OIT News – July 2016

OIT News
Monthly news briefs, information and announcements
Office of Information Technology, NC State University
Issue 105, July 2016

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Follow OIT on Twitter @ncsu_oit
For up-to-the-minute reports on OIT systems, see SysNews
For help with computing problems, contact the NC State Help Desk

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

01: Mandatory 2-Step activation for Google Apps and generic account users with access to Purple data
02: Central IT extended maintenance scheduled for Sept. 17-18
03: Protect your NC State email account against phishing attacks
04: 2015-2016 ResNet/ComTech User Survey results are now available
05: OIT launches new Google Apps @ NC State website
06: NC State approved for Google Sites Early Adopter program
07: Get a jump start on the fall semester with informative OIT workshops
08: SAR training scheduled for Aug. 11
09: What’s your personal backup plan?
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

01: Mandatory 2-Step activation for Google Apps and generic account users with access to Purple data
Effective 10 a.m. on Monday, Aug. 1, the Office of Information Technology (OIT) and University Data Stewards, Trustees and Custodians for student, employee and financial data will require Google 2-Step Verification for:

  • Google Apps accounts of users who have significant access to Ultra-sensitive or Purple data (e.g., Social Security numbers, credit card data); and
  • Google generic accounts of owners or official contacts who have access to Ultra-sensitive or Purple data.

The university is constantly inundated with cyber attacks such as phishing that target sensitive university data. This requirement will provide extra protection for some of the university’s most sensitive data elements.

While the scope of this requirement is currently limited to users with significant access to the most sensitive data, OIT and the data stewards strongly recommend that everyone with access to any level of sensitive data enable Google 2-Step Verification. See Determining Sensitivity Levels for Shared Data and the Data Sensitivity Framework.

Generic Account Owners / Contacts With Access to Purple Data
To view the generic accounts for which you are listed as an owner or contact:

  • Log in to Web Registry.
  • Under My Services, click on Google Generic Accounts to view those assigned to you as an official contact.

To avoid any confusion, please coordinate the 2-Step enrollment process with others in your area who are also listed as contacts.

Current 2-Step Verification on Google Accounts
If you already have Google 2-Step enabled on a Google Apps or a generic account that you own or manage, no further action is needed.

No 2-Step Verification on Google Accounts
If you do not have Google 2-Step enabled on a Google Apps or a generic account that you own or manage, you will need to enroll them in 2-Step Verification before Aug. 1 to avoid any disruption with these accounts. In order to regain access, you will have to contact the NC State Help Desk staff to be enrolled.

For enrollment instructions, see Google 2-Step Verification. For best practices, see Google Generic Account.

For more information on this requirement, see:

HELP
To receive help with activating 2-Step Verification on your Google generic account or your own Google Apps account, stop by one of OIT’s informal Q&A drop-in sessions in Room 106 of the Avent Ferry Technology Center on:

  • Tuesday, July 19 – 10 a.m. to noon
  • Tuesday, July 26 – 1 p.m. to 3 p.m.
  • Thursday, July 28 – 10 a.m. to noon

Email help@ncsu.edu with if you have any questions.

Back to top

02: Central IT extended maintenance scheduled for Sept. 17-18
On Saturday, Sept. 17 through Sunday, Sept. 18, OIT will perform extensive system maintenance, such as data center improvements that require the shutdown and movement of equipment, hardware replacement and infrastructure configuration. This extended maintenance window will run from 6 a.m. Saturday to 6 p.m. Sunday.

Services expected to be offline for the majority of the maintenance window include, but are not limited to:

  • MyPack Portal
  • Human Resources, Financial and Student systems
  • OIT backup services
  • Virtual Computing Lab (VCL) services
  • WolfPrint services
  • Authenticated SMTP to smtp.ncsu.edu
  • conferences.ncsu.edu

No new accounts will be created on Saturday, Sept. 17.

Services that may experience intermittent periods of unavailability or slow performance during the maintenance window include, but are not limited to:

  • Shibboleth (Sites using Shibboleth for authentication will be impacted.)
  • www.ncsu.edu (NC State’s home page)
  • High Performance Computing (HPC) cluster, including access to storage from HPC nodes
  • SysNews
  • AFS hosted sites
  • cPanel, Hosted WordPress and WordPress blogs
  • LDAP (Updates will be available after the maintenance is completed.)
  • Kerberos
  • OIT hosted systems
  • Networked Attached Storage (NAS) shares and exports

The next planned extended maintenance window that can possibly impact IT services will occur on Saturday, Nov. 5, 2016 through Sunday, Nov. 6, 2016.

For scheduled system changes and updates, see the Change Management Calendar or visit SysNews. If you have any questions, contact the NC State Help Desk at help@ncsu.edu or 919.515.4357 (HELP).

Back to top

03: Protect your NC State email account against phishing attacks
Last month, a phishing scam enabled an unauthorized person to access a university email account, creating the potential for the individual to view or have access to personally identifiable information of 38,000 former and current students.

The accessed email account contained a file that included names, mailing addresses, university ID numbers, and Social Security numbers and/or other email(s) which contained names and social security numbers. NC State notified those individuals whose information could have been accessed and also took aggressive steps to avoid future unauthorized access to personal information.

While data exposures of this magnitude happen infrequently at the university, phishing attacks occur often. With the recent increase of phishing attacks against the campus community, OIT is encouraging you to:

  • Store sensitive university data in the appropriate storage location. See Storage Locations for University Data.
  • Turn on 2-Step Verification to further protect the data in your Google Apps @ NC State account and your personal email account. The university is working to make Google 2-Step Verification mandatory for all employees and students in the near future.

    2-Step Verification, also known as 2 Factor Authentication, adds an additional layer of security when you sign into your account. Once you activate this security measure, you will be required to log in with your password and an additional security measure (e.g., a security code that is delivered to your mobile device via text, voice call or mobile app, a USB security key, printed backup codes). To view a list of applications that support 2-Step Verification, see Two Factor Auth (2FA).
  • Check your Gmail account activity to spot any unusual or unauthorized actions. To do so:
    • Scroll to the bottom of your Gmail page to view your Last account activity and the Details link.
    • Click Details link to view:
      • Access type
        Displays when and how (e.g., mobile device, browser) your account was last accessed.
      • Location
        Lists the last 10 IP addresses your mail was accessed from and associated or nearby locations (e.g., state, country).
      • Concurrent sessions
        List all of your current Gmail sessions.
    • Enable Alert preference to show unusual activity in your account.
      For more information, see Last account activity.
  • Visit OIT’s Phishing web page to learn how to detect and recognize phishing attacks.

If at any time you believe your account has been compromised, change your password immediately and contact the NC State Help Desk at help@ncsu.edu or 919.515.4357 (HELP).

Please remember that NC State IT personnel will never ask you for your password or your security codes required for 2-Step verification.

For more information about the security incident, see:

Back to top

04: 2015-2016 ResNet/ComTech User Survey results are now available
User demand and satisfaction are key factors in determining what services are offered to campus students. Since 1998, OIT has conducted the ResNet/ComTech User Survey to gauge students’ use of information and communication technology services ranging from Internet connectivity, operating systems and social media to IT support and cable TV services.

The survey is open to students living in the 23 campus residence halls and in Greek Village. This year, 1,860 students participated in the 2015-2016 ResNet/ComTech User Survey.

According to the survey:

  • Approximately 67 percent of 1,712 respondents were either very satisfied or somewhat satisfied with the quality of their ResNet connection.
  • Approximately 41 percent of 1,808 respondents used the Internet in their room from three to five hours daily, while 35 percent reported up to eight hours of daily use. Thirty-six percent also had two or more devices connected to ResNet.
  • Of 1,683 respondents, 1,052 or about 63 percent used an iPhone as their primarily cell phone while 594 or about 35 percent used Android smartphones.
  • About 50 percent of 1,693 respondents had a TV in their room or apartment.
  • Of 122 respondents who used the NC State Help Desk, about 82 percent rated it as good, or above. Of the 274 respondents who used the OIT Walk-in Center, 91 percent rated it as good or above.

See ResNet/ComTech Surveys to view more ResNet/ComTech User Survey results.

Back to top

05: OIT launches new Google Apps @ NC State website
Get more Google news on the newly launched Google Apps @ NC State website.

Featuring OIT’s branding and design, the new responsive and mobile friendly site is packed with fresh content, including training news, updates and announcements from Google and NC State.

Please remember to update your bookmark to the new site. If you happen to land on the former site, you will be redirected to the new Google Apps @ NC State website.

If you have questions regarding Google or about training opportunities, please direct them to the NC State Help Desk at help@ncsu.edu or 919.515.HELP (4357).

Back to top

06: NC State approved for Google Sites Early Adopter program
Yay! NC State University has been approved as an early adopter for the new Google Sites platform, which offers updated Web design tools such as drag and drop editing and responsive layouts. It also comes with many of the real-time collaboration features you currently enjoy in Google Docs, Sheets and Slides.

To experience the new platform, visit Google Sites or follow these steps:

  1. From your Drive, select the New button.
  2. Select More and then select Google Sites.

You can Take a tour of the new platform from the More Options menu within Google Sites.

Classic Google Sites will not be impacted by the Early Adopter Program. Information will be provided at a later date with options to transfer content from classic Sites to the new Sites platform.

To learn more about these enhancements and other new Google features, check out the latest edition of What’s New In Google Apps.

For training tips, follow the NC State Google Services Team on Google+. To view upcoming workshops, visit Classmate.  

Back to top

07: Get a jump start on the fall semester with informative OIT workshops
Upcoming workshops include:

    • Gmail: Advanced Productivity will be offered on Tuesday, July 19 from 9 a.m. to noon in Room 110 of the Avent Ferry Technology Center. Building on Gmail: More than your Inbox, this advanced hands-on workshop takes Gmail to the next level. You will learn more about labels, filters, canned responses, Hangouts, scheduling Google Calendar Events, and using Google Drive through Gmail, along with any planned or newly released features. To register, visit Classmate.
    • Intro to Web Registry will be offered on Wednesday, July 20 from noon to 1 p.m. in Room 110 of the Avent Ferry Technology Center. Are you interested in creating a generic Google Account, Google Group or Google Calendar Resource? This Lunch and Learn session will offer an overview of NC State’s Web Registry tool and provide detailed instructions to help you request new services. You also will learn how these services can improve and streamline your business processes. To register, visit Classmate.
    • Create, Collaborate and Get Organized with Google Drive will be offered on Tuesday, July 21 from 2 p.m. to 4 p.m. in Room 110 of the Avent Ferry Technology Center. In this hands-on workshop, you will learn how to use Drive in a collaborative environment, including editing a file simultaneously with other people, securing a document through file sharing permissions, and creating files for use by a group of colleagues or friends. For this workshop, you will need to have an active NC State University Unity account with access to Google Apps at NC State. To register, visit Classmate.
    • Google Forms: Data Collection and Analysis will be offered on Wednesday, July 27 from 9 a.m. to 11 a.m. in Room 110 of the Avent Ferry Technology Center. In this workshop, we’ll cover the basics of creating forms, collaborative editing, viewing data in spreadsheets and charts, and also will highlight several advanced features such as custom themes, page breaks, question validation, and embedding forms in websites. To register, visit Classmate.
    • What’s Your Cybersecurity IQ? will be offered on Thursday, July 28 from noon to 1 p.m. as an online webinar. In this Hangout on Air, you’ll learn tips to create better passwords, add layers of security to your accounts, avoid phishing attacks, and more! Visit the Google+ event page to sign-up. To automatically add this Lunch and Learn event to your calendar, click on the Yes button under the question, Are You Going to Watch? To register, visit Classmate.
    • Introduction to Google Services at NC State will be offered Wednesday, Aug. 3 from 9 a.m. to 11 a.m. in Room 110 of the Avent Ferry Technology Center. This workshop is intended to be the foundation for all other Google Apps workshops. This session will provide an overview of Google Services at NC State. Topics will include a review of currently available Google apps on campus, accessibility, recommended settings, security tips, support, Web Registry tools (e.g., generic accounts, calendar resources), searching, and much more! To register, visit Classmate.
    • Gmail: More than Your Inbox will be offered Tuesday, Aug. 9 from 9 a.m. to noon in Room 110 of the Avent Ferry Technology Center. There is more to Gmail than just composing, replying to, and forwarding messages. This workshop will provide an in-depth overview of Gmail features including an emphasis on labels and search tools, contacts management, chat, tasks, settings, labs, and new features. A reference including many additional helpful resources will also be provided. To register, visit Classmate.
    • Mobile Security for iOS Devices (iPhone, iPad, and iPod Touch) will be offered Thursday, Aug. 11 from noon to 1 p.m. in Room 106 of the Avent Ferry Technology Center. Come out to this Lunch and Learn event and master how to use a screen lock passcodes, encrypt and backup data, locate your device if it’s lost, scan your device for malware, and much more. To register, visit Classmate.
    • Google Calendar: Advanced Productivity will be offered on Wednesday, Aug. 17 from 9 a.m. to noon in Room 110 of the Avent Ferry Technology Center. This workshop will focus on Calendar (e.g., my calendar, other calendars, mini calendar), event details and calendar management. Specific features will include event attachments, maps and directions, labs, quick add, search options, mobile notifications, Hangouts (video conferencing), and more. To register, visit Classmate.

For other available training sessions, visit Classmate Scheduled Workshops. If you are interested in custom software training, complete the Custom Training Form. Email all training questions to classreg@ncsu.edu.

Back to top

08: SAR training scheduled for Aug. 11
Security Access Request (SAR) training for campus requestors and approvers of access to secured university data will be held on Thursday, Aug. 11 from 9:30 a.m. to noon in Room 110 of the Avent Ferry Technology Center. To register, visit Classmate.

Back to top

09: What’s your personal backup plan?
Would you feel lost without your smartphone? If the answer is an emphatic Yes, how would you feel if your smartphone were actually lost or stolen? 

All of your personal computing devices, including smartphones, are filled with private information — from your text and chat communications and contacts to personal calendars and photos. You may even be storing sensitive information such as your credit and debit card numbers on these devices. You rely on these technologies to conduct many of your daily activities, such as banking, shopping and paying bills. Though your devices keep you connected and more efficient in your daily life, left unsecured, they can also open you up to the damaging consequences of data loss and identity theft.

Luckily, there are simple steps you can take to ensure your device is properly secured and backed up, along with additional safety features that protect your data in the event of damage, loss or even theft.

Ensure your device is properly protected

  • Set a screen lock code (preferably a 6-digit one), swipe lock or other security feature to prevent unwanted access.
  • Set screen timeout to the shortest tolerable time and manually lock the screen, when your device is not in use.
  • Ensure you make regular operating system, application and software updates to help avoid security vulnerabilities.
  • Periodically review what’s stored on your device and remove any sensitive information that does not need to be stored.

Regularly back up your data
For personal devices, routinely back up data using secure Cloud storage services, such as Google Drive. Google also has an Android Backup Service. Microsoft OneDrive (formerly SkyDrive) and iCloud (for Apple devices) are other options.

If your device is used to conduct university activities, refer to NC State’s Data Security Framework to ensure you are properly handling data.

Register with a tracking service to remotely find and secure device data

  • Android Device Manager or Find My iPhone / Find My Mac for Apple devices allow you to locate and lock a missing device or even wipe data.  
  • Some apps, such as Lookout Personal for Android or iOS, provide location services and theft protection, along with other security features and Cloud backup/storage. Do some research to find the best products for your device.

Note: It is important to report all stolen devices to the police for investigation and retrieval, even if you have located them via the above services.

Back to top

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Subscribe to OIT News

To subscribe or cancel your subscription online, go to http://go.ncsu.edu/subscribe-oitnews

To subscribe by email, send the following message to mj2@lists.ncsu.edu: subscribe oitnews

To unsubscribe by email, send the following message to mj2@lists.ncsu.edu: unsubscribe oitnews