Category Archives: middpoints

Panopto Pilot Proposal

Evaluation

Video has become a platform for course work and new pedagogies, co-curricular projects and more. It is also becoming a tool for internal and external communication (including for College governance). Our current solutions do not meet the expectations and needs of our academic community and administrative users, and do not scale cost effectively. We are going to implement a reliable, scalable and secure video streaming solution.

 

Last summer, the Curricular Technology Team evaluated services to meet Middlebury’s needs. A service was chosen, but was discontinued after being purchased by another company. The ACTT Video Streaming Service Project Team was charged with revisiting the evaluation. Included in the charge, they were asked to come up with an interim plan until a long-term solution could be determined by July 2017. To meet the charge, the ACTT evaluated three services: Panopto, Ensemble, and Arc.

 

Recommendation Summary

The Academic Cyberinfrastructure Transformation Team recommends piloting Panopto for Fall 2016.

 

  • Middlebury contract Panopto for one year
  • Middlebury pilot Panopto during fall term 2016
  • Panopto provisioning happens via the Course Hub
  • Faculty may access Panopto collections via Canvas

 

Why a Pilot?

  • Middlebury has not used an enterprise level vendor-hosted video streaming platform, and we will need to assess how we would use it.
  • Panopto would be a new service to Middlebury, also Canvas will be moving to the Enterprise stage. Middlebury academic support will be limited while all of us are learning.
  • Some schools have adopted both Panopto and Ensemble, each for different needs, and have had good experiences.
  • Arc integrates directly with Canvas, but is still in beta and does not meet all of Middlebury’s needs.
  • The recommendation at the end of the pilot should include needs that are not being met.

Recommendation: Middlebury pilot Panopto during fall term 2016

 

Timeline

Faculty will be more likely to use a new service if it is available for fall, winter and spring terms. Also, the extra time will provide us with more information on how Middlebury would use this kind of service. Web Technologies and Services need time to integrate Panopto with the Course Hub, this will allow ease of use for the open pilot and avoid conflicts should Middlebury decide to adopt Panopto in the future. It is possible for faculty and students to access content in Panopto from Canvas, allowing us will help us to better understand how these systems work together.

 

What Who When
Negotiate terms for pilot and purchase in FY’16 Academic Technology and ITS June 2016
Add Panopto to Course Hub and Canvas Web Technologies and Services June – July 2016
Implement Panopto, add authentication and organization schema Academic Technology,
Web Technologies and Services

 

 June – July 2016
Work with courses that self-select during open pilot Academic Technology,
Digital Learning Commons,
Digital Learning		 July 2016
MIIS Pilot Digital Learning Commons August 2016 – classes begin August 29, 2016
Middlebury Pilot Academic Technology September 2016 – classes begin September 12, 2016
Budget Proposal   January 2017
Budget Decision   May 2017

Recommendation: Middlebury contract Panopto for one year

Recommendation: Panopto provisioning happens via the Course Hub

Recommendation: Faculty may access Panopto collections via Canvas

Support

Escalation levels and SLAs would be similar as they are currently for Moodle and MiddMedia.

 

Outline of responsibilities

What Who
Course-related support Primary: Academic Tech, DLC, DL

Backup Support: Media Services
Administrative-use support (core functions) Primary: Media Services
Other academic support (creativity & innovation project, student internship w/ or w/out credit, faculty research, symposium) Primary: Academic Tech, DLC, DL

Backup Support: Media Services

 

 

 

ACTT In-progress Project Presentation for Canvas

The new ACT Team process includes in-progress project presentations. These presentations are meant to inform the community about how things are going, what has been done and what still needs to be done, what is going well and what are the challenges.

In this meeting we will talk about Canvas.

These are open meetings, please feel free to share the invitation with anyone you feel is interested in the topics discussed.

 

Middlebury will Adopt Canvas

In January, 2016, the ACTT (formerly CTT) submitted a recommendation for Middlebury to adopt Canvas. We have received budget approval, and will begin the work of moving Middlebury into the Canvas service.

Thank you to all of the faculty and students that participated in the pilot. Your participation and feedback (Midd and MIIS) helped to make a strong recommendation. And thank you to Joe Antonioli, Bob Cole, Bill Koulopoulos, Stacy Reardon, Shel Sax and Heather Stafford for supporting these classes during the pilot.

Also, thank you to all of the schools that provided us with insight and the benefit of their experience with Canvas. We learned a lot from you.

There is a lot of work still to be done to move Canvas from pilot to enterprise, but we do hope that you take a moment to celebrate this milestone and the collective effort to get to this point.

ACTT In-Progress Project Presentation for GoogleApps for Edu and OneDrive

[This meeting was rescheduled from May 17th to May 31st.]

Tuesday, May 31st from 3-4pm
LIB 105A or Polycom 712833

The new ACT Team process includes in-progress project presentations. These presentations are meant to inform the community about how things are going, what has been done and what still needs to be done, what is going well and what are the challenges.

Agenda

In this meeting we will look at the GoogleApps for Edu and OneDrive projects.

In-progress project presentations are open meetings, anyone may attend. Please feel free to share the invitation with anyone you feel is interested in the topics discussed.

@MiddInfoSec: Preventing Device Theft

With an increasing amount of storage space and institutional connectivity on personal devices, the value and mobility of smartphones, tablets, and laptops make them appealing and easy targets. These simple tips will help you protect against and prepare for the potential loss or theft of a laptop or mobile device.

  • Don’t leave your device alone, even for a minute. If you’re not using it, lock your device in a cabinet or drawer, use a security cable, or take it with you. Middlebury has seen laptops stolen in the College library and from individual’s cars. Don’t assume your devices are safe because you feel at home with your surroundings.
  • Report any lost or stolen device promptly. Both institutional and personal devices may contain Middlebury data. Even if you only lose a personal device, work with the College’s Information Security workgroup to ensure that institutional or sensitive data is accounted for. Information Security may also be able to help you recover the device. If a device is lost or stolen contact the helpdesk at x2200 immediately.
  • Do not store extremely sensitive or internal data. Never store protected or sensitive data on your laptop. Refer to the Data Classification policy for clear definitions of data types. (http://go.middlebury.edu/dcp)
  • Keep your master and working copy of all data on network storage. Keeping your master and working copies of all of your data on Middlebury Google Drive or other secure network file storage such as Middfiles. This ensures that your data is protected and backed-up if your laptop is stolen or lost. Photos, papers, research, and other files are irreplaceable, and losing them may be worse than losing your device.
  • Record the serial number. Keep the serial number and asset tag of your device and store it in a safe place. This information can be useful for verifying your device if it’s found. This is especially important when you travel. Airport and police agencies may ask for this information when reporting lost or stolen devices.
  • Enable device tracking and wiping services. Use tracking and recovery software included with most devices (e.g., the “Find iDevice” feature in iOS) Some software includes remote-wipe capabilities. This feature allows you to log on to an online account and delete all of the information on your laptop. Mobile resources can be found here:
  • Apple iCloud: http://www.icloud.com
  • Microsoft Account: http://account.Microsoft.com/devices
  • Android Device Manager: https://support.google.com/accounts/topic/6160499?hl=e

 

@MiddInfoSec: Don’t Get Hooked

You may not realize it, but you are a phishing target at school, at work, and at home. Phishing attacks are a type of computer attack that use malicious emails to trick targets into giving up sensitive information. Ultimately, you are the most effective way to detect and stop phishing scams. When viewing email messages, texts, or social media posts, use the following techniques to prevent your passwords, personal data, or private information from being stolen by a phishing attack.

  • Verify the source. Check the sender’s email address to make sure it’s legitimate. Remember that the name of the sender is not the important part. The sender’s email address is what you are really looking for. If in doubt, forward your message to phishing@middlebury.edu.
  • Read the entire message carefully. Phishing messages may include a formal salutation, overly-friendly tone, grammatical errors, urgent requests, or gimmicks that do not match the normal tone of the sender.
  • Avoid clicking on erroneous links. Even if you know the sender, be cautious of links and attachments in messages. Don’t click on links that could direct you to a bad website. Hovering your mouse over a link should disclose the actual web address that the link is directing you too, which may be different from what is displayed in the message. Make sure this masked address is a site you want to visit.
  • Verify the intent of all attachments with the sender before opening them. Even when you know a sender, you should never open an attachment unless have checked with the sender to verify the attachment was sent intentionally. Word and Excel documents can contain malicious macros which could harm your computer. Other files, such as zip files and PDF files, could download malware onto your system. Always verify the intent of attachments with the sender before you open them from an email.
  • Verifying a message is always better than responding to a phish. If you ever receive a message that provides reason to pause, it is always better to forward the message to phishing@middlebury.edu or to send a separate email to the sender to verify its intent, before clicking a link or opening an attachment that could potentially impact the security of your computer..
  • Change your passwords if you have fallen for a phish. If you think you have fallen for a phishing attack, change your password at go/password and then contact the helpdesk at x2200. It is also a good practice to change your personal passwords outside of the College.

 

Watch for phishing scams. Common phishing scams are published at sites such as http://IC3.gov , http://phishing.org ,https://www.irs.gov/uac/Report-Phishing. These resources will also allow you to report phishing attacks if you should fall victim outside of the College. Again, if you think you have fallen victim to a phishing attack, always start by changing your passwords.

Middlebury’s Google Apps for Education – Account status

As we continue to integrate Middlebury services with cloud providers like Google Apps and Microsoft Office 365, we are aware of possible account conflicts that may arise. In particular, on Monday, April 25th, we will begin automatically syncing Middlebury Google Apps accounts for all students, faculty and staff with @middlebury.edu or @miis.edu addresses. This may result in conflicts for those who have been using stand-alone Google services with an account that you set up to use your Middlebury address but was not provisioned by ITS in our Middlebury Google Apps instance.

What if I have registered my @middlebury.edu address for stand-alone Google services?

If you have been using stand-alone (ie. not Middlebury Google Apps) Google services with your @middlebury.edu address, you have what Google considers to be a “conflicting account” and you will need to rename your account to a non-middlebury.edu address after the update.

Do I need to do anything now?

After the accounts are synced, any documents (Docs, Sheets, Slides, or files in Google Drive) that you created with your personal account will be transferred to a new account to resolve the conflict. Afterwards, you will not be able to transfer ownership to anyone in the middlebury.edu domain. So if you have any documents under a personal stand-alone account with institutional data that should remain associated with the College, you need to transfer ownership to someone with a Middlebury Google Apps account now.

How can I tell if the account I’m using now is a personal or institutional account?

Try logging out and logging in again. If you enter your Google account password at Google’s login page, that’s a personal stand-alone account and the above considerations apply. If instead you enter your Middlebury e-mail and password at our new login page, that’s an institutional account and you’re all set. You can also watch this video.

Can I still access Google’s services for my personal use?

You can choose to maintain a separate account for your personal use of any Google services under a non-middlebury.edu address. If you have multiple Google accounts, the username that appears at the upper right corner of most Google services will help you ensure that you’re using the intended account.

What if I have questions about this?

Please email any questions about this change to helpdesk@middlebury.edu.  Or create an helpdesk ticket.

Defining and avoiding conflicting accounts
https://support.google.com/a/answer/185186

Help with your conflicting account:
https://support.google.com/accounts/troubleshooter/1699308?rd=2

Moving your personal data between accounts:
https://support.google.com/accounts/answer/1109839?hl=en&ref_topic=30035

 

@MiddInfoSec: Phishing Alert – – “Update Announcements”

A phishing email message was sent to @middlebury.edu mailboxes today with a subject line of “Update Announcements”.  DO NOT RESPOND ON THIS MESSAGE!

The phishing email message is an attack designed to trick people into disclosing their username and password.  Do NOT follow the instructions in the message, as it could lead to your Middlebury account being compromised.

If you were tricked by the email and responded,  reset your network password immediately at go/password and then call the Helpdesk at x2200 for further assistance with your account and any possible concerns with your computer.

Here’s a sample of the phishing email message:

Dear middlebury.edu User.

Urgent Update Announcements.

Your middlebury.edu Account has been Sign in with a strange IP Address: And this indicate your mail account is been used for FRAUDULENT ACT, For these reasons, Our records indicate you are no longer our current/active user. Therefore, your account has been scheduled for deletion on this Month of APRIL, 2016. As part of this process, your account, files, email address messages etc, will be deleted from our Data Base.

To Retail Your Account.

You are required to reply with your valid ONLINE ACCESS for reactivation, to ensure Your account remains active and subscribed, Otherwise this account will be De-activated within the next 72 hours hence from now.

Name In Full:

User Name:

Pass Word:

@middlebury.edu

Thank You.

 

Come Secure your Mobile Device

Learn about Mobile Security

Plan ahead for an afternoon RoadShow with Information Security March 30th @ 2:00 in Lib145.

This is an opportunity for you to ask questions and converse on topics such as:

  • How do I add a pin to my mobile device
  • Is my device encrypted
  • How do I track my device if lost
  • How do I remote wipe my device
  • How do I ensure my data is backed up

Image 001

Get help securing your mobile device.

Join Information Security in Lib145 @ 2:00PM on March 30th.

Follow Information Security on Twitter @MiddInfoSec.

Beware of Fake Order/Fake Invoice Emails with Malicious Attachments

Attackers commonly use the macro functionality found in Microsoft Word and Excel to attack their victims. They attach malicious documents to an email. When opened, the files can lead to a virus infection on your computer.  If you ever get a message with any of these attachments, particularly if you were not expecting it, do NOT open the attachment.

We have received reports for faked order confirmation and fake invoice emails this week that have been well crafted. The faked emails included malicious Microsoft Word documents bearing malware. A couple of examples are included below.

ALWAYS verify unexpected emails with the sender, particularly if they include attachments.

NEVER open attachments that you are not expecting without first verifying they are legitimate with the sender.

If you do open an attachment or file that you suspect is malicious unplug your network cable and contact the helpdesk at x2200 immediately.

fake-invoice-email fake-order-summary-email