.edu User.

Urgent Update Announcements.

Your middlebury.edu Account has been Sign in with a strange IP Address: And this indicate your mail account is been used for FRAUDULENT ACT, For these reasons, Our records indicate you are no longer our current/active user. Therefore, your account has been scheduled for deletion on this Month of APRIL, 2016. As part of this process, your account, files, email address messages etc, will be deleted from our Data Base.

To Retail Your Account.

You are required to reply with your valid ONLINE ACCESS for reactivation, to ensure Your account remains active and subscribed, Otherwise this account will be De-activated within the next 72 hours hence from now.

Name In Full:

User Name:

Pass Word:

@middlebury.edu

Thank You.