Category Archives: LIS Staff Interest

Self-Service Reservations for Group Studies and Video Viewing Rooms

Yes, YOU can book this room

Now available at the Davis Family Library for Middlebury students, faculty and staff!  Make your own reservations for group studies and video viewing rooms. It’s easy to see pre-existing reservations, pick a time, and even cancel if necessary — all online.

View policies and make reservations at:

(The group studies on the upper level of the Davis Family Library remain available on a first-come, first-served basis.)

Self-service room scheduling is available as a pilot through January 2017. Please share your feedback: http://go.middlebury.edu/libsuggestions.

Clifford Symposium at the Library – through October

Clifford Symposium at the LibraryThe libraries are pleased to support the Art and Science of Mindful Engagement during the  Clifford Symposium and beyond. Dip into a few recommended books on display, let a podcast walk you through a guided meditation, and disconnect from daily stressors in the Unplug and Recharge Room. (Or, borrow meditation cushions from the Circulation Desk and use them anywhere in the library!)

All will be available during regular library hours now through mid-October.

Library Book Display (Davis Family Library): Recommendations from faculty, students, and staff for mindfulness and meditation readings. Browse and borrow whatever you like! Located on the main level of the Davis Family Library.

Guided Meditation Station (Davis Family Library): Pick a blue chair, put on the headphones, and hit “play.” A professional will walk you through a short guided meditation exercise. Try it and see how you feel afterward! Located on the main level of the Davis Family Library.

Unplug and Recharge Room (Davis Family Library): Take a break and disconnect from daily stressors. A secluded corner of the library will be screened off to create a temporary Unplug and Recharge Room with meditation cushions and soft lighting. Located on the upper level of the Davis Family Library.

Meditation Cushions  (Davis Family Library and Armstrong Library): Thanks to the Scott Center for Spiritual and Religious Life, we are able to offer loaner meditation cushions for the whole school year. Check them out from the Circulation Desk, and use them anywhere in the library for 2 hours.

Library hours at http://go.middlebury.edu/hours.

@MiddInfoSec: Information Security is Everyone’s Responsibility!

It is important for each of us to be aware of the increasing security risks to our increasingly connected lives. From laptops and tablets to smartphones and wearable technology, and 24/7 access to our personal data, the risk of sensitive information being exposed is very real.

  • Be Data Aware:

 Travel with, save, or record ONLY the data that is necessary and essential. Always redact or remove unnecessary sensitive data. Always keep your data backed-up and encrypted, when possible.

  • Protect Your Device:

Add a passcode to your cell phone, tablet, or laptop right now! iOS devices automatically encrypt your data once a passcode has been set. Android devices can encrypt your data with a few minor settings changes.

  • Use Strong & Unique Passwords or Passphrases:

Especially for online banking and other important accounts.

  • Use Multi-Factor Authentication when available:

Middlebury is introducing MFA for O365 and other services in 2016. Use MFA wherever possible.

  • Check Your Social Media Settings:

Review your social media security and privacy settings frequently. Enable MFA whenever possible. Keep your social media accounts current or close them.

  • Educate Yourself:

Stay informed about the latest technology trends and security issues such as malware and phishing. Visit http://go.middlebury.edu/infosec for more information. For targeted training visit: http://go.middlebury.edu/infoseced .

  • Get Trained:

Contact ITS – Information Security at infosec@middlebury.edu to set up a training session for your department.

@MiddInfoSec: Keeping Your Password Secure

Did you know that most passwords are easily broken? A few “secrets” can help you make a stronger more memorable password.

Dos

  • Longer is better – use at least 8 characters with upper and lower case, numbers and symbols.
  • Create an easy-to-remember passphrase  with four or more words substituting special characters for some of the letters.
  • Use a unique password for each service or account.
  • Change your password or passphrase regularly:
  • Be sure you’re on the correct website before entering your password or passphrase
  • Set a password for access to your mobile device

Don’ts

  • Don’t include personal information such as usernames, account numbers, address or phone numbers in your password or passphrase.
  • Don’t reuse the same password for multiple services
  • Don’t use a single word, in any language
  • Don’t use consecutive repeating characters or a number sequence
  • Don’t share your password or passphrase – even with managers, co-workers or the Help Desk
  • Don’t send your passwords through email

Tools

@MiddInfoSec: Information Security’s ‘Security Scout of the Month’

To help raise awareness about community efforts to prevent significant security issues, Middlebury Information Security has launched a ‘Security Scout of the Month’ award.

This month Information Security would like to recognize Amy Dale who promptly and accurately responded to potential malware activity by unplugging her computer and reaching out to the Help Desk for immediate assistance.

When asked, Amy shared this advice about computer security, “My previous work experience, particularly at AOL, helped prepare me to be more alert and aware of scams. A previous manager always said, “when in doubt, leave it out.”  In other words, when you’re the least bit hesitant, then don’t open/click/download, etc. “

This astute awareness and keen insight is why Amy is this month’s ‘Security Scout of the Month’.

We are excited to celebrate the hard work and security conscious efforts of our community. Please watch for the next ‘Security Scout of the Month’ and help us recognize these efforts.

If you would like to recognize an individual for their information security contributions or would like to raise an information security concern, please contact infosec@middlebury.edu.

@MiddInfoSec: Stay Safe and Secure when Online

When you are reading e-mail or browsing online, be on the lookout for suspicious links and deceptive web pages, which are major sources of malware. Also be careful of downloadable files since they can introduce malware. And remember that additional browser plugins and unused applications require additional patching to remain secure. Here are some suggestions to make your day-to-day computing more productive, safe, and secure.

  • Keep your software up-to-date. Be sure to install antivirus updates and regularly check for and install updates for any applications or browser plugins you may run on your computer. (e.g., Adobe Flash and Java)
  • Be more secure! Don’t enter sensitive or personal information into a URL unless you have verified the address and you have ensured its security by checking that it includes HTTPS.
  • When in doubt, ignore. Don’t click on pop-up windows or extraneous ads. And, don’t click on links in emails or web sites until you have verified their destinations by hovering your mouse over the link.
  • Keep your private information safe. Use a strong, unique password or passphrase for each account, and avoid storing account information on a website. And consider using a digital password wallet such as 1Password or LastPass to secure your passwords.
  • Segregate your browsing activities. Consider using separate browsers for sensitive logins and general web browsing.
  • Use private networks for sensitive transactions. Avoid checking your bank account, making purchases, or logging in to other websites that include sensitive information when using public Wi-Fi.

Go stealth when browsing. Your browser can store quite a bit of information about your online activities, including cookies, cached pages, and history. To ensure the privacy of personal information online, limit access by going “incognito” and using the browser’s private mode.

@MiddInfoSec: Preventing Device Theft

With an increasing amount of storage space and institutional connectivity on personal devices, the value and mobility of smartphones, tablets, and laptops make them appealing and easy targets. These simple tips will help you protect against and prepare for the potential loss or theft of a laptop or mobile device.

  • Don’t leave your device alone, even for a minute. If you’re not using it, lock your device in a cabinet or drawer, use a security cable, or take it with you. Middlebury has seen laptops stolen in the College library and from individual’s cars. Don’t assume your devices are safe because you feel at home with your surroundings.
  • Report any lost or stolen device promptly. Both institutional and personal devices may contain Middlebury data. Even if you only lose a personal device, work with the College’s Information Security workgroup to ensure that institutional or sensitive data is accounted for. Information Security may also be able to help you recover the device. If a device is lost or stolen contact the helpdesk at x2200 immediately.
  • Do not store extremely sensitive or internal data. Never store protected or sensitive data on your laptop. Refer to the Data Classification policy for clear definitions of data types. (http://go.middlebury.edu/dcp)
  • Keep your master and working copy of all data on network storage. Keeping your master and working copies of all of your data on Middlebury Google Drive or other secure network file storage such as Middfiles. This ensures that your data is protected and backed-up if your laptop is stolen or lost. Photos, papers, research, and other files are irreplaceable, and losing them may be worse than losing your device.
  • Record the serial number. Keep the serial number and asset tag of your device and store it in a safe place. This information can be useful for verifying your device if it’s found. This is especially important when you travel. Airport and police agencies may ask for this information when reporting lost or stolen devices.
  • Enable device tracking and wiping services. Use tracking and recovery software included with most devices (e.g., the “Find iDevice” feature in iOS) Some software includes remote-wipe capabilities. This feature allows you to log on to an online account and delete all of the information on your laptop. Mobile resources can be found here:
  • Apple iCloud: http://www.icloud.com
  • Microsoft Account: http://account.Microsoft.com/devices
  • Android Device Manager: https://support.google.com/accounts/topic/6160499?hl=e

 

24/7 Period at the Davis Family Library

The Davis Family Library will be open 24 hours a day starting Sunday morning, May 8th. Regular hours resume for Friday and Saturday, May 13th and 14th, then 24/7 resumes until 8 pm on Tuesday, May 24th. After 11 pm, you will need your ID to access the building.

Armstrong Library will have regular hours, with extended hours Friday and Saturday, May 20th and 21st (closing at 10 pm and midnight, respectively).

A full calendar of the hours can be found at go/hours

@MiddInfoSec: Don’t Get Hooked

You may not realize it, but you are a phishing target at school, at work, and at home. Phishing attacks are a type of computer attack that use malicious emails to trick targets into giving up sensitive information. Ultimately, you are the most effective way to detect and stop phishing scams. When viewing email messages, texts, or social media posts, use the following techniques to prevent your passwords, personal data, or private information from being stolen by a phishing attack.

  • Verify the source. Check the sender’s email address to make sure it’s legitimate. Remember that the name of the sender is not the important part. The sender’s email address is what you are really looking for. If in doubt, forward your message to phishing@middlebury.edu.
  • Read the entire message carefully. Phishing messages may include a formal salutation, overly-friendly tone, grammatical errors, urgent requests, or gimmicks that do not match the normal tone of the sender.
  • Avoid clicking on erroneous links. Even if you know the sender, be cautious of links and attachments in messages. Don’t click on links that could direct you to a bad website. Hovering your mouse over a link should disclose the actual web address that the link is directing you too, which may be different from what is displayed in the message. Make sure this masked address is a site you want to visit.
  • Verify the intent of all attachments with the sender before opening them. Even when you know a sender, you should never open an attachment unless have checked with the sender to verify the attachment was sent intentionally. Word and Excel documents can contain malicious macros which could harm your computer. Other files, such as zip files and PDF files, could download malware onto your system. Always verify the intent of attachments with the sender before you open them from an email.
  • Verifying a message is always better than responding to a phish. If you ever receive a message that provides reason to pause, it is always better to forward the message to phishing@middlebury.edu or to send a separate email to the sender to verify its intent, before clicking a link or opening an attachment that could potentially impact the security of your computer..
  • Change your passwords if you have fallen for a phish. If you think you have fallen for a phishing attack, change your password at go/password and then contact the helpdesk at x2200. It is also a good practice to change your personal passwords outside of the College.

 

Watch for phishing scams. Common phishing scams are published at sites such as http://IC3.gov , http://phishing.org ,https://www.irs.gov/uac/Report-Phishing. These resources will also allow you to report phishing attacks if you should fall victim outside of the College. Again, if you think you have fallen victim to a phishing attack, always start by changing your passwords.

Middlebury’s Google Apps for Education – Account status

As we continue to integrate Middlebury services with cloud providers like Google Apps and Microsoft Office 365, we are aware of possible account conflicts that may arise. In particular, on Monday, April 25th, we will begin automatically syncing Middlebury Google Apps accounts for all students, faculty and staff with @middlebury.edu or @miis.edu addresses. This may result in conflicts for those who have been using stand-alone Google services with an account that you set up to use your Middlebury address but was not provisioned by ITS in our Middlebury Google Apps instance.

What if I have registered my @middlebury.edu address for stand-alone Google services?

If you have been using stand-alone (ie. not Middlebury Google Apps) Google services with your @middlebury.edu address, you have what Google considers to be a “conflicting account” and you will need to rename your account to a non-middlebury.edu address after the update.

Do I need to do anything now?

After the accounts are synced, any documents (Docs, Sheets, Slides, or files in Google Drive) that you created with your personal account will be transferred to a new account to resolve the conflict. Afterwards, you will not be able to transfer ownership to anyone in the middlebury.edu domain. So if you have any documents under a personal stand-alone account with institutional data that should remain associated with the College, you need to transfer ownership to someone with a Middlebury Google Apps account now.

How can I tell if the account I’m using now is a personal or institutional account?

Try logging out and logging in again. If you enter your Google account password at Google’s login page, that’s a personal stand-alone account and the above considerations apply. If instead you enter your Middlebury e-mail and password at our new login page, that’s an institutional account and you’re all set. You can also watch this video.

Can I still access Google’s services for my personal use?

You can choose to maintain a separate account for your personal use of any Google services under a non-middlebury.edu address. If you have multiple Google accounts, the username that appears at the upper right corner of most Google services will help you ensure that you’re using the intended account.

What if I have questions about this?

Please email any questions about this change to helpdesk@middlebury.edu.  Or create an helpdesk ticket.


Defining and avoiding conflicting accounts
https://support.google.com/a/answer/185186

Help with your conflicting account:
https://support.google.com/accounts/troubleshooter/1699308?rd=2

Moving your personal data between accounts:
https://support.google.com/accounts/answer/1109839?hl=en&ref_topic=30035