• A-Z
  • Directory
  • myUVM
  • Loading search...

CAS Computing Services Blog

Do you know what “University Protected Information” is?

Posted: August 29th, 2012 by Arts & Sciences Computing Services Office

I’m guessing that you probably don’t know exactly what we mean when we say “University information” in a security related discussion.  This is because the definitions are buried in the fairly recently published University Information Security Policy and just like End User License Agreements, nobody likes to read policy statements until we have to.

Those of you involved in human subject research, anything HIPAA related, etc are, I’m sure, much more conscious of protecting things like patient information, health records, etc.  Or at least I sincerely hope you are.  But those of you routinely doing “other UVM business” may not be as familiar.

So, extracted from this policy document:

http://www.uvm.edu/policies/cit/infosecurity.pdf

The following definitions apply to UVM information, and not to information about yourself or your friends or family that is unrelated to UVM. 

“Personally Identifiable Information” is any information about an individual that (i) can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother’s maiden name, motor vehicle operator’s license number or non-driver identification card number, or biometric records; and (ii) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.

“Protected Health Information” refers to individually identifiable health information transmitted or maintained by electronic media or maintained in any other form or medium, but excludes certain education-related records and certain employment records held by an employer.

“Protected Student Information” is student education records maintained by the University, whether by academic or administrative units, and protected under the Family Educational Rights and Privacy Act (FERPA) and as described more fully in the UVM FERPA Rights Disclosure policy.

[FERPA Rights Disclosure document is here http://www.uvm.edu/policies/student/ferpa.pdf]

“Confidential information” is sensitive information about individuals, the University, or University property, including, without limitation, Personally Identifiable Information, Protected Health Information, information involving certain legal matters, or business and financial transactions, grant applications, student records, pending patent applications, institutional electronic security architecture, and information about security breaches or other events.

Protected Library Records – means patron registration records that contain the information a University library patron must provide to be eligible for library privileges and patron transaction records that contain personally identifiable information related to an individual’s activities within the University libraries.

In order to easily protect UVM from a data breach, which admittedly would be very costly to the institution both financially and in reputation, UVM now requires that all UVM owned laptops be encrypted using our licensed PGP encryption.  UVM also requires that home computers used for “UVM business” be encrypted as well.

It’s my opinion that vastly increased security could come from less drastic measures, such as educating the people performing the work of exactly what constitutes sensitive information. Which brings us to this post.

Takeaways from the above:

It would be wise to consider NOT using your personal devices and home computers for UVM related business

If you do choose to do so, it would be wise to:

  • Store UVM related documents containing protected information ONLY in UVM network storage (Zoofiles or Active Directory), not on Dropbox, Carbonite, iCloud or any form of personally available local or cloud storage and not on the local hard drive of the computer
  • Set your email programs NOT to cache your email on the local machine if you can (note that UVM webmail is NOT immune to caching since it stores snapshots of visited pages in the web browser temporary directory)
  • Make sure that all your devices are protected by a password, passkey or equivalent and where possible ensure that theft target, easy to lose devices such as smartphones and iPads are protected by remote location and erasure services, if any.  Apple offers a “find my device” service that is capable of locating a misplaced or stolen device (which in my experience works frighteningly well) and also remotely wiping the data off of it, if it cannot be retrieved.

If we all do our part to be aware of sensitive data and take fairly common sense steps towards protecting it, UVM will be protected from expensive and embarrassing data breaches.  It’s also a good idea to implement some of these measures to protect your personal property and information as well.

 

informational, security | No Comments »

Is This Email Legit?

Posted: April 30th, 2012 by Arts & Sciences Computing Services Office

Is this email legitimate or a hoax?  This is the single most frequently asked question we have.  The answer is almost always no but people still ask and occasionally one of our clients will fall for a scam and end up with a compromised account.

The basic rule of thumb should be: if you want to ask someone about a particular email, then chances are the email is a scam and you should just delete it.

In general here’s what to look for:

  • Is the email coming from a UVM email address?  If not, it’s fake.
  • If there is a link in the email, does the link appear to be going to a UVM website (i.e. does the host name end in “uvm.edu”)?  If not, it’s fake.
  • Does the link in the email go to same place that the email says it does (e.g. the link says “www.uvm.edu” but actually goes somewhere else).  If it doesn’t, it’s fake.
    You do not have to click the link to find out where it’s actually going.  Instead you can right click (control click under MacOS) and select “Copy Link Location”, then you can paste the link into any web browser and “see where it’s going” before actually clicking.
  • If you do click the link does the site ask you for personal information (account and password, or worse, SS#)? If yes, it’s fake.
  • Does the email threaten dire measures if you don’t comply?  If yes, it’s probably fake.
    Any security measure imposed by UVM (e.g. expiring your UVM netID every 365 days), will not be executed without ample warning (two weeks at least) and can always be reversed.

Here is an ebay website on the subject:

http://pages.ebay.com/education/spooftutorial/spoof_2.html

Here’s another:

http://www.antiphishing.org/consumer_recs.html

Uncategorized | No Comments »

MacOS X Users: It is now safe to go back into the water, 10.7.3 update

Posted: March 12th, 2012 by Arts & Sciences Computing Services Office

Greetings-

For those running MacOS X Lion, aka 10.7, it is now safe to install the 10.7.3 update.  Apple switched from the context sensitive Software Updates version of the update (which is supposed to only install the components of the update that your computer needs) to the “Combo” version which contains everything for all currently supported Mac hardware.  This makes for a bigger update, but a safer one.

Please plan to allow enough time for the update to download, connect yourself to the fastest network connection possible and for those with Macbooks, connect your Magsafe AC Power supply before installing.

If you are not running a Mac, or are not running MacOS 10.7 (Lion) please disregard this message.

Uncategorized | No Comments »

MacOS users: 10.7.3 update is out, install at your own risk

Posted: February 2nd, 2012 by Arts & Sciences Computing Services Office

If you do not have a Macintosh computer and are running OS X version 10.7, this article does not pertain to you.  Please keep moving folks, nothing more to see here.

Macintosh users with the most recent version of OS X, 10.7, aka “Lion”, there is an updated version of the OS that adds some language support and claims to fix a few outstanding bugs.  Normally we recommend that Mac users install updates as they become available, but not this time.

Apparently there are enough people running into networking, and application crashing, problems that CNet has an article on the subject:

http://reviews.cnet.com/8301-13727_7-57370469-263/os-x-10.7.3-update-causing-cui-interface-artifacts/

My advice would be to wait for an update to this update before installing.  The fixes described in the release notes for 10.7.3 will not improve the lives of most people anyway, so upgrading is not worth the risk of instability at this time.

The advice that the Cnet article gives for preventing the issues from occurring (which is not guaranteed to work please note) is pretty much what should be standard practice for all MacOS users:  make a backup, fix disk permissions using Disk Utility, download and install the Combo Fix version of the update rather than installing through Software Update.  Especially if you are an “early adopter” who installs everything as soon as it comes out, it’s a good idea to always follow the above routine.

Since we image our Macs with our own image, booting to the Lion restore partition is not an option for you should something go seriously wrong.  Instead you will have to bring the machine to us to be rebuilt.

CAS Computing Services

Tags:
informational | No Comments »

Re-Introducing Webfiles.uvm.edu

Posted: January 26th, 2012 by Arts & Sciences Computing Services Office

After the Systems Architecture and Administration (SAA) group replaced the old active directory filing appliance with honest to goodness Windows 2008 Servers, http://webfiles.uvm.edu went away.

Well, thanks to the SAA group,  it’s back and in a supercharged version.  Connect, log in using your UVM netID, and you not only can get at your personal active directory files, but you can also see any shared directory that you have rights to, and your Zoo files and your website on zoo.  All in one big happy intuitive drag and drop environment that allows right clicking, downloading, uploading, folder creation, file deletion, etc etc etc.  There’s no reason to use SFTP.

Screenshot of the Webfiles folder listing

More information here:  Accessing UVM’s Network Storage

Tags: , , ,
antivirus, email, informational | No Comments »

Fake Antivirus Infections on the Increase

Posted: May 11th, 2011 by Arts & Sciences Computing Services Office

Recently we’ve seen a rash of people infected with official looking but entirely fake antivirus malware. In general, the user reports that they were just using a web browser, minding their own business when suddenly a window appears that looked like it came from Microsoft Windows, and which informed them that they were infected with everything under the sun. The window wouldn’t close when clicked and when they restarted their machine the fake antivirus software appeared to have become installed on their machine and couldn’t be removed, dire warnings of infections are appearing everywhere, popups to embarrassingly raunchy websites are coming up and the machine is basically unusable. Worse, the software wants you to subscribe in order to remove these “infections”. If you subscribe, now the bad guys have your credit card number.

First off, when you see one of these windows, DO NOT CLICK on anything! Immediately restart your computer.

Secondly, the primary method that these infections are getting to us is via compromised google searches. DO NOT automatically trust everything that you see in a Google search results screen. The bad guys know that people are searching for popular subjects (“Catherine’s wedding dress”) and they are setting up fast moving bogus websites just to get you to click. I’ve also just read an article that the popular Google Images website is chock full of malware linked images.

Third, the bad guys know that everyone has certain third party plugins installed in their browsers so that they can use them for work, or to view animated media. These third parties are not always entirely secure and are not updated via the usual Windows or Software update mechanism. You must update these products yourself or you risk infection. The top three examples are Adobe Flash, Adobe Reader and Sun Java VM.

The easiest method of determining what is out of date is to open Mozilla Firefox (this does not work in Internet Explorer) and go here:

http://www.mozilla.com/en-US/plugincheck/

The plugin check will tell you which of your plugins are out of date and provide links for downloading updated versions. Download and install, it’s as simple as that.

HOWEVER, because the third parties are also out to make a buck off you, be alert for offers to install unnecessary antivirus software (Adobe Reader) or assorted toolbars of the day (Adobe Shockwave or Sun Java). These “free” players are really ways for these companies to generate revenue by putting a vendor’s software in front of you.

Fourth, this fake antivirus software is big business. Estimates run as high as half a million people a day are infected. They change the malware configuration so quickly that antivirus software vendors are having a hard time keeping up. So do not rely on your antivirus software to protect you. Every single person that we’ve seen with one of these infections has had an active copy of ESET NOD32 running and the antivirus software was completely oblivious.

Lastly, MacOS is NOT immune to these infections. There is fake Macintosh Antivirus malware out there and we’ve seen one infection first hand already.

If you do get infected with one of these nasties, RUN don’t walk to our offices. The longer you wait, the more compromised your computer gets and the harder it is to remove the infection.

More information (kudos to Geoff Duke for these links)

Fake anti-virus hackers exploit engagement of Prince William and Kate Middleton

This is a general description of Fave AV:
SophosLabs – What is Fake Anti-Virus?

And some good detail:
How blackhat SEO and Fake Anti-Virus work

antivirus | 3 Comments »

Sharepoint useage tip: Don’t click on the name of a file

Posted: October 28th, 2009 by Arts & Sciences Computing Services Office

A pair of department administrators asked me for help with editing files in Sharepoint. It turns out that they were confused about the difference between clicking on the name of a file and selecting “Edit in Microsoft ” from the drop down menu.
They assumed that the two actions would give you the same results when in fact they do not.
Clicking on the name of a file a Sharepoint library will open that file in read only mode. If you then attempt to save that file, your only choice will be to save it on your local hard drive and then you’ll have to wrestle with Sharepoint to get the file uploaded, delete the original, etc. etc.
If you want to edit a file in Sharepoint, never click on the file name. Instead, just hold your mouse over the file name, which will give you a box with a golden down arrow at the far end. Then select “Edit in Microsoft “. This checks the file out to you so that nobody else can change it, opens the file straight from Sharepoint into the appropriate Microsoft Office application and allows you to simply select Save from the File or Office menu to save your changes. Click on this screen capture to see what I mean:
Drop_down.JPG
Caveats:
1) This only works in under Windows
2) This only works under Internet Explorer

Tags: ,
informational, Sharepoint | No Comments »

Are you still running Symantec Antivirus?

Posted: October 22nd, 2009 by Arts & Sciences Computing Services Office

Are you still running Symantec Antivirus security software on your computer? If yes, it’s time to remove/replace it. ETS has just announced that they are decommissioning the on campus management servers for that software package as of November 30th. Although this shouldn’t affect your use of your computer, you should note that because Symantec hasn’t been updated here on campus for several years now, you are not completely protected from the various flavors of malware that have appeared in the interim.
Recently the only running installations of Symantec Antivirus that I’ve seen have been on MacOS computers. I am sure though that there are still older Windows computers out there that haven’t been updated.
Please take this opportunity to remove SAV, and if you have a Windows computer, replace it with ESET’s NOD32 product, found at http://www.uvm.edu/software Unless you are running a 64 bit version of Windows, you need the 32 bit version.
MacOS users can simply remove SAV by opening Macintosh HD then Applications then Symantec Solutions. There should be an uninstaller application available. You will need to authenticate as an administrator in the removal process. At present UVM does not have a recommended MacOS antivirus solution, but since there are still very few instances of MacOS malware in the wild, we feel that it is reasonably save to run your computer without it.
Windows users should open their Add/Remove Programs control panel, locate Symantec Security as well as LiveUpdate and remove BOTH. Then restart your computer, and install ESET’s NOD32 32 bit version from the location mentioned above.
Lastly, Windows users should get in the habit of visiting the UVM software download page to check for updates to NOD32. ETS does not make an announcement when they update the NOD32 client version and although NOD32 does update its definition files automatically, it does not update the client software itself. Having the most current recommended version of NOD32 is important in order to avoid performance issues and malware infection.
As always, contact us if you have questions. http://www.uvm.edu/artsandsciences/computingsvs/

Tags: , ,
antivirus | No Comments »

Lots of phishermen, don’t fall for the bait

Posted: October 19th, 2009 by Arts & Sciences Computing Services Office

We’ve seen many UVM customized phishing scams recently, including one that mocked up our webmail login page exactly.
The only legitimate email regarding password or status changes to your UVM email account is the one that comes from David Todd and DOES NOT ask you to do anything but go to the UVM account page to change your password.
Please be alert when following links in any email and make sure that the URL of what you clicked on makes sense. For any UVM related service, the URL should end in “uvm.edu”. If it does not, then chances are high that the link is part of a scam.

Tags: ,
informational | No Comments »

Have you heard of UVM Guestnet?

Posted: February 18th, 2009 by Arts & Sciences Computing Services Office

Recently a CAS faculty member approached me with a problem; she was the designated escort for a visiting professor who had his own laptop and wanted to use UVM’s wireless network. Sure, she could have had him install the UVM VPN client software and then connect to Cat’s Paws using her UVM netID, but then she’d have to reveal her password (which is against UVM policy) or stick to him like glue the entire week he was on campus.
I suggested UVM Guestnet. UVM Guestnet is a special wireless network that allows UVM affiliates (faculty, staff, students, basically anyone with a valid UVM netID) to “sponsor” a non-UVMer and allow them to connect to the Internet. The catches are that the sponsor is responsible for the behavior of whomever they sponsor, plus the account expires in seven days.
To begin the process, connect to the UVM Guestnet page on any computer currently connected to a network. Enter your UVM netID and password.
Read the page of policies and instructions, then click Get Started.
After you fill in the three required fields and click Create, your guest will be able to connect to the “UVM Guest” wireless network and start up a web browser. Their browser will ask them for the ID and password created by the Guestnet web page and then allow them onto the Internet as usual.
Each UVMer may sponsor up to five people for a maximum of seven days each.
UVM Guestnet access basically gives the user access to the public side of UVM’s local network (www.uvm.edu, webmail, etc) as well as the broader public Internet. It is not intended for use by those who otherwise have an active UVM netID or who need access to restricted or secure UVM only resources.
As always, ask us here at CAS Computing Services if you have questions.

Tags: ,
informational | No Comments »

« Older Entries
Contact Us ©2010 The University of Vermont – Burlington, VT 05405 – (802) 656-3131