Category Archives: Post for MiddPoints

@MiddInfoSec: “Middlebury College!” A Well Crafted Phishing Attack Looks to Come from the College

Warning! Over the past couple of days Middlebury College has been the target of a well-crafted  phishing campaign. Phishing messages are email messages designed to trick you into divulging your username and password. In this case, the phishing messages were written so that they looked like they were sent from Middlebury’s Department of Public Safety. An example of this phishing message is included below.

Middlebury’s email system was able to filter the vast majority of these phishing messages, delivering them into each recipient’s Spam Quarantines. Even with this protection, however, a few individuals released the messages from their quarantines, opened  the messages, and clicked on the phishing links therein.

Always use caution with quarantined messages. The quarantine is specifically designed to protect you from phishing attacks crafted to trick you into divulging your Middlebury account username and password.  If you have any questions about a quarantined message, contact the Help Desk or send a note to phishing@middlebury.edu. We would be glad to help.

Sample Phishing Message:

phish-1062016

For more information on phishing please visit http://go.middlebury.edu/phish. For additional details about spam filtering and the spam quarantine, please review Spam Filtering at Middlebury.

Clifford Symposium at the Library – through October

Clifford Symposium at the LibraryThe libraries are pleased to support the Art and Science of Mindful Engagement during the  Clifford Symposium and beyond. Dip into a few recommended books on display, let a podcast walk you through a guided meditation, and disconnect from daily stressors in the Unplug and Recharge Room. (Or, borrow meditation cushions from the Circulation Desk and use them anywhere in the library!)

All will be available during regular library hours now through mid-October.

Library Book Display (Davis Family Library): Recommendations from faculty, students, and staff for mindfulness and meditation readings. Browse and borrow whatever you like! Located on the main level of the Davis Family Library.

Guided Meditation Station (Davis Family Library): Pick a blue chair, put on the headphones, and hit “play.” A professional will walk you through a short guided meditation exercise. Try it and see how you feel afterward! Located on the main level of the Davis Family Library.

Unplug and Recharge Room (Davis Family Library): Take a break and disconnect from daily stressors. A secluded corner of the library will be screened off to create a temporary Unplug and Recharge Room with meditation cushions and soft lighting. Located on the upper level of the Davis Family Library.

Meditation Cushions  (Davis Family Library and Armstrong Library): Thanks to the Scott Center for Spiritual and Religious Life, we are able to offer loaner meditation cushions for the whole school year. Check them out from the Circulation Desk, and use them anywhere in the library for 2 hours.

Library hours at http://go.middlebury.edu/hours.

Welcome (Back) to the Libraries!

Whether you’re new to campus or returning from summer break, we welcome you to the libraries.

Midd Libraries Quick Guide

Midd Libraries Quick Guide

Ready for an introduction to library resources? You’ll find all the advice you need to get started in the Midd Libraries Quick Guide.

Want a deeper look at our collections? There’s a guide for every subject at http://go.middlebury.edu/guides.

Welcome!

 

@MiddInfoSec: Information Security is Everyone’s Responsibility!

It is important for each of us to be aware of the increasing security risks to our increasingly connected lives. From laptops and tablets to smartphones and wearable technology, and 24/7 access to our personal data, the risk of sensitive information being exposed is very real.

  • Be Data Aware:

 Travel with, save, or record ONLY the data that is necessary and essential. Always redact or remove unnecessary sensitive data. Always keep your data backed-up and encrypted, when possible.

  • Protect Your Device:

Add a passcode to your cell phone, tablet, or laptop right now! iOS devices automatically encrypt your data once a passcode has been set. Android devices can encrypt your data with a few minor settings changes.

  • Use Strong & Unique Passwords or Passphrases:

Especially for online banking and other important accounts.

  • Use Multi-Factor Authentication when available:

Middlebury is introducing MFA for O365 and other services in 2016. Use MFA wherever possible.

  • Check Your Social Media Settings:

Review your social media security and privacy settings frequently. Enable MFA whenever possible. Keep your social media accounts current or close them.

  • Educate Yourself:

Stay informed about the latest technology trends and security issues such as malware and phishing. Visit http://go.middlebury.edu/infosec for more information. For targeted training visit: http://go.middlebury.edu/infoseced .

  • Get Trained:

Contact ITS – Information Security at infosec@middlebury.edu to set up a training session for your department.

@MiddInfoSec: Keeping Your Password Secure

Did you know that most passwords are easily broken? A few “secrets” can help you make a stronger more memorable password.

Dos

  • Longer is better – use at least 8 characters with upper and lower case, numbers and symbols.
  • Create an easy-to-remember passphrase  with four or more words substituting special characters for some of the letters.
  • Use a unique password for each service or account.
  • Change your password or passphrase regularly:
  • Be sure you’re on the correct website before entering your password or passphrase
  • Set a password for access to your mobile device

Don’ts

  • Don’t include personal information such as usernames, account numbers, address or phone numbers in your password or passphrase.
  • Don’t reuse the same password for multiple services
  • Don’t use a single word, in any language
  • Don’t use consecutive repeating characters or a number sequence
  • Don’t share your password or passphrase – even with managers, co-workers or the Help Desk
  • Don’t send your passwords through email

Tools

@MiddInfoSec: Information Security’s ‘Security Scout of the Month’

To help raise awareness about community efforts to prevent significant security issues, Middlebury Information Security has launched a ‘Security Scout of the Month’ award.

This month Information Security would like to recognize Amy Dale who promptly and accurately responded to potential malware activity by unplugging her computer and reaching out to the Help Desk for immediate assistance.

When asked, Amy shared this advice about computer security, “My previous work experience, particularly at AOL, helped prepare me to be more alert and aware of scams. A previous manager always said, “when in doubt, leave it out.”  In other words, when you’re the least bit hesitant, then don’t open/click/download, etc. “

This astute awareness and keen insight is why Amy is this month’s ‘Security Scout of the Month’.

We are excited to celebrate the hard work and security conscious efforts of our community. Please watch for the next ‘Security Scout of the Month’ and help us recognize these efforts.

If you would like to recognize an individual for their information security contributions or would like to raise an information security concern, please contact infosec@middlebury.edu.

@MiddInfoSec: Stay Safe and Secure when Online

When you are reading e-mail or browsing online, be on the lookout for suspicious links and deceptive web pages, which are major sources of malware. Also be careful of downloadable files since they can introduce malware. And remember that additional browser plugins and unused applications require additional patching to remain secure. Here are some suggestions to make your day-to-day computing more productive, safe, and secure.

  • Keep your software up-to-date. Be sure to install antivirus updates and regularly check for and install updates for any applications or browser plugins you may run on your computer. (e.g., Adobe Flash and Java)
  • Be more secure! Don’t enter sensitive or personal information into a URL unless you have verified the address and you have ensured its security by checking that it includes HTTPS.
  • When in doubt, ignore. Don’t click on pop-up windows or extraneous ads. And, don’t click on links in emails or web sites until you have verified their destinations by hovering your mouse over the link.
  • Keep your private information safe. Use a strong, unique password or passphrase for each account, and avoid storing account information on a website. And consider using a digital password wallet such as 1Password or LastPass to secure your passwords.
  • Segregate your browsing activities. Consider using separate browsers for sensitive logins and general web browsing.
  • Use private networks for sensitive transactions. Avoid checking your bank account, making purchases, or logging in to other websites that include sensitive information when using public Wi-Fi.

Go stealth when browsing. Your browser can store quite a bit of information about your online activities, including cookies, cached pages, and history. To ensure the privacy of personal information online, limit access by going “incognito” and using the browser’s private mode.

Notes for Google Apps and OneDrive Project Presentation

  • Cloud Services: Google and Microsoft
    • Goal: provide better (cloud-based) services to the community
  • Infrastructure
    • Storage
      • Available from anywhere
      • Private, secure, encrypted
      • Scales to demand
    • Access to info
      • Collaboration and sharing
    • Familiar and consistent
  • Why are we doing this?
    • Better consume our resources
      • Home directories on middfiles are 25TB
      • Grows a half TB a month
    • Enhance service offerings
      • Available anywhere on most any device
      • Scalable and efficient use of eresources
      • Cost effective
      • Highly available
      • On demand automatic provisioning
  • What we can provide
    • Google apps for edu
      • No longer in beta!
      • Online collaboration
      • Drive
    • 365
      • Online collaboration suite – word, excel
      • Software distribution (local office install)
      • Onedrive
      • More nuanced levels of licensing and access – differences between MIIS and Midd College, working through those issues
    • Email in the cloud!
      • Fully hosted or hybrid model
  • Where we are now
    • Groundwork has been laid
    • All midd users automatically have GAfE account
      • Including access to apps, drive, and youtube
    • All midd users automatically have an O365 account
      • College students can install local copies of Office through O365
        • Only for residential students, MIIS students can access cloud-based Office suite
      • Everyone has accounts but they don’t have access yet
    • All active directory groups exist in both GAfE and O365
  • Still to come
    • A series of projects as opposed to one big unveiling
      • Documentation and education project
      • Microsoft’s online collaboration apps
      • OneDrive and GoogleDrive
      • Home use software distribution Faculty/Staff
      • Everyone currently has access to Google Apps (but most people don’t know)
      • Everyone does not currently have access to OneDrive – still to come
      • Cloud-based email still to come
  • Decisions that still need to be made
    • Which service do we recommend to people?
    • How do different groups collaborate effectively?
    • Do professors choose one or the other?
      • Will students need access to both?
    • Others?

 

Questions

  • Do we want to offer the same level of support for both or favor one?
    • One platform may be better for certain uses than the other
    • We like the idea of a default/one that is better supported
  • Any support requests re: Google to date?
    • A few calendar items, nothing major
    • Most people are using web interface
  • I’m a student with a google account that I use for school work – I graduate and move on. How do I transition my work to my private account?  (Bill)
    • No fee, but there will be some hoops/procedures to go through
  • I’m a student with a Microsoft account that I use for school work – I graduate and move on. How do I transition my work to my private account? (Bill)
    • Currently more complicated than Google
    • Everything that is cloud-delivered is free
  • Do we have an inventory of what’s been turned on by Google Admin? (Joe)
    • Yes, a list can be shared
    • When you’re logged in you can see a list of some applications, but not all of them
  • How does a faculty member associate Google resources with a course?
    • A Course Hub integration would be helpful here; it’s currently tough to find the right group in Google
      • Create the resource, connect with the correct student group
    • With OneDrive, groups can own files/documents – more ownership-based management than Google-drive
      • If group owns documentation, data management is simpler from an administrative perspective. Group membership should be able to shift seamlessly
      • This is a nuance we’ll have to figure out between Google and OneDrive
  • Monterey and Midd campuses have the exact same access to this functionality? (Bill)
    • Yes, only difference is residential component for the College (Office installs)
    • This is an example of “big M” Middlebury thinking
  • For a guest lecturer or auditor, they could be added to a Google folder not a group?
    • Another nuance that needs to be explored/determination needs to be made about what to recommend to faculty
  • In terms of announcements/messaging/role out, does Course Hub integration need to be in place first?
    • We need to have nuances largely figured out before we make an announcement
  • So what’s the rollout timeframe?
    • Timeline needs to include various project teams
    • Probably not reality to have ready for fall 2016 roll out
    • Do we need to roll both platforms out at the same time?
      • It would behoove us to roll out the recommended platform first
  • We need to give faculty clear instructions about procedure change, as they are not accustomed to provisioning folders themselves (Joe)
    • Now they will need a folder with the appropriate permissions
  • What’s the motivation for having both services?
    • We have to have some of each. Google is already pretty ubiquitous in usage across Middlebury. We have to roll out Microsoft because of software distribution. Or do we? We can control what Microsoft functionality is available to avoid too much overlap with Google.
    • Encryption/security implications – Microsoft is superior to Google in this respect
    • Google doesn’t work in China – Jeff Cason currently testing OneDrive in China
    • A potential differentiation could be
      • Academic – Google. Administrative – Microsoft.
        • In reality this won’t happen
  • While Microsoft is in beta, the move to single sign on for everyone seems like a big step (Bob)
    • MIIS users having to sign on with @middlebury.edu account
    • We want to promote access to Google Apps – it would be disappointing if we couldn’t make an official announcement to the MIIS campus this fall even if the Course Hub integration is not in place.
    • What happens when students graduate? Some of our students are only here for a year, some do Peace Corps during their degree – leave campus for 2 years and come back.
      • How do the nuances of those different user needs get managed? We need an exit strategy.
    • Exit strategy for individuals and Middlebury as a whole is important.
  • Where is this project in terms of the ACTT life cycle? (Bob)
    • Should OneDrive be rolled out the same way Google Apps was?
      • Resource constraints
  • Is there a downside to MIIS announcing Google Apps rollout to campus? (Bob)
    • When Microsoft is rolled out, there may be an inordinate number of help desk tickets from people who want to migrate content from Google to Microsoft
    • It depends on when OneDrive becomes available
      • Timelines are not currently known, several different project teams
  • 2,000 Google Apps accounts active before syncing took place
  • There was already a OneDrive instance at MIIS that was being used by 40 people – no administrator
  • There’s nothing stopping any Middlebury user from using Google Apps (they just don’t know about it)
    • We are currently not fully committing or walking away from either

Panopto Pilot Proposal

Evaluation

Video has become a platform for course work and new pedagogies, co-curricular projects and more. It is also becoming a tool for internal and external communication (including for College governance). Our current solutions do not meet the expectations and needs of our academic community and administrative users, and do not scale cost effectively. We are going to implement a reliable, scalable and secure video streaming solution.

 

Last summer, the Curricular Technology Team evaluated services to meet Middlebury’s needs. A service was chosen, but was discontinued after being purchased by another company. The ACTT Video Streaming Service Project Team was charged with revisiting the evaluation. Included in the charge, they were asked to come up with an interim plan until a long-term solution could be determined by July 2017. To meet the charge, the ACTT evaluated three services: Panopto, Ensemble, and Arc.

 

Recommendation Summary

The Academic Cyberinfrastructure Transformation Team recommends piloting Panopto for Fall 2016.

 

  • Middlebury contract Panopto for one year
  • Middlebury pilot Panopto during fall term 2016
  • Panopto provisioning happens via the Course Hub
  • Faculty may access Panopto collections via Canvas

 

Why a Pilot?

  • Middlebury has not used an enterprise level vendor-hosted video streaming platform, and we will need to assess how we would use it.
  • Panopto would be a new service to Middlebury, also Canvas will be moving to the Enterprise stage. Middlebury academic support will be limited while all of us are learning.
  • Some schools have adopted both Panopto and Ensemble, each for different needs, and have had good experiences.
  • Arc integrates directly with Canvas, but is still in beta and does not meet all of Middlebury’s needs.
  • The recommendation at the end of the pilot should include needs that are not being met.

Recommendation: Middlebury pilot Panopto during fall term 2016

 

Timeline

Faculty will be more likely to use a new service if it is available for fall, winter and spring terms. Also, the extra time will provide us with more information on how Middlebury would use this kind of service. Web Technologies and Services need time to integrate Panopto with the Course Hub, this will allow ease of use for the open pilot and avoid conflicts should Middlebury decide to adopt Panopto in the future. It is possible for faculty and students to access content in Panopto from Canvas, allowing us will help us to better understand how these systems work together.

 

What Who When
Negotiate terms for pilot and purchase in FY’16 Academic Technology and ITS June 2016
Add Panopto to Course Hub and Canvas Web Technologies and Services June – July 2016
Implement Panopto, add authentication and organization schema Academic Technology,
Web Technologies and Services

 

 June – July 2016
Work with courses that self-select during open pilot Academic Technology,
Digital Learning Commons,
Digital Learning		 July 2016
MIIS Pilot Digital Learning Commons August 2016 – classes begin August 29, 2016
Middlebury Pilot Academic Technology September 2016 – classes begin September 12, 2016
Budget Proposal   January 2017
Budget Decision   May 2017

Recommendation: Middlebury contract Panopto for one year

Recommendation: Panopto provisioning happens via the Course Hub

Recommendation: Faculty may access Panopto collections via Canvas

Support

Escalation levels and SLAs would be similar as they are currently for Moodle and MiddMedia.

 

Outline of responsibilities

What Who
Course-related support Primary: Academic Tech, DLC, DL

Backup Support: Media Services
Administrative-use support (core functions) Primary: Media Services
Other academic support (creativity & innovation project, student internship w/ or w/out credit, faculty research, symposium) Primary: Academic Tech, DLC, DL

Backup Support: Media Services

 

 

 

ACTT In-progress Project Presentation for Canvas

The new ACT Team process includes in-progress project presentations. These presentations are meant to inform the community about how things are going, what has been done and what still needs to be done, what is going well and what are the challenges.

In this meeting we will talk about Canvas.

These are open meetings, please feel free to share the invitation with anyone you feel is interested in the topics discussed.