OIT News – January 2016

OIT News –  IT Maintenance, Data Privacy Month, OAuth2 Tokens, Captioning Grants, SAS Licenses & Training and much more!


Monthly news briefs, information and announcements
Office of Information Technology, NC State University
Issue 99, January 2016

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Follow OIT on Twitter @NCStateOIT
For up-to-the-minute reports on OIT systems, see SysNews
For help with computing problems, contact the NC State Help Desk

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

01: Central IT extended maintenance scheduled this weekend
02: NC State to celebrate Data Privacy Month
03: Google to revoke OAuth2 tokens to improve security
04: Renew your Majordomo2 email list by Feb. 15
05: Don’t get phished!
06: OIT launches new website
07: Captioning Grant available for 2016 courses
08: 2016 SAS and JMP licenses are now available

09: Google Finance is available in Google Apps domain
10: Gertrude Cox Award nomination deadline is Feb. 8
11: Color code your Inbox labels
12: OIT offers new Google Apps, Apple ResearchKit and WordPress training!
13: SAR training scheduled for March 16
14: Protect yourself online

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Update: Both DELTA’s maintenance and OIT’s extended maintenance were postponed due to inclement weather. For additional information, see SysNews.

01: Central IT extended maintenance scheduled this weekend
This weekend, OIT will perform extensive system maintenance, such as data center improvements that require the shutdown and movement of equipment, hardware replacement and infrastructure configuration. This extended maintenance window will run from 6 a.m. Saturday, Jan. 23 to 6 p.m. Sunday, Jan. 24.

OIT services may be degraded or unavailable for extended periods during this maintenance window. These services include, but are not limited to:

  • MyPack Portal
  • Human Resources, Financial and Student systems
  • DELTA WolfWare (Moodle, Mediasite, Collaborate, and WolfWare Classic)
  • Virtual Computing Lab (VCL)
  • WolfPrint services
  • Hosted systems
  • Networked Attached Storage (NAS) shares and exports
  • Backup services
  • Web Services

Other planned extended maintenance windows that can possibly impact IT services include:

  • Saturday, April 2 through Sunday, April 3
  • Saturday, Sept. 17 through Sunday, Sept. 18
  • Saturday, Nov. 5 through Sunday, Nov. 6

For scheduled system changes and updates, see the Change Management Calendar or visit SysNews. If you have any questions, contact the NC State Help Desk at help@ncsu.edu or 919.515.HELP (4357).

Back to top

02: NC State to celebrate Data Privacy Month
In celebration of Data Privacy Month, OIT encourages all campus users to learn how to safeguard their sensitive data in the workplace and at home.

Sponsored by the National Cyber Security Alliance from Thursday, Jan. 28 to Sunday, Feb. 28, Data Privacy Month is held annually to empower campus users to protect their privacy and to control their digital footprint. It also stresses the protection of privacy and data as everyone’s priority.

During Data Privacy Month, OIT will sponsor several activities to show campus users how to protect themselves and others.

  • SANS Securing the Human videos

From password protecting to encrypting your data, SANS Securing the Human videos offer numerous security measures you can use immediately to protect your data. Take a few minutes to watch ALL of the brief videos — especially Family Educational Rights and Privacy Act (FERPA), Personally Identifiable Information (PII), Health Insurance Portability and Accountability Act (HIPAA) and Data Protection — to learn valuable steps to protect the privacy of all campus constituents. Sign in to Moodle with your Unity ID and password and then click Enroll me to access these brief videos.

  • Data Security for Researchers panel discussion

If you’re a campus researcher and were not able to attend the Data Security for Researchers  panel discussion during Cyber Security Awareness Month (CSAM) in October, please watch the panel discussion to find out where and how to safely store your research data. Learn valuable security tips from fellow faculty researchers, research administrators and OIT staff. Participants’ questions and answers and other frequently asked questions will be available on this website soon.

  • Secure Tweets
    Follow us on Twitter to learn helpful security measures to guard your data during Data Privacy Month.

For more information, see NC State’s Data Privacy Month 2016 website.

Back to top

03: Google to revoke OAuth2 tokens to improve security
To provide more security for its Google Apps environments, starting Tuesday, Feb. 2, Google will begin revoking OAuth2 tokens when a user’s password is changed. OAuth2, an open standard for authorization, allows a user to access certain third-party products without revealing his or her credentials.

Impact to you
When you reset your password for your Google Apps @ NC State account, your mail and other data will automatically stop syncing to any application or device using OAuth2 authentication until you re-authenticate with your new password. Some common applications that use OAuth2 authentication are official Gmail and Google Calendar apps for your mobile device and native apps like Apple Mail, Apple Calendar or Google Apps Sync for Microsoft Outlook (GASMO). Google users and administrators still retain the ability to revoke access to applications via Google’s Security Checkup page and the Google Apps Admin console, respectively.

Accessing your account
To access your Google Apps account again, you will need to re-authenticate to:

  • your Google Apps account on your mobile device(s), and  
  • any applications that you may have used to access your Google Apps account, including Gmail or Calendar clients on mobile devices or any third-party software that relies on OAuth2 Google credentials for authentication.

For more information on Google’s new security policy change, please see Increased account security via OAuth2 token revocation.

Back to top

04: Renew your Majordomo2 email list by Feb. 15
If you have an email list managed by NC State’s Majordomo2 List System, you must complete your annual service renewal by 8 a.m. Monday, Feb. 15. Lists served by this system require a yearly confirmation to remain active.

OIT will send reminders via email on Monday, Feb. 1 and Friday, Feb. 12 to list owners who have not approved or rejected their lists. Lists not renewed will be removed from the service.

If you have any questions, please direct them to listman@ncsu.edu.

Back to top

05: Don’t get phished!
As the spring semester starts, NC State email accounts are being targeted with advanced phishing attacks to steal your personal information (e.g., account names, passwords and banking and credit card information). These phishing attacks can be extremely damaging to you and the university.

Phishing attacks are typically associated with email, and most are implemented when someone clicks a link to malicious online content – often a web form designed to trick users into thinking they are entering information into a trusted website such as Facebook or PayPal. These attackers often will perform reconnaissance (via a simple Google search) on a specific target and then craft a sophisticated pretext to increase the likelihood of their success.

For several years now, email accounts at NC State have been targeted using advanced phishing attacks. Attackers have made perfect copies of just about every login page on any ncsu.edu website and then sent thousands of emails enticing campus users to visit them. These sites includes the MyPack Portal and the NC State Shibboleth and Google Docs login pages. Phishing emails sent to @ncsu.edu accounts have included a great deal of information about the university. They have referenced:

  • North Carolina State University
  • NC State logos, banners and template graphics
  • Shibboleth logins
  • OIT
  • Unity username
  • Names in the Campus Directory
  • Support@ncsu.edu or help@ncsu.edu
  • Google Apps for Education

Why is protecting your email account and password important? The ncsu.edu domain has been around a long time and, as such, is trusted on the Internet. An email message sent from your account is less likely to be tagged as spam, so it will get delivered to the target’s Inbox. Sustaining phishing and spamming operations seems to be the most common reason for phishing attacks.

Here are a few tips to help you identify a phishing email:

  • Look for urgency.
    If the message urges you to take action right away or suggests dire consequences if you don’t, it’s probably a phishing attempt.
  • Examine images and company logos carefully.
    The more sophisticated phishing emails will often contain logos or images that have been stolen from the website of the legitimate company or faked to look like the real thing. Or, the email itself may look like a website.
  • Verify a company’s contact information.
    A URL or link in a phishing email may contain a familiar company’s name and appear to be legitimate. Hover over a link to view the whole URL and verify it is going to where it says it is going. You can also make sure you are contacting that company by going to its website another way (e.g., by typing its legitimate address in your browser or selecting it from your browser’s bookmarks). If you don’t know the address, use a search engine to find the company’s website.

    • If you are on a mobile device or tablet, be sure you know how to “hover” over a link to see the actual address of that website. (Generally, this is done by clicking and holding the link and the actual URL will appear.)
  • Check the “from:” field in a suspicious email.
    The information in the “from:” field of an email can be falsified. Look carefully and compare the sender in the “from:” field  with the one in the email signature. If there are any differences, be wary.
  • Pay attention to spelling and grammar.
    Misspelling and poor syntax are typical of many, but not all, phishing emails.
  • Beware of pop-up forms.
    If a pop-up box appears in an email and requests that you enter information, it is likely to be a phishing attempt. Pop-up boxes are not a secure means to transmit information.
  • Be cautious about attachments.
    A phishing email may also include an attachment that could contain spyware or some other electronic threat. Never open an attachment, even from someone you know, unless you’ve verified that it’s safe.

Please remember NC State IT personnel will never ask you for your password via email or telephone. They do not need it for maintenance or upgrades.

To learn more about phishing, including ways to recognize it, prevent it, report it, and what to do if you suspect you’ve been phished, visit Phishing. If you are not sure if an email is phishing, err on the safe side and contact the NC State Help Desk at 919.515.HELP (4357) or email help@ncsu.edu.

Back to top

06: OIT launches new website
If you haven’t recently visited the Office of Information Technology (OIT) website, we invite you to take a look at our new NC State branded website.

The new site also features a responsive and mobile-friendly design and a clear path to IT support services for all campus users. Over the course of the next few weeks, you may see changes to the new website as we refine how information is organized and verify that all necessary content has been fully migrated. If you have any questions, suggestions or comments, please send them to help@ncsu.edu.

Because we have moved our new website from Drupal to WordPress and have significantly reconfigured its structure, your links to the old Web pages will no longer work. Please link to the new OIT Web pages from sites you manage and bookmark your frequently visited Web pages.

Back to top

07: Captioning Grant available for 2016 courses
NC State University has established a Captioning Grant to assist faculty in creating accessible videos.

This grant provides funds for faculty to obtain captions for instructional videos used in their online, blended and face-to-face courses. In addition to providing content to people with hearing impairments, captions create a learning environment that supports Universal Design for Learning.  

Faculty members may apply for funding to caption videos:

  • when a student with a disability requiring an accommodation for captioning registers in a course that contains video, or
  • when proactively captioning videos to enhance the learning environment for all students.

Faculty using their own videos as a central part of their pedagogy are highly encouraged to apply for the grant.

To apply for the grant, complete the Captioning Grant Application Form. Applications to meet the needs of a student requiring this accommodation will be processed immediately. Those for proactive captioning will be processed on March 31 for summer, June 30 for fall and Oct. 31 for spring courses.

For more information, see Multimedia Accessibility. You may also send your questions to accessibility@ncsu.edu.

Back to top

08: 2016 SAS and JMP licenses are now available
If you use SAS, JMP or JMP Genomics, you can now download your new license via the Software Licensing website.

If you have a special software deployment that you received directly from Software Licensing Management, you will receive your license files via email.

Please keep in mind that although your current SAS licenses expired on Dec. 31, 2015, you have a 90-day grace period in which to update your license. Your software will continue to function until March 31, 2016.

If you have any questions regarding your SAS license, send them to software@ncsu.edu.

Back to top

09: Google Finance is available in Google Apps domain
At the request of many users, the Google Apps Team has added Google Finance to the university’s Google Apps domain.

A consumer app, Google Finance is a customized search portal that allows users to track a specific company’s stock and financial data as well as aggregating news and information about the company.

Back to top

10: Gertrude Cox Award nomination deadline is Feb. 8
The deadline to submit a nomination for the Gertrude Cox Award for Innovative Excellence in Teaching and Learning with Technology is Monday, Feb. 8.

Named after Gertrude Cox, who established the university’s Department of Statistics, the award honors the creative pedagogy of NC State’s faculty and technical staff and their work in integrating new technologies into effective teaching strategies. Nominations for projects completed during the 2014–2015 academic year are being accepted.

To nominate a faculty or staff member, see the Gertrude Cox Award for Innovative Excellence in Teaching and Learning with Technology website.

Back to top

11: Color code your Inbox labels
You’ve wanted to organize your Inbox for a long time, right? And now it’s time.

Take a look at Color Code Your Gmail Labels to Find Important Emails Faster, a brief step-by-step tutorial that will take you through a simple process to create mail filters and labels simultaneously and then color code your labels so you can scan and find your email quickly.

 

color

For more Google Apps tips and tricks, follow the Google Service Team on:

Back to top

12: OIT offers new Google Apps, Apple ResearchKit and WordPress training!
Upcoming OIT training opportunities include:

  • Create, Collaborate & Get Organized with Google Drive will be offered on Tuesday, Jan. 26 from 2 p.m. to 4 p.m. in Room 110 of the Avent Ferry Technology Center. In this hands-on workshop, you will learn how to use Drive in a collaborative environment, including editing a file simultaneously with other people, securing a document through file sharing permissions, and creating files for use by a group of colleagues or friends. For this workshop, you will need to have an active NC State University Unity account with access to Google Apps at NC State. If you would prefer using your own laptop or other mobile device, feel free to bring it. To register, visit Classmate.
  • Gmail: Advanced Productivity will be offered on Wednesday, Jan. 27 from 9 a.m. to noon in Room 110 of the Avent Ferry Technology Center. This session will cover more in-depth features of Gmail, including additional helpful resources. For more information and to register, visit Classmate
  • Apple Research Kit In-Depth will be offered on Wednesday, Jan. 27 from noon to 1 p.m. in Room B16-B of the Hillsborough Building. Join us as we take an in-depth look at ResearchKit with Sarah Farrell, Ph.D. and registered nurse, and the Apple Corporate ResearchKit team. Topics will include: advanced use cases, funding, the Institutional Review Board for the Protection of Human Subjects in Research (IRB), security and data strategies, community resources, and developer requirements. This will be a deeper dive into leveraging ResearchKit to capture data and broaden interaction for your research projects. To register, visit Classmate.
  • Basics of WordPress will be offered on Thursday, Jan. 28 from 2 p.m. to 4 p.m. in Room 110 of the Avent Ferry Technology Center. Learn everything you need to know to get started using WordPress here at NC State. Topics will include: setup, configuration, themes, plug-ins, settings, options, and management of WordPress. To register, visit Classmate.
  • Google Slides: Create, Collaborate, and Publish Presentations will be offered on Tuesday, Feb. 2 from 9 a.m. to 11 a.m. in Room 110 of the Avent Ferry Technology Center. Learn how to create presentations using Google Slides. This session will focus on creating, editing, sharing and collaboration, themes, transitions, animations, and more! To register, visit Classmate.
  • Google Sheets will be offered on Thursday, Feb. 4 from 2 p.m. to 4 p.m. in Room 110 of the Avent Ferry Technology Center. Google Spreadsheets has recently been updated with even more powerful tools and functionality. Come to this two-hour overview of Sheets and learn how it integrates with other apps in Google Drive. Topics will include formatting options, find & replace, notifications, conditional formatting, and more! To register, visit Classmate.
  • Gmail: More than your Inbox will be offered on Wednesday, Feb. 10 from 9 a.m. to noon in Room 110 of the Avent Ferry Technology Center. There is more to Gmail than just composing, replying to, and forwarding messages. This workshop will provide an in-depth overview of Gmail features, including an emphasis on labels and search tools, contacts management, chat, tasks, settings, labs, and new features. To register, visit Classmate.
  • Google Drawings Essentials HOA will be offered on Thursday, Feb. 11 from noon to 1 p.m. online. Join us for a brief online introduction to this design tool and find out how easy it is to create your own images! See how Google Drawings can be inserted in other Google Apps like Docs, Sheets and Slides and learn how to create and collaborate on charts, diagrams and images. The Hangout on Air session can be accessed via the Google Apps @ NC State Google+ page. Visit this page to get more information, sign up to attend, and add the event to your calendar. To register, visit Classmate.
  • Google Calendar: Advanced Productivity will be offered on Tuesday, Feb. 16 from 9 a.m. to noon in Room 110 of the Avent Ferry Technology Center. This workshop will focus on Calendar (e.g., my calendar, other calendars, mini calendar), event details and calendar management. Specific features will include event attachments, maps and directions, sharing and embedding calendars, labs, quick add, search options, mobile notifications, scheduling Hangouts (video conferencing), and more. To register, visit Classmate.

Back to top

13: SAR training scheduled for March 16
Security Access Request (SAR) training for campus requestors and approvers of access to secured university data will be held Wednesday, March 16 from 9:30 a.m. to noon in Room 110 of the Avent Ferry Technology Center. To register, visit Classmate.

Back to top

14: Protect yourself online
You live in a world of mass surveillance and data tracking. Internet providers, advertising companies, identity thieves, some employers, and perhaps your neighbors they all have a vested interest in tracking your online movements. So how do you protect your privacy online?

Unless you never venture online at all, no security measure is 100 percent effective. There are a number of steps you can take to improve your technical settings on your favorite online profiles. However, many security breaches are caused by online social behaviors. Here are a few simple yet effective security tips to safeguard you against prying eyes.

  • DO NOT access financial, email or other sensitive data via public Wi-Fi networks. In many cases, these are open networks and anyone with reasonable technical abilities can access your private information exchanged over public Wi-Fi networks.
  • DO NOT store sensitive data in the cloud.
    While cloud services (e.g., GoogleDrive, Microsoft OneDrive, DropBox) may be a convenient way to manage your files, your data may either be unencrypted or you may not be able to control the level of encryption yourself. If your data is unencrypted, it is susceptible to security breaches and may be visible to others.
  • Disable your GPS and Wi-Fi on your mobile devices, when not in use.
    When these functions are enabled, your location is broadcast to a number of entities including your service provider and app developers. To minimize this broadcast, turn off these functions when they are not needed. Think before you make personal information such as your location, Internet data usage, app usage, and content data available.
  • Enable 2-Step Verification, if available, on your accounts. 2-Step Verification, also known as 2 Factor Authentication, adds an additional layer of security when you sign in to your account. Once you activate this security measure, you will be required to log in with your password and an additional security measure (e.g., a security code that is delivered to your mobile device via text, voice call or mobile app, a USB security key, printed backup codes). To view a list of applications that support 2-Step Verification, see Two Factor Auth (2FA).

Back to top

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Subscribe to OIT News

To subscribe or cancel your subscription online, go to http://go.ncsu.edu/subscribe-oitnews

To subscribe by email, send the following message to mj2@lists.ncsu.edu: subscribe oitnews

To unsubscribe by email, send the following message to mj2@lists.ncsu.edu: unsubscribe oitnews