• On Windows 7 Install IE 10 and Java 1.7.0_72
UAB IT has updated the minimum recommendations for versions of Internet Explorer and Java as UAB systems have improved functionality to support newer browsers and the currently secure version of Java. Internet Explorer 10 and Java 1.7.0_72 are recommended for installation on Windows 7/8. UAB IT also recommends using a separate browser with JAVA disabled for Internet use. Use IE on campus with Java enabled and your choice of Firefox or Chrome for Internet browsing with JAVA disabled (for information on disabling Java click here).
• Install OSX 10.9 and Java 1.7.0_72
UAB IT has updated the minimum recommendations for versions of Mac Operating systems and Java as UAB systems have improved functionality that are compatible with the current version of Java. The recommended operating systems for use on Campus are Apple OSX 10.7x and 10.8x. While Apple OSX 10.6x is still supported by Apple, vendors are no longer testing against it for compatibility. Apple operating systems will not run any version lower than Java 1.7.0_51.
UAB IT also recommends using two different browsers — one for surfing the Web and one just for accessing UAB systems. For Internet Web browsing, use one of the following: Firefox Safari, or Chrome, with Java disabled (for information on disabling Java click here). For working with just UAB systems, choose a different browser and enable Java to work in it. If you run into compatibility issues with the local browser and UAB IT systems, use the IT terminal servers to access UAB resources via RDP client (for information on using IT terminal servers on Mac click here).
For more information, contact AskIT (www.uab.edu/askit).
The Advancement Performance tool will help fundraisers with detailed reports about donors and potential donors, said Marylyn Crane, senior director of advancement information services and analytics for the University’s Advancement Services.
For the past year, UAB IT employees from the Enterprise Applications and Solutions department have been verifying the data in the Advancement Performance tool from vendor Ellucian to make sure the data is accurate for the use in fundraising.
“The main benefit to Advancement Performance is our ability to put data in the hands of our leadership, advancement staff and development officers,” Crane said. “Our goal is for them to be more accurately and actively guided through the decision-making process for our initiatives, key measures and fundraising efforts.”
UAB IT already runs data reports on a regular basis for the Advancement Services team, but the new tool will give fundraisers the opportunity to create their own reports. But creating and verifying the database has been a detailed, painstaking process for the UAB IT team, said Ramsey Scott, assistant director of administrative computing services and leader of the technical team responsible for this project.
In fact, UAB IT employee Ryan Teel created a validation tool – a Web application – that Ellucian will include in its next version of the software, Scott said.
“We have been validating the data for the better part of a year,” Scott said, making sure that the data for Advancement Performance matches what is already in the Banner system.
The new tool will go live in August.
“We want our data to tell a story so we can reach the right people for the right reasons during our current campaign and into the future,” Crane said.
“This project is an example of how UAB IT partners with units across campus to support the mission of the university,” said Phillip Borden, assistant vice president of information technology. “Our employees are proud of the role they play in important strategic initiatives such as The Campaign for UAB.”
That’s why UAB requires employees to change their BlazerID passwords every 90 days, and students every 180 days.
Changing passwords often – and making sure they are both strong and secure – will help keep hackers out of your data and out of UAB’s systems.
Beginning Aug. 1, UAB IT will send the first reminder that you need to change your BlazerID password 15 days before the expiration date, a change from the previous 30-day advance notice. Reminders are also e-mailed one week before expiration, as well as sent at three days, two days and one day prior to expiration.
Password expiration notices tell you the exact date your password will expire so you can keep track of when you need to change it.
Remember: E-mailed password change notices from UAB IT will NOT include clickable links, due to ongoing phishing attempts. All updates to your BlazerID password should be managed through BlazerID Central.
David Yother, who directed the campaign with former UAB IT employee Lauren Ritchie, was on hand at the 2014 Campaign Celebration July 15 to receive a plaque recognizing the department.
“IT was honored to be selected for the Best Overall Campaign Award,” said Yother, director of enterprise technology services for UAB IT. “We could not have done this without the efforts and financial contributions from IT employees. This shows that we can always count on IT employees to get involved and step up when there is a need.”
UAB IT exceeded its goal by 125 percent in 2014, and also increased its percentage of continuous givers.
Identifying a specific goal and communicating it to all employees helped the department exceed its expectations, said Yother, who also thanked Ritchie for her work on the campaign.
Overall, the UAB Benevolent Fund raised more than $1.91 million in pledges this year. Those funds support programs that offer health care screenings, safe harbor for victims of domestic violence, meals for the hungry, medical research and assistance for UAB employees in times of need.
Other award winners included Viva Health, for Campaign Consistency; Callahan Eye Hospital, for Campaign Growth; UAB Human Resources, for Most Innovative Campaign; Critical Care Transport, for UAB Hospital Outstanding Campaign; Department of Obstetrics and Gynecology, for School of Medicine Outstanding Campaign; and the School of Nursing and School of Engineering for the UAB Dean’s Award.
UAB IT is also planning to recruit a team to help with construction of the UAB Habitat house, set for construction this fall.
Warning: Several units at UAB have received harassing calls from telephone scammers, known as “cyber extortionists.” This is a known issue documented by the FBI and AT&T.
If you receive persistent calls from one of these scammers, it will probably be under the pretense of “payday loan collections.” The scammer may know a lot of information about your identity, including your work number, which they actually obtained from a third party. They will attempt to harass you into making a payment to them just to leave you alone. Otherwise, they will continue to call and harass you at work.
UAB IT and HSIS recommend this activity be reported to the following numbers: AskIT at 996-5555 or HSIS Helpdesk at 934-8888, depending on which group supports the affected phone. To help fix the problem, we also recommend directing the calls to a phone number where they can be screened before sending the call to the department or unit. If necessary, the phone number under attack can be blocked from outside callers.
This allows normal internal operations to continue, until the scammer understands they are wasting their time, and they move on.
|May 2, 2014
Office of the Chief Information Security Officer
||Suspension of Internet Access for XP Computers/System
||All UAB Faculty and Management
|What is Happening:
||Effective April 8th, Microsoft stopped support for the Windows XP operating system and associated software. Non-support represents a significant vulnerability to UAB and, as a result, the IT Oversight Committee has directed that action be taken to mitigate this vulnerability.
||Mitigation actions include the following steps:
1. XP system owners will be notified via an email that their Internet access will be suspended. Notices will start being sent on Monday May 5th.
2. 7 calendar days after notification, Internet access will be suspended via our IPS/IDS system.
3. After May 31st, all XP systems will be disconnected from the UAB campus network.
4. If an XP system requires campus network and Internet access, an Exception Request must be submitted to the Information Security Office, be adjudicated by the Enterprise Information Security Council, and the system access restored if approved.
|Contact:||For questions call the Enterprise Information Security staff at (205) 975-0842 or email firstname.lastname@example.org.|
Alabama has now been added to a growing list of states with a doctor targeted tax fraud outbreak. Hundreds of physicians in Arizona, Connecticut, Indiana, South Dakota, New Hampshire, Michigan, North Carolina, Vermont and Alabama have been impacted.
A bulletin from the North Carolina Medical Society recently said, “The majority of those affected first become aware of it when they receive an IRS 5071C letter advising them of possible fraud. Others are receiving a rejection notification when attempting to electronically file their tax return. It indicates it cannot be submitted because a return has already been filed under that Social Security number.”
Earlier week, the UAB IT Information Security Team received information that a half-dozen physicians associated with a local medical group affiliated with the Children’s Hospital of Alabama have also been victimized as a result of this scheme. We have unconfirmed reports that several UAB physicians may also be impacted.
We are in contact with the local FBI field agent regarding this matter and are asking if you or a physician you know has been affected by this, please contact UAB IT's Enterprise Information Security division at (205) 975-0842 or by email to email@example.com for additional information.
We believe that the possibility of a data breach or compromise is very low at this time however we recommend that all users take additional steps from an abundance of caution perspective. Those steps include 1) if you have access as an administrator to a system change your password(s) after you have verified that the vendor supporting your system has patched it appropriately, 2) increase your effort to mitigate those vulnerable systems identified on the weekly Nessus vulnerability report available at https://silo.dpo.uab.edu/vulnreport (if you need assistance please call Information Security at 205-975-0482), 3) please ensure that all systems that use SSL encryption services are fully patched, then restart the service on that system, 4) replace all SSL certificates on those systems with one provide free of charge from UAB IT from www.uab.edu/uabcrt (certificates from UAB are vetted, patched and kept up to date), 5) change all privileged account passwords immediately after vendor patches have been applied, and 6) be aware that many network devices and printers have embedded SSL based encrypted web based access portals which should be updated with vendor patches to mitigate this vulnerability.
We also recommend that all users with privileged access change their BlazerID passwords immediately as a precaution to mitigate any possible exfiltration of sensitive data by the OpenSSL vulnerability. And we also recommend that users change their personal passwords which they may use to access personal non-UAB web sites such as on-line banking and others to assist in reducing the possibility of becoming a cybercrime victim.
If you need additional assistance, please call AskIT at (205) 996-5555.