Category Archives: Helpdesk Alerts

Protect your Middlebury Account with Multi-Factor Authentication

Multi-Factor Authentication is a security technology that helps protect your Middlebury account from potential compromise by requiring the use of more than just a username and password to prove your identity during login.

mfa1

Learn more about how you can start using Multi-Factor Authentication today to better protect your Middlebury account at http://go.middlebury.edu/mfa.

Middlebury’s Google Apps for Education – Account status

As we continue to integrate Middlebury services with cloud providers like Google Apps and Microsoft Office 365, we are aware of possible account conflicts that may arise. In particular, on Monday, April 25th, we will begin automatically syncing Middlebury Google Apps accounts for all students, faculty and staff with @middlebury.edu or @miis.edu addresses. This may result in conflicts for those who have been using stand-alone Google services with an account that you set up to use your Middlebury address but was not provisioned by ITS in our Middlebury Google Apps instance.

What if I have registered my @middlebury.edu address for stand-alone Google services?

If you have been using stand-alone (ie. not Middlebury Google Apps) Google services with your @middlebury.edu address, you have what Google considers to be a “conflicting account” and you will need to rename your account to a non-middlebury.edu address after the update.

Do I need to do anything now?

After the accounts are synced, any documents (Docs, Sheets, Slides, or files in Google Drive) that you created with your personal account will be transferred to a new account to resolve the conflict. Afterwards, you will not be able to transfer ownership to anyone in the middlebury.edu domain. So if you have any documents under a personal stand-alone account with institutional data that should remain associated with the College, you need to transfer ownership to someone with a Middlebury Google Apps account now.

How can I tell if the account I’m using now is a personal or institutional account?

Try logging out and logging in again. If you enter your Google account password at Google’s login page, that’s a personal stand-alone account and the above considerations apply. If instead you enter your Middlebury e-mail and password at our new login page, that’s an institutional account and you’re all set. You can also watch this video.

Can I still access Google’s services for my personal use?

You can choose to maintain a separate account for your personal use of any Google services under a non-middlebury.edu address. If you have multiple Google accounts, the username that appears at the upper right corner of most Google services will help you ensure that you’re using the intended account.

What if I have questions about this?

Please email any questions about this change to helpdesk@middlebury.edu.  Or create an helpdesk ticket.

Defining and avoiding conflicting accounts
https://support.google.com/a/answer/185186

Help with your conflicting account:
https://support.google.com/accounts/troubleshooter/1699308?rd=2

Moving your personal data between accounts:
https://support.google.com/accounts/answer/1109839?hl=en&ref_topic=30035

 

Library & Information Technology Services » Post for MiddNotes 2015-10-23 12:15:34

ccam

October is Cybersecurity Awareness Month. Join your colleagues from both the Middlebury and Monterey campuses for a presentation and discussion on critical cybersecurity issues including phishing and cracking.

  • On October 29th at 12:30 Eastern time, Information Security will host a Cybersecurity Roadshow.
  • You can join the discussion in Lib105A on the Middlebury Campus or on PolyCom 710205
  • Central Monterey meeting location TBD.

Please join us for this discussion. It is open to students, faculty, staff and the community. Computer security is the responsibility of us all.

For more information call Information Security at 802-349-5805

Security Notification: Ransomware Delivered Through Phishing Attacks

A year ago the Internet saw a rash of malware known as ransomware. This malicious form of cyber attack is known for infecting a computer and encrypting a drive. The victim is then unable to recover their data until paying a ransom to the attacker. Middlebury, like many other institutions was not immune to this form of attack.

A week ago the FBI announced a new variant on a common form of these attacks known as CryptoWall. This form of ransomware is known to have four methods of infecting a computer.

  • Phishing: the attacker may lure a victim into downloading an infected attachment through a phishing campaign and thereby compromising the drive on their system.
  • Phishing: the attacker lures the victim into clicking on a link to a malicious web site where the victim unknowingly downloads the malicious software onto their system and compromises their drive.
  • Infected ad: the attacker posts and infected ad on a website which a user might click thereby causing the download of malicious software.
  • Compromised website: the attacker compromises a website so when a user visits the website they unknowingly download malicious software and compromise their system.

According to the FBI, by far the most common method of attack is phishing, particularly with attachments in the message.

What you can do to protect yourself:

  • Never open attachments or click links in emails that you do not recognize or trust.
  • Know what a phishing attack is and how to spot one. visit http://go.middlebury.edu/phish or http://phishing.org
  • If you think you have fallen for a phish change your password. then call x2200
  • If you believe you system is compromised, unplug it from the power and the network. Shut it down immediately. Do not worry about saving your work. then call x2200.
  • Backup your data routinely. If you save your data to Middfiles or your home directory it will be backed up automatically.
  • Never disable your antivirus software.
  • Send any suspect emails to phishing@middlebury.edu
  • Only download software from known vendor sites.
  • Don’t click on ads in web sites. Visit vendor websites directly.

Sources:

Electronics and cold: A dangerous mix

As we all endure these cold temperatures, it can be easy to forget that some of the stuff we carry with us is isn’t quite as hearty. Notably, electronics can be damaged quite easily and seriously in this weather. It’s not the cold itself that is always a problem (although it can be), but instead it’s the temperature change from cold to warm which triggers condensation inside the device.

6301668033_0962da2a77_z
That fogging of your glasses when you come in from outside is water condensing onto the cold glass surfaces. This same thing takes place unseen inside your phones, tablets, laptops, cameras, and other electronics. Because we all know that water and electronics do not play well together, this puts your data as well as the device itself at risk.

Screen-Shot-2013-07-10-at-8.23.52-PM1

We would never try and use our device after it had fallen into water, but just coming in from the outside can result in enough water inside the device to cause the same damage. To the right you’ll see the result of actual water damage inside a MacBook… an extremely expensive repair (click the photo for a better view).

 

Condensation/water isn’t the only killer here. Cold batteries will die faster, cold hard drives can have trouble spinning and can damage your valuable data, cold LCD displays won’t look or function right, and the sudden change from cold to hot as internal components heat up when powered on can cause permanent damage. While too much heat can hurt electronics, too much cold has plenty of negative effects as well.

So… what to do to keep your device and data safe? Here are the best practices:

  • If at all possible, don’t let your electronic devices get cold in the first place. This means not leaving them outside, or in your car. If you have to carry your electronics for an extended distance from one building to another, bundle them up inside a bag as well as you can to insulate them from the cold. Wrapping them in a towel, shirt or blanket isn’t unreasonable given the bitter cold temperatures lately.
  • If it’s too late and your electronic device has already gotten cold, don’t turn it on. If possible, remove the battery since these days “off” isn’t really powered off. If you’ve gotten lucky and condensation hasn’t damaged it yet, the moment of powering it up and sending electricity through the entire device is the most-likely moment of death. The safest thing to do is let it sit in a dry, room-temperature environment as long as you possibly can. Just because it has reached room temperature and is dry outside does not mean there has been time for all the condensation to evaporate inside. This can take hours. Obviously, prevention is more-convenient and a much better option.
  • As always: make sure you’re keeping your data on Middfiles instead of storing your files locally on the device. That way if the worst happens and your device fails, at least your data is still safe. Just backing up once a week/month is still living dangerously: make Middfiles your default location for storing and opening your files and you’ll be protected in the event of this and many other things that can go wrong. More information at http://go/middfiles/ or http://go.middlebury.edu/middfiles/

Stay warm and safe computing!

-Scott Remick, ITS Senior Technology Specialist

Wireless Network Changes

Greetings!

Over the course of the next several weeks, we will be replacing the wireless networks at Middlebury.

What do I need to do?

Starting March 2nd, please connect to the new secure wireless network named MiddleburyCollege (like midd_secure but better). Middlebury Faculty, Staff and Students will login with your standard Middlebury username and password. Guests will need to create a Middlebury guest account and use it to connect to MiddleburyCollege. This is not a change for change’s sake – we are confident that the end result will be a wireless network that is more convenient and more secure for everyone.

Why are we doing this? What are we trying to achieve?

Some devices have trouble with the current configuration of midd_secure. Midd_secure was created many years ago and wireless standards have since evolved. Additionally, guests have traditionally connected to midd_unplugged, a non-secure network.

It is important that all wireless devices, including those of faculty, staff and students as well as guests, have a way to connect to our network securely, quickly, and easily. Also, as part of our improved security posture, and to comply with all regulations and generally accepted guidelines, devices on our network need to be identified and associated with an individual, for everyone’s benefit.

What will the new configuration look like?

  • Anyone with a Middlebury College username, including faculty, staff, students, etc., will connect to the new wireless network called MiddleburyCollege using their username and password. Guests will also connect to MiddleburyCollege with their guest account name and password, where they will have access to the Internet, but not our internal servers.
  • Guests from other institutions that are also part of the eduroam project will continue to connect to the eduroam network (for Internet access only).
  • Guests and others who do not have a username and password, either because they haven’t created an account or they have forgotten their password, will connect to a new open wireless network created for this purpose, called GuestAccountCreation. No password is required, but connections are limited to intervals of 15 minutes. When they connect, they will be offered links to create a new guest account, reset their guest password, or activate/reset their Middlebury account password.
  • Certain older or residential devices, for technical or procedural reasons, do not support standard security protocols (username and password), and require what’s called a “pre-shared key” instead (a shared password, like Midd-standard has now). For these devices, we are creating a limited-access pre-shared key network called MCPSK. This is only for devices that cannot use MiddleburyCollege. If you suspect this applies to you, please contact us (see “What if I have more questions?” below).

How will we get there? What is the transition schedule?

To reduce the impact of this change, we are planning on a phased implementation that gives people time to transition from one network to another. For performance and capacity reasons, we cannot have more than four different wireless networks at once, so we will introduce new networks on the following schedule:

Now to 3/2 3/2 to 3/09 3/09 to 3/16 3/16 forward
midd_unplugged (transition to midd_secure)
 MiddleburyCollege MiddleburyCollege MiddleburyCollege
midd_secure midd_secure (transition to MiddleburyCollege)
 MCPSK MCPSK
Midd-standard Midd-standard Midd-standard (transition to MCPSK)
 GuestAccountCreation
eduroam eduroam eduroam eduroam (unchanged – for guest access from other institutions)
  1. Anyone currently connecting to midd_unplugged should take a moment now to transition to midd_secure. If you have trouble connecting to midd_secure, please contact the Helpdesk for the password to Midd-standard.
  2. On Monday, March 2nd, midd_unplugged will be removed and we will introduce the new MiddleburyCollege network. From then on, all faculty, staff, and students should connect to MiddleburyCollege, though midd_secure and Midd-standard will continue to work for enough time to allow a smooth transition. We will prepare offices that frequently bring guests to campus to help them get connected to Midd-standard if necessary during this transitional period. In short, midd-unplugged will cease operating on 03/02/2015 – use midd_secure before then, and MiddleburyCollege after.
  3. On Monday, March 9th, all College personnel should be connected to MiddleburyCollege, and we will remove midd_secure to allow for the introduction of the MCPSK network. Starting on this day, anyone who hasn’t been using midd_secure due to incompatibility should first see if they can connect to MiddleburyCollege. If your device doesn’t support it, please contact the Helpdesk so we can connect you to MCPSK. For most devices, switch to MiddleburyCollege before midd_secure goes away on 03/09/2015.
  4. By Monday, March 16th, all individuals who have been using Midd-standard should have moved to another network, so we can remove Midd-standard and add GuestAccountCreation. To recap, switch to either MiddleburyCollege or MCPSK before Midd-standard goes away on 03/16/2015.

Other Frequently Asked Questions:

Are you saying guests will connect to the MiddleburyCollege network? Isn’t that a little weird from a security perspective?

There’s some behind-the-scenes magic there – people with Middlebury Guest accounts will be isolated from the regular Middlebury network and be provided with Internet access only.

Why start by removing midd_unplugged instead of another network?

For starters, it’s slow and insecure, but a good chunk of people keep using it, unaware that that’s the primary reason for their bad experiences. As much as possible during this transition, we want to make life easier for the people who are currently depending on the faster secure networks. We did consider temporarily disabling eduroam instead, since not as many people use it, but it’s part of an agreement with other universities and we want to honor that.

If I’m bringing a guest to campus after March 2nd, how can I make their experience easier?

The best thing to do is direct them to Middguests so they can create an account before they get here. Then, once they arrive on campus, they can immediately connect to MiddleburyCollege with their guest username and password. If they’ve forgotten their account info, once the GuestAccountCreation network is in place, it’ll provide links to help them reset their password or create a new account.

What about College faculty, staff, or students who’ve forgotten their password or don’t have one yet?

The GuestAccountCreation welcome page will also have a link to the password activation/reset page, and the Helpdesk phone number should anyone get stuck.

What if I have more questions?

If you have a technical issue, now or at any time, or if you need access to the limited MCPSK network, please make a ticket or call us at 802.443.2200 so we can assist you. If you have general questions about the plan, please post them here so everyone can see the answers.

Peace and change,

~Zach Schuetz for the Helpdesk

Systems Maintenance Sunday, Feb 8th

During our regular maintenance window this Sunday, February 8th  we have the following activities scheduled:

 

  • Starting at 5am EST the Middlebury website, http://www.middlebury.edu, will be put into a read-only mode for approximately 5 hours for an upgrade. After the upgrade completes the site will be put into full read/write mode.
    • What’s available during this read-only period?: All publicly-accessible content on our website will be available.  Links will continue to work.  Drupal webforms are hosted on another site and can be accessed and edited as normal.
    • What’s not available during the read-only period?:  Commenting on news stories, content that requires logging in before viewing, content editing on the main Middlebury website.

 

  • The hosted Hyperion and Banner applications, including Banner INB and SSB, will be updated and unavailable between 8am and 9am EST. The development environments for those services will be unavailable between 9am and 10am EST.

 

  • Middfiles, which includes Orgs, all Classroom, and home directory folders, will be rebooted and unavailable for approximately 10 minutes starting at 8am EST.

 

  • The Exchange email environment will undergo resource reallocations impacting 8 servers. The email environment is sufficiently redundant that we expect no impact to availability during this maintenance.

 

We appreciate your patience as we continuously strive to keep our systems functioning optimally.

 

 

Billy Sneed

ITS – Central Systems & Network Services

Middlebury College

Middlebury, VT  05753

Key Survey Downtime on Jan 17 for Hardware Maintenance

KeySurvey LogoThe following information is important only for individuals having a Key Survey account used to create, distribute, and work with surveys and response data.

Please be aware that the WorldAPP team (our Key Survey host) will be performing needed hardware maintenance on this coming Saturday, January 17, 2015, between the hours of:

EST:  2 am to 7 am   (GMT:  7 am to 12 pm)

During these hours Key Survey will be temporary unavailable.  Once the hardware maintenance has been completed, all applications, survey and forms links, and reports will be available as usual.

WorldAPP apologizes for the short notice and will be happy to answer any questions you may have about this maintenance.  Feel free to contact their Support Team via email (cs@worldapp.com), phone (781.849.8118), or live chat from www.keysurvey.com.

 

Reminder: Key Survey Scheduled Downtime on Nov 22 for Upgrade to version 8.6

KeySurvey LogoThe following information is important only for individuals having a Key Survey account used to create, distribute, and work with surveys and response data.

WorldAPP (our Key Survey host) is excited to announce that your Key Survey / Form.com account will be upgraded to the new software version 8.6. on  Saturday, November 22nd, 2014, between the hours of:

EST:   1 AM and 10 AM / GMT:    6 AM and 3 PM

Loaded with variety of new features, this latest software update introduces many of the advanced task management and workflow capabilities that you, our customers, have asked us for.

Please note that your account may be unavailable during the system upgrade. Your respondents attempting to access surveys, forms or reports will receive a friendly notification of the system maintenance in progress. Once the maintenance has been completed, the application and all survey/form/report links will be accessible.

To learn more about version 8.6 software release ahead of time, visit the Fall ’14 Release Promo page.

If you have any questions about this update please feel free to contact support@worldapp.com.