Qualtrics Research Suite (Surveys) 

UAB has an agreement in place with Qualtrics that provides a survey tool to the UAB campus community at a discounted price to what is available to individual users and schools direclty from Qualtrics.  School-level subscriptions include faculty, staff, and students. All other subscription levels include only employees (faculty/staff).  The licensing is for campus only and does not include the UAB Hospital.  If your school or department previously had a subscription directly with Qualtrics, those subscriptions are now included under the discounted campus agreement. Contact AskIT for information on migrating your surveys to the new subscription.

For more information about the Qualtrics subscriptions available under UAB's Agreement click here. 


Computer systems running vendor-unsupported or end-of-life operating systems are potential security threats to the UAB campus network. Vendors do not provide security patches for unsupported systems, and these unpatched systems can be exploited by attackers. Such exploitations can result in disrupted experiments, corrupted research data and/or completely compromised systems.  UABIT reserves the right to disconnect these computers from the campus network to mitigate this data breach risk (see UAB’s Acceptable Use of Computer and Network Resources policy). UAB system administrators are responsible for maintaining the security of all information systems, per the campus Data Protection and Security Policy, which includes updating applications and operating systems.

Any operating system prior to Windows Vista, Server 2008, and Mac OS X 10.8 should be considered unsupported. 


The information in this guidance statement applies to all constituents internal to UAB.


We recommend that systems running legacy, unsupported operating systems should not be used. They should be disconnected from the network because of the significant security risk to the university’s network and environment. If the device is critical and cannot be turned off or disconnected, the device should be physically isolated from the university network. If disconnection and/or isolation are not possible, then an exemption and risk acceptance form will need to be completed, signed by the appropriate dean or vice president, and filed with Enterprise Information Security.

Unsupported legacy operating systems:

Windows Family

Windows 95/98/ME

Windows 2000

Windows 2003

Windows XP as of April 2014

Windows 2000 server

Windows Server 2003 as of July 2015

Mac OS X Family

Mac OS X 10.7 (Lion)

Mac OS X 10.6 (Snow Leopard)

OS X 10.5 (Leopard)

OS X 10.4 (Tiger)

OS X 10.3 (Panther)

OS X 10.2 (Jaguar)

Mac OS 9.x

Linux Distributions

Ubuntu 14.10

Ubuntu 13.10

Ubuntu 13.04

Ubuntu 12.10

Ubuntu 11.10

Ubuntu 11.04 and Prior

Ubuntu 10.10

Ubuntu 10.04

Ubuntu 10.04.4 LTS and Prior

Debian 5.0 (lenny)

Debian 4.0 (etch)

Debian 3.1 (sarge)

Debian 3.0 (woody) and Prior

Red Hat Enterprise Linux 6.5 after Nov. 30, 2015

Red Hat Enterprise Linux 6.4 and Prior

Red Hat Enterprise Linux 5.9 and Prior

Red Hat Enterprise Linux 4.7 and Prior

Oracle Linux 4.4 and Prior

Other Unix OS

AIX prior to 6.1

Solaris prior to 9 (SunOS 5.9)

 FreeBSD 8.4 and Prior (as of Aug. 1, 2015)


Questions can be directed to datasecurity@uab.edu or, by calling (205) 975-0842.














February 18, 2013

Dell Home-Use Purchases

Dell Products for UAB Students & Faculty/Staff Home Use

Through UAB's relationship with Dell, many products are available to students (and parents on behalf of students) and faculty/staff for purchase for home use.  Check this page often as Dell regularly provides notices of sales and discounted items and they will be posted here.  Remember, these are Dell's prices and are not negotiated by UAB, but simply discounted offerings that Dell is making available to the education community. You will need the UAB Member ID provided below. 

URL: www.dell.com/dellu/uab

Member ID: US116018898

Phone Dell's sales team: 800-695-8133

Click on the ad to enlarge.

University of Alabama at Birmingham DellU BlackFriday Flyer



UAB Information Security recently discovered a new spam campaign where users are tricked into opening an email attachment that contains a virus aimed at stealing passwords and financial information.  As with any suspicious email messages you may receive, please report them to askit@uab.edu for inspection.

The recent spam email messages are crafted to look like they came from one of several legitimate companies such as Chase Bank, the Better Business Bureau (BBB), Department of Treasury, Dun & Bradstreet Financial Services or a wire transfer company. You should be aware that these emails are forged and that none of the information included in the email can be trusted including embedded links, e-mail addresses or phone numbers.

Here are some of the common email subject lines we have seen in this spam campaign:

•  FW: Company 2013 Report

•  Incoming Wire Transfer Notification

•  D&B iUpdate: Company Order Requested

•  Department of Treasury Notice of Outstanding Obligation – Case ######

•  Better Business Bureau Complaint Case #######

•  Merchant Billing Statement

•  ACTION REQUIRED: A document has arrived for your review/approval (Document Flow Manager)

Compatibility testing of Microsoft 2013 is underway.

Microsoft Office Professional Plus 2013

Office Professional Plus 2013 includes Word, PowerPoint, Excel, Outlook, OneNote, Access, Publisher and Lync and will be the version available to UAB under our Microsoft Campus Agreement when released to Campus.

UAB IT is testing Microsoft Office 2013 to determine its compatibility with applications and systems deployed in the UAB environment. Current testing includes Office 2013’s compatibility with the following:

  • Adobe Acrobat
  • EndNote
  • I>clicker
  • Turning Point

In addition to UAB IT’s testing, we request that your department conduct its own testing of Office 2013 with applications and systems that are unique to your environment. This week we will release Office 2013 to TIMGroup for testing purposes. Please report your application compatibility results to Sterling Griffin (Sterling@uab.edu) once your testing is complete. Also include a list of any applications you use that interact with Office.

Until the testing and evaluation of Office 2013 is complete, UAB IT is not recommending it for mass deployment.

You may download Office 2013 from the UAB IT software site HERE.  An install guide is available.  (Office 2013 is available for download to TIMGroup members only.)

Deployment: (with SkyDrive disabled when using Office 2013)

UAB IT will post on the download site 2 versions of the ISO.

  1. As delivered from Microsoft.
  2. With the registry key to disable SkyDrive in a transform file

Office 2013 uses Microsoft’s SkyDrive cloud-based file-hosting service. We recommend disabling SkyDrive at this time. This can be accomplished in two ways: Using the Registry Editor and using the Group Policy Editor.

  • Disabling SkyDrive by using the Registry Editor
      • Launch the Registry Editor by opening the Run dialog box and entering regedit.
      • When the Registry Editor opens, navigate to the following key: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\SignIn.
      • If the SignIn key doesn’t exist, create it by right-clicking on Common à New à Key à SignIn.
      • In the right pane of the SignIn key, create a new DWORD value named SignInOptions.
      • Double-click on SignInOptions and change its value to 3. To restore SkyDrive functionality, simply set the SignInOptions value to 0.
  • Disabling SkyDrive by using the Group Policy Editor
    • To use this method, you need to install the Office 2013 Administrative Templates. If you don’t have these templates, download them from the Microsoft Downloads Web site and install them.
    • Once the Administrative Templates are installed, open the Run dialog box and enter gpedit.msc to open the Local Group Policy Editor.
    • Now that you’re in the Local Group Policy Editor, navigate down the tree to User Configuration à Administrative Templates à Microsoft Office 2013 à Miscellaneous.
    • Find the “Block signing into Office” option in the list of settings and double-click it.
    • In the Properties window, click “Enable” and select the option “None Allowed.”

Windows 8 is not recommended for campus use at this time. However, if you have to support a Windows 8 portable device, it must be encrypted. At this time, BitLocker is available to accomplish this task on all Windows 8 portable devices that have a TPM chip and do not run on an ARM platform (such as a Windows 8 RT tablet). Windows 8 devices that run on an ARM platform or those that do not have TPM chips should not be used.

UAB Policy requires all laptop/portable devices owned by UAB or UAB businesses and all personal laptop/portable devices used for UAB business be encrypted. PGP, UAB’s current encryption tool, does not work on Windows 8 and Symantec has not yet set a support date for Windows 8.

BitLocker is an acceptable alternative to encrypt Windows 8 system drives in some circumstances. In the past, BitLocker has been recommended when PGP was incompatible with Windows 7 or specific BIOS versions. Systems that are currently encrypted with PGP should remain encrypted via PGP.  UAB IT is currently researching BitLocker key management solutions and will issue further guidance as available, but in the mean time, BitLocker should be installed using the non-enterprise setup method below.

Non-Enterprise BitLocker Setup

Recommendations for using BitLocker

    • Password set system BIOS
    • TPM chip in the device
    • You must take ownership of the TPM chip
    • Before updating the BIOS, BitLocker must be suspended
    • Escrow the key in some manner
    • Professional/enterprise version of Windows
    • Use a TPM + PIN authentication method
    • System must be formatted NTFS with two volumes

 Escrowing the key

With Windows 8, you may escrow the key in one of the following ways:

  • Save the recovery key to a USB flash drive
This method saves the recovery key to a USB flash drive. This option cannot be used with removable drives.
  • Save the recovery key to a file
This method saves the recovery key to a network drive or other location.
  • Print the recovery key
This method prints the recovery key, but it is not recommended.

It will be up to the department to maintain the escrow recovery keys.

Installation instructions can be found here

Published in FAQ - Infrastructure