UAB IT’s new firewall posture — known as “default-deny” — has significantly reduced potential outside attacks on the UAB network.

The new posture, “default-deny,” is a best practice for enterprise environments protect the campus community and better screen out unwanted or unexpected network activity. 

UAB’s attack surface has now dwindled from about 100,000 IP addresses to a little more than 2,100. Of those, most are publicly accessible web services or applications needed for University business, academic resources, collaboration or research.

This success of the new default-deny project is a result of co-authorship and partnership with IT professionals across campus.

The change does not impact any servers or services located within the UAB Health System network, as HSIS utilizes the default-deny firewall policy for their network segment.

If you have any specific technical questions, feel free to contact the Enterprise Information Security staff at 975-0842 or via email at datasecurity@uab.edu.
When you get what looks like a phishing scam email, you have a quick and easy tool to report it to UAB IT.

PhishMe Reporter allows you to make one click to send the email scam to UAB IT's information technology department to investigate — it's a little bit like sending up a signal flare to report phishing attacks.

Anyone using Microsoft Outlook for campus email should install PhishMe Reporter and use it for reporting phishing emails. Campus faculty and staff who are servced by UAB IT's Desktop Services should already have PhishMe Reporter installed on Outlook.

If you have questions, please contact AskIT at 205-996-5555 or your department's IT personnel. 

For information about phishing — and how to avoid getting caught by a phishing email — visit uab.edu/phishing.
Anatomy of a Phish 04Click the image for a larger view

It was an easy phish to fall for: An email that looked like it came from UAB President Ray Watts, with an “important announcement.”

But while it looked innocent, the email that went to students, faculty and staff across campus came from a malicious attacker trying to gain access to UAB systems — and your personal and financial information.

So how do you spot a phish? Take time to look for the signs. Even an email that seems “official” can have the telltale hallmarks of a phish.

The “Ray Watts” email, for example, didn’t actually come from Dr. Watts’ email, or any UAB address.

If you hover your mouse over the sender’s address, you see an outside email — a clear sign that it could be a malicious attacker.

Mismatched fonts, bad grammar, unsolicited attachments and links are other signs that a seemingly harmless email is actually out to steal your information.

Never click on links or open attachments in unexpected emails. Only enter your credentials — your BlazerID and password — at trusted web sites.

Being vigilant against phishing protects you — and all of UAB.

Visit uab.edu/phishing to learn more about how to avoid phishing attacks and get the latest alerts.

Also, install PhishMe Reporter on Outlook so you have one-click access to report phishing emails to UAB IT's information security division.
1GB to Desktops UABIT

Your desktop computer’s connection to the UAB network is now 10 times faster after upgrades last month by UAB IT.

Campus desktops now have a 1-gigabit connection, upgraded from a 100 megabit connection which allows faculty and staff to take greater advantage of the 100 gigabits per second internet connection UAB IT debuted last fall.

Upgrading the network infrastructure was made possible by an investment from the University administration and UAB IT, said Shawn Ellis, associate vice president and chief technology officer.

“This is a more standard internet connection,” Ellis said, “giving faculty and staff network access that is 10 times faster than they previously had.”

The 1 gigabit connections to desktops are part of a larger investment in upgrading the campus network infrastructure, which has included implementing the 100 gigabit internet connection for campus; expanding WiFi access points across campus; and partnering with content delivery network Akamai to increase internet capacity and reduce access times for content.

“The result is that faculty, staff, researchers and students can do their work more efficiently and effectively”, said Dr. Curtis A. Carver Jr., vice president and chief information officer.

“Our aim is simply to make your technology life faster and easier so that you can help change the world,” Carver said.
Phishing emails that purport to be a "payroll notification" are actually an attempt to steal your password or personal information. Delete the emails; do NOT open the attachments or enter your BlazerID or password on any links enclosed.

The emails looks similar to the images below:

Phish 012117phish payrollnotification 012317


This email is not related to the campus-wide simulated phishing campaign that UAB IT is using as a tool to educate campus users about phishing attacks that attempt to steal personal or financial information. Please visit uab.edu/phishing to get up-to-date information about the latest phishing attempts and tools to help you protect your information. Campus users can also download the PhishMe Reporter tool for one-click access to report phishing attempts. Follow UAB IT on Twitter for alerts on phishing attacks.

If you receive an email with a link such as “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads. Even if the page looks familiar, verify the URL or type in a URL you know before entering your information.

Look at the URL of the website you are visiting. 

To report suspected spam to AskIT, please follow the instructions here or download the PhishMe Reporter button for one-click reporting.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
UAB app ITTileIf you have downloaded UAB’s new mobile app, you now have a convenient way to access IT assistance and news.

The new UAB IT connects to AskIT, TechConnect and the IT News feed to give you quick access to technical help, tech purchases and IT news.

The new UAB mobile app gives students, employees and guests access to the campus map and directory, as well as integrations for Canvas and BlazerNET. You can also find out what’s happening on campus, hours for the Hill Student Center, menus for campus dining and more.
As we return to campus for a new semester, UAB IT is planning a number of new initiatives for 2017 to help improve the lives of students, faculty and staff. 

With seven IT strategic imperatives and a new IT Strategic Plan as a guide, UAB IT has much to accomplish in the new year.

“Our goal is always to empower the students, faculty, researchers and employees at UAB to greatness,” said Vice President and CIO Dr. Curtis A. Carver Jr. “Last year we sought input across campus for the IT Strategic Plan, and this year we are excited to continue implementing the improvements you want and need.”

Establishing a security operations center, continuing an active phishing program and re-examining and reconstructing university security policies are among the top priorities in 2017.

UAB IT also plans to establish business goals and principles for IT governance, and design an IT technology roadmap for infrastructure services.

UAB IT began a renewed focus on its help desk last year, and that effort will continue as the department looks to deliver world-class IT service.

A new system status page has debuted, and a new IT web site will also debut in 2017. UAB IT is also expanding its training opportunities for employees, investing in their success as the department also reorganizes to maximize our impact on campus.

As part of its imperative to increase business value, UAB IT will also look to renegotiate contracts and rationalize core systems, while also building on the success of the TechConnect store at the Hill Student Center.

Furthering academic and research partnerships, UAB IT will continue to help implement the new UAB app with integrations that make sense for campus, including eBeacon technology, and implement the Science DMZ, among other goals.
Because we exist in digital form all over the Internet, it is important to ensure that the digital you matches what you are intending to share and to guard your privacy — not only to avoid embarrassment, but also to protect your identity and finances! 

Following are specific steps you can take to protect your online information, identity, and privacy.

  • Use a unique password for each site. Hackers often use previously compromised information to access other sites. Choosing unique passwords keeps that risk to a minimum. 
  • Use a password manager. Using an encrypted password manager to store your passwords makes it easy to access and use a unique password for each site. 
  • Know what you are sharing. Check the privacy settings on all your social media accounts; some even include a wizard to walk you through the settings. Always be cautious about what you post publicly. 
  • Guard your date of birth and telephone number. These are key pieces of information used for verification, and you should not share them publicly. If an online service or site asks you to share this critical information, consider whether it is important enough to warrant it. 
  • Keep your work and personal presences separate. Your employer has the right to access your e-mail account, so you should use an outside service for private e-mails. This also helps you ensure uninterrupted access to your private e-mail and other services if you switch employers. 
  • There are no true secrets online. Use the postcard or billboard test: Would you be comfortable with everyone reading a message or post? If not, don't share it. 
A new phishing email claiming to be from UAB President Dr. Ray Watts purports to include an "important announcement" but is actually a phishing attempt. Delete the email; do NOT open the attachment or enter your BlazerID or password on any links enclosed.

The email looks similar to the image below:

Email Watts

This email is not related to the campus-wide simulated phishing campaign that UAB IT is launching this month as a tool to educate campus users about phishing attacks that attempt to steal personal or financial information. Please visit uab.edu/phishing to get up-to-date information about the latest phishing attempts and tools to help you protect your information. Campus users can also download the PhishMe Reporter tool for one-click access to report phishing attempts. Follow UAB IT on Twitter for alerts on phishing attacks.

If you receive an email with a link such as “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads. Even if the page looks familiar, verify the URL or type in a URL you know before entering your information.

Look at the URL of the website you are visiting. 

To report suspected spam to AskIT, please follow the instructions here or download the PhishMe Reporter button for one-click reporting.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
UAB IT has been made aware of a data breach associated with Lynda.com.

At this time, there is no indication of a compromise of your personal information and/or passwords. UAB employee Lynda users who authenticate with BlazerID credentials are not affected by this security issue.

UAB IT will closely monitor this situation and provide updates as needed. 

More information concerning the data breach can be found here.
The "OneClass" Chrome extension behaves like malware and can attempt to steal user names and passwords. It can affect users of several learning management systems, including Canvas; however, OneClass is not affiliated with Instructure (Canvas) in any way.

When a user installs the OneClass Chrome extension, the plugin asks for permission to "read and change all your data on websites you visit." If a user grants this permission, the plugin places a button in the user's LMS (Canvas or other) labeled "Invite your classmates to OneClass." If the user clicks this button, OneClass sends messages to all of the other users enrolled in the course vis the LMS message system (for Canvas, that's Conversations). Each message says:

Hey guys, I just found some really helpful notes for the upcoming exams for [school name] courses at [OneClass link]. I highly recommend signing up for an account now. That way, your first download is free!

We strongly recommend that you NOT install or use the OneClass Chrome extension or that you remove the plugin if you have already installed it. The “invite your classmates” message acts as a phishing attempt, and the permission the extension prompts users to grant could result in their information being stolen.

To uninstall a Chrome extension, please follow these instructions from Google Chrome.
Default Deny 02

UAB IT is preparing to close the gates on its network to protect sensitive data.

By the end of December, UAB IT will modify its border firewall posture to what is known as “default-deny,” a best practice for enterprise environments. What that means is that only approved network services will be allowed; everything else will be denied to help protect the network.

You can request to be transferred to the new default-deny posture early. UAB IT has a window open Saturday afternoon, Dec. 17, to move servers to default-deny. If you would like to get on the list, contact Enterprise Information Security staff at 975-0842 or via email at datasecurity@uab.edu.


UAB IT has been working with campus IT professionals behind the scenes for months to ensure a seamless transition.

Campus IT professionals can request a firewall rule change exception through a new form in the IT Service Portal.  

For more information about the change, please review our frequently asked questions.

The upcoming change does not impact any servers or services located within the UAB Health System network, as HSIS utilizes the default-deny firewall policy for their network segment.

All firewall requests from VLAN administrators should be entered by Dec. 29 if at all possible. 

Any VLAN administrators who have completed their requests and are ready to be flipped to a default-deny state can request that ahead of Dec. 29. UAB IT will schedule flipping to this default-deny state and troubleshoot any issues encountered with the campus IT staff. 

If you have any specific technical questions, feel free to contact the Enterprise Information Security staff at 975-0842 or via email at datasecurity@uab.edu.

In partnership with the Office of the Provost and other departments across campus, UAB IT is introducing a number of new technologies designed to improve students' education — and help them stay in school.

Beginning in the spring semester, a pilot program offering automated communications in Canvas will go campus-wide, giving faculty another tool with which to reach students who have missed class.

The program allows instructors to send automated messages to students who have missed class or who have not logged in to view information about the class.

The intent of the messaging is student engagement and retention: Instructors can personalize the messages, but the idea is to give students a second chance when they might otherwise drop or fail the class.

The new functionality joins other new technologies that will debut in the spring, including a new class waitlist in BlazerNET and a schedule planner that makes it easier for students to register for classes.

Another pilot program likely to begin soon would incorporate eBeacon technology in UAB’s new mobile app to help take attendance in classrooms.

Vice President and CIO Dr. Curt Carver said technology can help boost enrollment and improve the retention and graduation rates for UAB — which in turn helps boost the economic impact in the Birmingham area. Enrollment was up 6.5 percent for fall 2016, and the retention rate increased 3.1 percent.

“We’re going to have to take transformational steps,” Carver said. “These technology improvements and automations make our students’ and faculty’s lives easier — so that they can go about helping to change the world.”
UAB IT and HSIS have successfully collaborated on a standard data classification requirement that will streamline protection of UAB institutional data.

Data classification supports the university's and the hospital's efforts to comply with regulations and contracts across the institution.

The proposed classication model categorizes UAB data into one of three confidentiality levels: Public, Sensitive or Restricted/PHI (personal health information). Data protection requirements are derived from the classification.

The Data Classification Requirement is scheduled for implementation in mid-2017. More information and training for the new data classification system will be forthcoming to assist the UAB community with implementation of the new requirement.

To read the proposed standard, click here.
TechConnect holiday

Need a new laptop for your student? 

TechConnect, UAB’s student-centered tech store powered by UAB IT, has great deals just in time for the holidays. 

Starting Dec. 1, customers can receive a free $150 Dell eGift card with the purchase of a Dell PC valued at $699 or more. The eGift card deal lasts until Jan. 31. 

All of the Dell laptops sold at TechConnect qualify for the eGift card and also include on-campus service and a loaner program (exclusive to the TechConnect Notebook program) if something goes wrong with your laptop and repairs are needed. 

For more information, visit TechConnect in the Hill Student Center or online at uab.edu/techconnect.
UAB IT has resolved an email issue that caused some emails sent to the IT Service Portal from being delivered on Sunday, Nov. 6, and Monday, Nov. 7. 

The email issue also affected emails sent to some other addresses, including:

UAB IT is moving the emails that were sent on Sunday and Monday into the IT Service Portal and you should have received ticket notification. 

We apologize for the inconvenience and will work to prioritize your requests to complete them as quickly as possible.

You can also enter a request ticket or report a problem with a service within the IT Service Portal at askit.uab.edu.
An email circulating to UAB inboxes with the subject line "Transaction declined" is a phishing attempt to infect your computer with malware.

The email looks similar to the image below:

Malware

This email is not related to the campus-wide simulated phishing campaign that UAB IT is launching this month as a tool to educate campus users about phishing attacks that attempt to steal personal or financial information. Please visit uab.edu/phishing to get up-to-date information about the latest phishing attempts and tools to help you protect your information. Campus users can also download the PhishMe Reporter tool for one-click access to report phishing attempts. Follow UAB IT on Twitter for alerts on phishing attacks.

If you receive an email with a link such as “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads. Even if the page looks familiar, verify the URL or type in a URL you know before entering your information.

Look at the URL of the website you are visiting. 

To report suspected spam to AskIT, please follow the instructions here or download the PhishMe Reporter button for one-click reporting.

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
ToysDriveSlide UAB Campus

It is time again for UAB’s annual Toy Drive, which benefits Toys for Tots. The drive officially kicked off on Nov. 1.

Be on the lookout for Toy Drive collection boxes across campus.

UAB IT is taking the lead on organizing the collection effort, with IT team member Eric Thompson leading the charge.

“I enjoy being able to offer Christmas for children who wouldn’t otherwise be able to have Christmas,” said Thompson, who has been involved with the toy drive for several years.

UAB is the largest contributor to the local Toys for Tots effort. You can deliver new, unwrapped toys to boxes located in 19 buildings across campus.

On Wednesday, Dec. 14, you can bring toys to the Administration Building and greet Santa Claus for the Drive-Through Santa event. Santa will greet people from 9 a.m. to 1 p.m., before the U.S. Marines come to pick up the toys for Toys for Tots.
UAB IT Research Computing will host a MATLAB seminar on Tuesday, Nov 8, at the Hill Student Center. The seminar will consist of two sessions — one in the morning and one in the afternoon.  

The purpose of these sessions is to educate new users on how to use the tools currently available on campus.  The session is open to all faculty, researchers and students at UAB.

The morning session is from 9.45 a.m. to 1 p.m. on the topic of "Machine Learning techniques with Matlab" will be held in HSC Ballroom C. 

The afternoon session is from 1 to 3 p.m., on the topic of "Parallel Computing with MATLAB to Perform Large-Scale Simulations and Data Processing Tasks," will be held in HSC Room 203. Seating is limited; if you are interested, please register here.
Widespread internet outages caused issues Friday with UABbox, Qualtrics and the Alys Stephens Center ticketing system today. 

Find Box status updates here. Box assured its users that there had been no impact on customer data or the integrity of the service.

Qualtrics assured its users that although accessibility was affected, data was secure and had not been impacted. 

Learn more about the internet outages — caused by an apparent cyber attack — here. Popular sites like Twitter and Netflix were also impacted.