Desktop install

A new grant to help prepare the Birmingham area workforce for new IT jobs got a helping hand last month from UAB IT.

Staff members from the department’s Desktop Services helped install computers at Innovation Depot to prepare for the first cohort of future IT professionals to participate in training as part of the Innovate Birmingham program.

The Innovate Birmingham initiative is a result of the Innovate Birmingham Workforce Partnership, a coalition of more than a dozen regional leaders, receiving nearly $6 million from the Department of Labor and Training Administration’s America’s Promise Grant. UAB served as the lead partner and fiscal agent for the consortium. Other partners include the City of Birmingham, TechBirmingham, the Dannon Project and Innovation Depot.

“Assisting with this project is part of our initiative to grow the community of information technology excellence in our community and beyond,” said Dr. Curtis A. Carver Jr., vice president and CIO.

The America’s Promise grant was awarded to community, business, and education leaders who are committed to fostering economic growth for the region and offering better opportunities for young adults. The grant will train nearly 1,000 people aged 17-26 and transition them into high-paying jobs in the IT sector. The partnership has secured support from 27 regional employers. This will establish a sustainable pipeline of talent in Birmingham to fuel inclusive innovation for local employers, meeting IT workforce demand for the region by offering demand-driven education, training and employment opportunities for area youth who are disconnected from the labor market. The training and education program will co-locate job-seekers with job-creators in the heart of the newly formed Innovation District by providing space for training at the Innovation Depot. Grant activities began January 1, 2017 with intent to begin training this spring.

“This award represents the commitment and collaboration of Birmingham’s top leaders in government, industry and academia to form the partnerships that enable our young people to obtain the skills they need to land good jobs in the city,” said Josh Carpenter, director of external affairs for UAB.
Protecting UAB data — from personal health and financial information to top-notch research — is one of the most important responsibilities at the University.

UAB’s Data Protection Rule establishes roles and responsibilities for those individuals and groups who will safeguard and use UAB data.

UAB IT and UAB Health System officials worked together to develop the Data Classification Rule, which has three levels of data: public, sensitive and restricted/PHI (personal health information).

The accompanying Data Protection Rule establishes six specific roles for those protecting institutional data.

“While the people with the most accountability for securing University data are in leadership and information technology, all of us at UAB have a responsibility to safeguard our data according to the proposed classification standard,” said Brian Rivers, assistant vice president and chief information officer. “That responsibility protects the university and the individuals who work here and attend school here.”

Data stewards

Data stewards have administrative control and are officially accountable for a specific information set. Examples include the vice president of Financial Affairs and Administration; the vice president for Research and Economic Development; deans and department chairmen overseeing data from their respective academic areas; and hospital managers or directors and vice presidents overseeing data from their respective clinic areas.

Data custodians

Data custodians safeguard the data on behalf of the data steward. While data stewards are ultimately responsible for the security of data, data custodians ensure the security controls are in place. UAB’s central Information Technology units (UAB IT) will be responsible for protecting all institutional data maintained and stored in the institutional information systems. UAB Health Services Information Services (HSIS) will be responsible for protecting all Health System data maintained and stored in the institutional information systems.

UAB Information Security

Members of the UAB IT and UAB Health System information security teams are responsible for developing and implementing the information security program, as well as the supporting data security and protection policies and procedures.

Departmental security administrators

Each unit or department senior manager will choose one DSA to act as a liaison with the UAB Information Security team. DSAs oversee information security responsibilities for the departments, including security awareness and security incident response.

System administrators

System administrators in UAB IT, HSIS and school/department units who are responsible for day-to-day maintenance of information systems are responsible for following data security protection procedures and practices.

Data users

Data users refers to individuals authorized to access UAB data and who are responsible for protecting information assets on a daily basis through adherence to UAB policies.
UAB IT Research Computing will hold its spring HPC User Forum on Wednesday, Feb. 8.

The event will be held from 1 to 2:30 p.m. in Ballroom C at the Hill Student Center.

UAB IT Research Computing aims to conduct two user forums through the year (spring and fall) to update the HPC user community on the status of the HPC system, the organization, planned upgrades, policy changes, and to receive feedback from users in order to improve delivery of HPC services and support to the community.

With UAB's last HPC upgrade in fall 2016, UAB IT now has more than 2,300 additional compute cores and 6 petabytes of storage available to help researchers analyze and manage data and UAB aims to grow the compute, storage and network fabrics to support research needs on Campus.

Please register to attend the HPC user forum here.
uab app spark 690x500

What could be added to the UAB app to make your life on campus easier?

UAB wants to hear your ideas for the new UAB app, which launched last fall and is designed to help students, staff and guests get around campus, get hired and get things done.

A new SPARK campaign seeks ideas from students, faculty and staff about what features to add to the app to make it more functional for everyone on campus.

Just log in to the SPARK campaign, submit your idea, or vote or comment on other ideas.

Those ideas that rise to the top in voting will likely get priority as the development of the app continues.

The UAB app already includes a campus map, directory and news and sports headlines; integrations with Canvas and BlazerNET, and links to IT services, Hill Center hours, campus dining and more.

Future plans include adding integrations for the B-Sync calendar and checking your OneCard balance.

Potential new features include academic adviser scheduling, functionality to move or remove tiles, and making tuition payments, as well as registration for events or classroom attendance.

What would you like to see in the app? Laundry or printer availability? A parking map? Library services?
A proposed data classification system for UAB will make it easier for faculty, staff and researchers to determine how best to keep University data safe.

UAB IT has worked closely with information security officials from UAB Health System to develop the proposed classification system.

Data Classification Levels

The new system proposes three levels of data: public, sensitive and restricted/PHI.

“Much of the University data covered by the sensitive and restricted levels is already regulated by law or contract,” said Brian Rivers, assistant vice president and chief information officer. “This proposed standard should help employees determine the best level of protection for the data they use.”

Public data

Public data is data that can be disclosed to the general public without harm. Examples of public data include phone directory information, course catalogs, public research findings, enrollment figures, public web sites, general benefits data, press releases, newsletters and other similar information.

Sensitive data

Sensitive data is data that should be kept confidential, with access requiring authorization or legitimate need-to-know involvement. Examples of sensitive data include FERPA information, budgetary plans, internal communications, proprietary business plans, patent pending information, export controls information and data protected by law.

Restricted/PHI data

Restricted/PHI data is sensitive data that is highly confidential in nature, and carries significant risk from unauthorized access. Privacy and security controls are typically required by law or contract for this data. Examples include Social Security numbers, credit card numbers (PCI), personally identified information, protected health information, Graham-Leach-Bliley Act (GLBA) data, export controlled data, FISMA regulated data, login credentials, and information protected by non-disclosure agreements.

The proposed policy also establishes roles and responsibilities for protecting institutional data.


UAB’s new supercomputer “worked like magic” as University professor Dr. Hassan Fathallah-Shaykh participated in a world-wide competition to evaluate MRI images of the brain.

Fathallah-Shaykh, a professor in UAB’s Departments of Neurology, Mathematics, Integrative, Developmental and Cell Biology, Biomedical, and Electrical Engineering won the 2016 BRATS Competition in Athens, Greece.

BRATS is short for Multimodal Brain Tumor Image Segmentation Challenge. Dr. Fathallah-Shaykh’s team, along with fellow Blazer biomedical Engineering graduate student Fabio Raman, tied with two other groups to top the field of 19. The use of UAB’s new supercomputer helped to separate Dr. Fathallah-Shaykh from the rest of the field, he said.

Last year, UAB IT installed the fastest supercomputer in the state — and one of the fastest in the Southeast. UAB increased computing speed for researchers from 10 teraflops to 110 teraflops, and increased storage from 0.7 petabytes to nearly 7 petabytes.

“The supercomputer worked like magic, without any glitches. It is evident that I would not have been able to compete without the supercomputer resource,” he said.

The BRATS Challenge consisted of the MRIs of 191 brain tumor patients diagnosed with low and high grade gliomas in different parts of the brain before and after surgery. Teams were tasked with determining the location of the segments of each MRI image that include enhancing tumor, FLAIR signal changes, necrosis, and tumor core, if any.

Dr. Fathallah-Shaykh’s method was the only method that was interactive, semi-automated and did not use statistical learning or neural networks.  It is designed such that the user can easily check the results and easily make modifications, if needed.

The method consists of two parts, and Fathallah-Shaykh used UAB’s research computer Cheaha to run first part of this process, which was the segmentation with NMF-LSM (Non-Negative Matrix Factorization and modified Level Set Method). He was granted 265 processors; all calculations were competed in about 12 hours — a process that without the supercomputer would have taken days to perform.

The performance of Dr. Fathallah-Shaykh and his team with the use of the supercomputer is a further sign that UAB’s “investment in research computing is paying off. UAB IT is committed to giving our researchers and faculty world-class technology, so that they can innovate and change the world," said Curt Carver, UAB’s VP of Information Technology.  
AskIT photo

New training techniques and a partnership with a leading technical support vendor are helping UAB IT improve its customer service goals in the AskIT help desk.

UAB IT has made a pledge to the university community to support their mission as a world-class educational and research institution. UAB IT leadership — including Vice President and CIO Dr. Curtis A. Carver Jr. — have been working in the help desk for months to build on improvements.

To make the mission of delivering world-class IT support to UAB faculty staff and students a reality, Jason Johnson, associate director for AskIT, has been put in place concrete steps to achieve this goal.

The first step is training and ensuring the AskIT Help Desk returns to the basics of the customer experience by focusing on training consistency and accuracy.

“Giving the Help Desk basic training for soft skills, customer service and guidance on how to handle tickets will ensure the team is consistent with each customer contact,” Johnson said.

In conjunction with these training plans, AskIT will also develop a standard skill level. They have also partnered with HDI, a renowned leader in the technical support industry, to deliver a blend of customer support, communications and problem solving to AskIT employees.

A constant need for the UAB campus is the dependence on technology and the expectation that issues should be resolved as efficiently as possible. AskIT is working on building up the staff to support the UAB administration, faculty, staff and students in order to handle the 10,000-12,000 requests and issues they receive on a monthly basis. 
UAB IT’s new firewall posture — known as “default-deny” — has significantly reduced potential outside attacks on the UAB network.

The new posture, “default-deny,” is a best practice for enterprise environments protect the campus community and better screen out unwanted or unexpected network activity. 

UAB’s attack surface has now dwindled from about 100,000 IP addresses to a little more than 2,100. Of those, most are publicly accessible web services or applications needed for University business, academic resources, collaboration or research.

This success of the new default-deny project is a result of co-authorship and partnership with IT professionals across campus.

The change does not impact any servers or services located within the UAB Health System network, as HSIS utilizes the default-deny firewall policy for their network segment.

If you have any specific technical questions, feel free to contact the Enterprise Information Security staff at 975-0842 or via email at datasecurity@uab.edu.
When you get what looks like a phishing scam email, you have a quick and easy tool to report it to UAB IT.

PhishMe Reporter allows you to make one click to send the email scam to UAB IT's information technology department to investigate — it's a little bit like sending up a signal flare to report phishing attacks.

Anyone using Microsoft Outlook for campus email should install PhishMe Reporter and use it for reporting phishing emails. Campus faculty and staff who are servced by UAB IT's Desktop Services should already have PhishMe Reporter installed on Outlook.

If you have questions, please contact AskIT at 205-996-5555 or your department's IT personnel. 

For information about phishing — and how to avoid getting caught by a phishing email — visit uab.edu/phishing.
Anatomy of a Phish 04Click the image for a larger view

It was an easy phish to fall for: An email that looked like it came from UAB President Ray Watts, with an “important announcement.”

But while it looked innocent, the email that went to students, faculty and staff across campus came from a malicious attacker trying to gain access to UAB systems — and your personal and financial information.

So how do you spot a phish? Take time to look for the signs. Even an email that seems “official” can have the telltale hallmarks of a phish.

The “Ray Watts” email, for example, didn’t actually come from Dr. Watts’ email, or any UAB address.

If you hover your mouse over the sender’s address, you see an outside email — a clear sign that it could be a malicious attacker.

Mismatched fonts, bad grammar, unsolicited attachments and links are other signs that a seemingly harmless email is actually out to steal your information.

Never click on links or open attachments in unexpected emails. Only enter your credentials — your BlazerID and password — at trusted web sites.

Being vigilant against phishing protects you — and all of UAB.

Visit uab.edu/phishing to learn more about how to avoid phishing attacks and get the latest alerts.

Also, install PhishMe Reporter on Outlook so you have one-click access to report phishing emails to UAB IT's information security division.