Devices that use WiFi are vulnerable to a newly discovered and serious flaw, dubbed KRACK, in a commonly used wireless security protocol, WPA2.

Even on correctly configured wireless networks, attackers can potentially use KRACK — short for Key Reinstallation Attack — to read information that was previously assumed to be safely secured. WiFi access points as well as devices are impacted by this significant weakening of these wireless security protections.

How it works 
Devices can be tricked into installing an encryption key that allows for some or all wirelessly transmitted data to be read.

What to do 

  • Limit any potentially sensitive activities performed on wireless networks, or utilize the UAB VPN as a way to protect communications when on wireless at UAB or at home. 
  • Use wired networks if possible.
  • Update all wireless devices to address the vulnerability. This will depend on vendors creating and releasing the updates for various devices, including routers and access points as well as phones, tablets and laptops.
  • Ensure any activities on that must be performed on wireless networks are done via secure channels (HTTPS websites, SSH, S-FTP). Avoid unencrypted channels such as HTTP websites, Telnet, FTP.
  • Watch for suspicious individuals in a close proximity to your wireless network.
After a successful engagement that brought major improvements to the AskIT help desk, UAB IT is partnering again with HDI to make changes to the Desktop Services unit.

After working over the past year with HDI — an industry-leading customer service consultant — AskIT improved its customer service rating to a 2.6. HDI has now evaluated Desktop Services and is developing an improvement plan for the unit, whose technicians are responsible for tech help for departments and units across campus. The goal is to improve to a 2.5 rating in nine months.

"Our challenge is to evolve into a trusted partner who consistently provides the level of IT support services needed for an innovative, world-class academic, medical and research institution," said Jamie Witter, associate director for Desktop Services.

Vice President and Chief Information Officer Dr. Curtis A. Carver Jr. will be working with Desktop Services during this time to see for himself the needs of Desktop customers, so don't be surprised if Carver shows up to help install a new computer or move a printer for you.

"As I did when we were working to improve AskIT, I want to hear first-hand about the challenges our customers face and how we can improve our services to empower you to quickly get back to work when you have technical issues," Carver said.

Among the improvements Desktop would like to make are putting more structure around the processes the technicians use to respond to customer incidents and requests; reducing the resolution time for incidents and requests; and resolving more issues remotely, so you can more quickly get back to work. 

Carver will also be checking in with customers periodically over the next few months to get feedback about how Desktop can improve.
legionfieldcrowd

Thanks to a collaborative effort, there were few problems despite the record crowd at Legion Field for the first Blazers football game of the season on Sept. 2.

This system streamlined the entry of any students and fans into the stadium cutting down entry time with just a swipe of a BlazerID or other UAB fans with just a scan of a ticket. This partnered with the addition of WiFi access points spots around the 17 entry gates at Legion Field helped make this large initiative possible.

"Not only was the Digital Ticketing Project a great success, game one of 'the return' was also, hugely successful. All parties involved deserve a round of applause for a job well done," said Nelvin Short, deputy director of telecommunications for the City of Birmingham.

IT Project Manager Carrau Brewer also applauded the effort.

"Sometimes, success is measured by the dollars and cents. In the case of this project, we would like to measure success by applauding your hard work for accommodating the 45,212 fans that attended the return of football at UAB as well as being played at the Legendary Legion Field," Brewer said.

Learn more about how UAB IT supports the Blazers here.
Want free ice cream? UAB IT is hosting a free ice cream social for students to kick off its second annual free Laptop Checkup for students.

The events are part of the celebration of National Cyber Security Awareness Month, which serves to remind everyone of the importance of information security. The ice cream social will be held Monday, Oct. 9, from 10 a.m. to 2 p.m. in room 318 at the Hill Student Center. Stop by for games, information and, of course, free ice cream.

Then come back Tuesday through Thursday, Oct. 11-12, for the free Laptop Checkup. Our tech experts wil ltake a look at your laptop to make sure it is free of viruses and other security risks.
MultiplyingPhish
When a suspicious email hits your inbox, it is sometimes followed by even more — but why so many?

If one person at UAB falls for a phishing email, their account can become compromised — and send out dozens or hundreds of similar phishing emails, all from that legitimate but compromised account. Because the phish comes from what appears to be a legitimate account, more people are apt to click links or attachments in the email.

And if more people fall for the phish, the emails continue to spread.

When phishing reports are made to UAB IT, the Information Security team acts quickly to recover compromised accounts and block the senders and suspicious URLs. That's why reporting a phishing email — through the PhishMe Reporter button in Outlook or by forwarding to phishing@uab.edu — is so important to stopping the spread of malicious emails.

Learn more about phishing and how to recognize a phish at uab.edu/phishing.
Unlimited backup storage is available through UAB IT with CrashPlan, a service that provides easy, automatic cloud backup for your data.

The service will be available for $10 per month per user.

CrashPlan offers continuous cloud backup with unlimited storage, as well as encryption for your data.

CrashPlan is available for faculty and staff across campus.

Request CrashPlan through the IT Service Portal.
StacyBallard


Stacy Ballard has been a UAB football fan since the beginning, when she was a student at the university.

“I followed many sports,” said Ballard, a systems analyst for UAB IT. “I was here when it started. I was a student here, alumni, employee so I’m just proud to be a part of it all.”

Ballard is an important part of the UAB team on campus — her work with UAB systems helps make sure everyone gets paid on time every month.

Having held season tickets for years, Ballard will be no stranger to Legion Field on Saturday, Sept. 2, when the Blazers take to the field for the first time in two years. She is proud of the city’s support for UAB.

“It was the fans and community that rallied to raise the money to bring it back and the support that exists now,” she said.

Ballard missed the football team during its absence but is elated about the return. She is excited to cheer on the team this fall — especially with a family of fellow supporters in the stands.

What’s her favorite part of the football season?

“I would put the game itself first and cheering the team on and then seeing others around you that you get to know or already know from working here or from obviously being a season ticket holder,” she said.
UAB IT will be adding new email security enhancements to protect UAB faculty, staff and students.

The change will take advantage of attachment handling improvements in Office 365 to reduce the number of potentially dangerous attachments.

Attachment files that are prohibited include those with these extensions: .ace, .ani, .app, .docm, .exe, .jar, .reg, .scr, .vbe, .vbs.

Most email users will not see any changes to their email habits, as most of the file types prohibited are already prevented by their email client.

For more information on email service constraints, please see this knowledge article in the IT Service Portal.
AskIT MoveIn Hours

AskIT, UAB IT's help desk for students, faculty and staff, will be open extended hours during move-in weekend and during the first week of classes.

Visit our trained technicians at the help desk at Sterne Library, OneStop, the Residence Life Center throughout move-in weekend and during the week if you have questions about connecting to WiFi, resetting your BlazerID password, or any other tech questions.

AskIT staff will working these extended hours:
  • 8 a.m. to 5 p.m. through Friday, Aug. 25, at Sterne Library and OneStop at the Hill Student Center
  • 7 a.m. to 3 p.m. at RLC on Saturday, Aug. 26, during freshman move-in
  • 9 a.m. to 5 p.m. at OneStop at the Hill Center on Saturday, Aug. 26
  • 1 to 5 p.m. at OneStop on Sunday, Aug. 27
  • 8 a.m. to 5 p.m. at OneStop and Sterne Library from Aug. 28-Sept. 1


In addition, you can visit our TechConnect store on the first floor of the Hill Student Center, which will be open from 10 a.m. to 6 p.m. and noon to 5 p.m. on Sunday.

Welcome back, Blazers!


Beginning Oct. 1, UAB Dropbox file-sharing will be replaced by UAB Box and OneDrive, services that offer the same functionality with enhanced features such as greater and even unlimited storage.

The software that runs UAB Dropbox is nearing the end of its supportable life, so UAB IT held town halls in early summer to co-author solutions for its replacement with the campus community.

What will take place: 
On Oct. 1, 2017, no new file uploads to UAB Dropbox will be allowed. You will still be able to download files from Dropbox until they have all expired on Oct. 14, 2017. 
On Oct. 14, 2017, the service will be turned off, and the Dropbox page will redirect users to alternatives using UAB Box or OneDrive.

Click HERE to learn how to transfer files using UAB Box. 
Click HERE to learn how to transfer files using Microsoft OneDrive. 
Click HERE to read the FAQs associated with this service enhancement.

Sharefile is the only approved file transfer method for UAB Health System personnel. Click here for more information.