UD Seal
IT Activity ReportJanuary 2016
January 2016 Activity Report | Information Security

Information Security

Tax scam season is open: YOU are the target

Every year, people fall victim to one of the growing number of scams that circulate during tax season. The Internal Revenue Service (IRS) and UD IT urge you to be vigilant and not fall for email, website, or telephone scams.

Important points to remember:

The following resources can help you learn more so that you can stay safe this tax season:

New server, udapps, replaces chico and primus

In January, IT-NSS retired the chico and primus servers and moved all applications to the new, more secure udapps server. Departments must update Web pages or forms to point to udapps

When possible, owners should use redirects to their forms to avoid future updates when severs change. Form owners using the Mailto program should refer to the Mailto program migration section of the udapps help page for additional information and instructions.

Before the change, IT Web Development (IT-WD) staff notified many form owners. However, there may be some Mailto forms still pointing to chico or primus. Questions may be sent to the IT Support Center.

Google Apps at UD now using CAS

The University continues to expand its implementation of two-factor authentication (2FA) to increase security when accessing certain sources of confidential information. On January 3, 2016, IT moved Google Apps behind CAS to benefit from the security provided by 2FA. Clients can now use 2FA when logging in to Google Mail, Google Docs, and other UD Google services. Questions on this process may be sent to the IT Support Center.

Phishing test

UD IT will be conducting a second phishing test in the near future as a follow-up to the phishing tests conducted through the University's June 2015 partnership with the Department of Homeland Security. UD IT is using this test to further the campus community's education about the ever-present phishing threat.

All members of the University community are urged to exercise caution when using email. Phishing attacks are one of the most common and effective methods hackers use to infiltrate an organization.

Once the phishing test is complete, annotated copies of the test emails will be posted to the Secure UD Threat Alerts blog.

As always, IT professionals are encouraged to remind their constituents of the best practices for identifying and avoiding phishing scams and of the Secure UD Threat Alerts blog, which provides annotated copies of phishing emails received by UD employees as well as tips for avoiding phishing scams.

Secure UD training reset

Secure UD training, introduced in 2014, is the University of Delaware's information security awareness training program. It's a modular, online, self-paced program that equips faculty, staff, and other employees with the knowledge and best practices they need to identify and defend against threats to personal and University data and systems.

The 2016 Secure UD training relaunch will start on Feb. 1. This year's training is being rolled out using a phased approach; the training modules will be released in three separate batches:

The benefit of this approach is that it reduces the training time and the number of modules required at any one time. In addition, it reminds employees of the importance of cyber security year-round. Each set will contain seven to eight modules and take approximately 20 minutes to complete. 

Employees are encouraged to complete training as it becomes available. To log in to your Secure UD training virtual learning environment, visit the Secure UD training Web site.

As part of the relaunch process, faculty and staff who are enrolled in training will receive an automated email from noreply@securingthehuman.org confirming their enrollment. This email is not part of the University's planned winter phishing test.

KACE classes for departmental IT professionals

In late January 2016, IT staff began offering an eight-session training series for departmental IT professionals to help them configure KACE. This desktop management software protects faculty and employee computers and the information stored on them. KACE appliances allow system administrators to deploy and manage systems remotely, making their tasks easier while also allowing for improved security management of a unit's computers. The University has purchased a 15,000-seat license for KACE management software, and UD IT is offering to set up KACE tenants for individual departments, colleges, or other units at no charge. For more information, contact the IT Support Center.