Excellence, service, security and shared governance are among the hallmarks of a new set of strategic imperatives UAB IT is committed to meeting, Vice President for Information Technology and CIO Curt Carver said.

The strategic imperatives enhance Carver’s vision for UAB IT.

“My vision for UAB IT is a world-class IT organization that effectively balances cost efficiency, agility and innovation,” he said. “Our relationships with our customers, business partners and vendors are long-term relationships that allow us to move at the speed of trust. This vision does not depend on one person but instead on a dedicated team where everyone is an agent of innovation and aligned to support the University of Alabama at Birmingham.”

The department’s strategic imperatives include:
  • Create a secure computing environment for all UAB members through appropriate policy, training and technology.
  • Build an IT shared governance structure with particular focus on partnership with the Health System.
  • Create a world-class IT organization so that if our customers could choose any provider, they would choose UAB IT.
  • Generate business value though reduced costs, process innovation or revenue generation.
  • Innovate UAB through partnerships with institutional business owners, with a focus on academic and research operations.
  • Foster an institutional data-driven decision-making culture that allows UAB to make informed and optimal decisions.
  • Enhance the community of information technology excellence for the economic, social and cultural benefit of Birmingham and beyond. 
At the same time, UAB IT is striving to be more transparent in its interaction with UAB customers and IT professionals across campus. The SPARK initiative invites faculty, staff and students to share their technology ideas and vote on the ideas of others. The reThink Project will change how UAB IT interacts with its customers, and IT professionals in other departments and schools will be invited to participate in the project. And the UAB IT Financial Transparency and Accountability Project will give IT customers a better understanding of their IT costs.
UAB IT is actively working to migrate servers across campus that are using Microsoft Windows Server 2003, which will reach end of life after July 14, 2015, meaning it will be unsupported by Microsoft.

Servers that are not migrated could cause problems with compliance and compatibility as well as increase costs for maintaining aging hardware.

To facilitate this transition, the UAB Enterprise Information Security Office (EISO) is actively working with Windows Server 2003 system owners to ensure a plan is in-place and actively being worked to migrate or retire affected systems.

If your department has affected servers, you should hear from UAB IT staff soon. If you have questions or concerns, call (205) 975-0842 or email datasecurity@uab.edu.

You can request an exception by filling out the Exception Request Form and submitting to AskIT.
UAB IT took advantage of an unexpected service interruption earlier this month to upgrade the servers that support several campus systems, including eLAS and LMS.

This upgrade improved system performance and strengthened security.

These technical changes did result in a new URL for several services, so users may need to update their bookmarks. Affected systems included eLAS (the Electronic Leave Accrual System for monthly employees); the LMS (the learning system for faculty and staff); Sponsored Access to Accounting Systems (SASS); Benevolent Fund; and State Transparency (UAB Expenditure Transactions).

UAB IT recommends that users bookmark the Administrative Systems page to ensure seamless log in to key systems and to receive alerts and messages.

UAB systems including eLAS and the LMS are back online. 

Systems that were affected by the outage included: the Electronic Leave Accrual System (eLAS), the web application in which monthly employees track time off; the faculty and staff Learning System (LMS); Sponsored Access; STREP; Benevolent Fund; and Temp Services.

Users with bookmarks to those apps will need to update those bookmarks on their browsers. Applications can be accessed from the UAB IT home page or the Administrative Systems page.
A wave of phishing e-mails using false messages about mailbox size has hit UAB, mainly targeting student accounts in an attempt to steal personal information.

The emails warn that recipients’ mailboxes are “almost full” or have reached “90% of your quote,” and urge recipients to click a link to re-validate their mailboxes. UAB will never direct users to a non-UAB web site for anything regarding email or concerning your password.
Phish1Phish2
UAB IT is taking steps to block this phishing attempt, but students, faculty and staff should be on alert.

If you receive an email with a hidden link like “Click Here,” do the hover test. Hover your mouse over the link and look at the lower left pane to see where the link leads.

Look at the URL of the website you are visiting. In the case of this phish you are being redirected to www.didrihsons  .lv/wp-content/wps4/  and not uab.edu.

You should only enter your UAB credentials at UAB .edu web sites.

To report suspected spam to AskIT, please follow the instructions here

Follow these additional tips to avoid being a phishing victim:

  • Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.
  • Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.
  • Verify the address. Malicious web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).
  • Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.
  • If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.
  • Don’t open attachments. They may contain viruses or malware that can infect your computer.
  • Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.
  • Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555. Hospital employees can call the HSIS Help Desk at 205-934-8888.
UAB IT wants to crowdsource innovation.

SPARK, a new platform through which UAB faculty, staff and students can submit ideas about technology and vote on the ideas of others, launches this week. The platform, accessed via BlazerID, will allow the UAB community to propose new bold technology projects, as well as suggest efficiencies, enhancements or improvements in existing projects.

“Our intent is to create a voice for you,” said Dr. Curt Carver, UAB chief information officer and vice president of information technology. “We’re looking for 100 IT ‘wins’ over the next year, and we want to leverage the ideas of the UAB community to make our University stronger. This is an opportunity for you to share your ideas, and for us to align those ideas with the needs of a world-class organization.”

Here’s how the new platform works: When you log in to the SPARK site with your BlazerID, you can explore the ideas already submitted and vote on whether you think they are needed for UAB, or you can submit your own idea for one of four campaigns: cost savings and efficiency, existing service enhancements, bold new ideas or revenue generation.

Ideas can be large or small, and those that attract the most support are more likely to be adopted.

To learn more about SPARK and watch a brief video about it, click here.

To enter the SPARK site and submit an idea or vote on others, click here.
Some UAB students have been targets of a phone scam in which malicious callers make threats about alleged debt, similar to scams seen at universities across the country.

According to UAB IT’s Information Security division, students need to know:

  • No law enforcement body will call them and threaten to arrest them over the phone.
  • The attackers can spoof the police station phone number so the call will look like it is coming from the police station.
  • UAB has not suffered a breach that resulted in this scam.

Tips:

  • Ask to call the “officer” back, take down their number and call the number back.
  • Ask them to meet you at the police station in question.
  • When in doubt, hang up and call the UAB Police Department at 205-934-4434.
  • Do NOT provide Social Security numbers, birth dates or any other personal information.
kurt carver webCurtis A. Carver Jr., Ph.D., has been named the next vice president of Information Technology/chief information officer of the University of Alabama at Birmingham. Carver comes to UAB from the Board of Regents of the University System of Georgia, where he served as vice chancellor and chief information officer.

In his new role, Carver will serve as the senior IT leader at UAB, provide the strategic management and vision to guide the future direction of IT in support of the administrative, academic and research missions of UAB, and oversee the central IT organization in collaboration with the Health System Information Systems unit.

The VP IT/CIO reports directly to UAB President Ray L. Watts.

“Dr. Carver has a terrific background and reputation, and we are thrilled that he will be joining UAB,” Watts said. “This position is vitally important because IT touches all areas of the institution, and I want to thank the search committee that worked diligently to lead a national search and identify fantastic candidates. Dr. Carver is a great fit for UAB.”

Carver, who will lead development of a transparent, high-performing central IT organization with a culture of providing first-rate customer service and implementing reliable, state-of-the art technologies, is looking forward to moving to his transition.

Click here to learn more about Carver.
OpenSSL released a security advisory bulletin on Thursday, March 19, detailing multiple high and moderate severity vulnerabilities in the secure sockets layer library used in Linux and Unix based systems.

The security vulnerabilities have been addressed in the most recent version of OpenSSL and should be available from the standard update channels for Linux distributions at this time. UAB IT encourages all Linux and Unix systems administrators take steps to update their systems during their planned update windows in upcoming weeks. 

More information is available at:

https://openssl.org/  and

http://www.cyberciti.biz/faq/howto-openssl-security-update-cve20150291-cve20150204-cve20150290-cve20150207-cve20150286/
Locking your computer when you leave your desk is just one of the ways to help keep your data secure, according to the March issue of the IT Risk Bulletin, a joint effort of UAB, the University of Alabama, UAB Health System and the University of Alabama-Huntsville.

In fact, “control-alt-delete before your leave your seat” is a reminder for employees to lock their PCs when they leave their desks. Mac users can lock their screens by pressing control-shift-eject at the same time.

Among other rules for security:

• Do not treat your work computer like your home computer.

• Do not use social networking sites like Facebook without proper privacy settings.

• Do not download shareware or freeware — free software — from suspicious Web sites.

• Do not allow your browser to remember passwords to secure sites like online banking or PayPal.

For more security tips and to see past issues of the bulletin, click here.

Since most people have their cell phones just about permanently attached these days, it’s easy to forget that we need to keep them secure.

The February edition of the IT Risk Bulletin, a joint effort of UAB, the University of Alabama, UAB Health System and the University of Alabama-Huntsville, provides dos and don’ts for phone and mobile device security.

Dos

• Enable security access.

• ONLY give your number out to people you know and trust.

• Use caller ID to block names and numbers of individuals you do not want to contact you.

• Delete emails that contain confidential or internal use information from your phone.

Don’ts

• Do NOT store confidential information on the phone, such as PIN numbers and credit card numbers.

• Do NOT take pictures or videos of anyone with your phone, or allow them to be taken of you, without permission.

• Never reply to text messages from people you don’t know and avoid in-person meetings with someone you know only through text messaging.

For more dos and don'ts and to see past issues of the bulletin, click here.

Work to repair telephone cables damaged during installation of a manhole last week is complete.

The damage caused an interruption of service to the Burleson Building and Building 912.

Crews worked after hours over the weekend to repair the damage.
Interested in a subscription to Adobe Creative Cloud software but need some lessons in how best to use the applications?

Adobe Creative Cloud subscriptions are available at a discounted rate through UAB IT. UAB’s Organizational Learning and Development office is offering several classes beginning this month to teach everything from the basics to more advanced techniques in Adobe Photoshop, InDesign, Illustrator and Acrobat.

The Adobe Creative Cloud course descriptions can be found in the Computer Skills Course Catalog. Just click on the “Adobe Creative Cloud Classes” link in the Table of Contents.

The training will give users a chance to learn about existing features and new ways to use them, as well as learn about new features now available in Creative Cloud.

“This is a new, more comprehensive curriculum to match the software for new and experienced users alike,” said Michael Maner, manager of computer skills training for UAB Organizational Learning and Development.

To find the class schedule, search for “Adobe” in the online class schedule.

The courses are free for all UAB employees and UAB affiliates, who can sign up for courses through the Faculty and Staff Learning System.

Courses currently available include:

• What You Need to Know to Get Started with Adobe Photoshop CC; Beyond the Basics in Adobe Photoshop CC; Create Professional Layouts with Adobe InDesign CC; Creating Visually Compelling and Flexible Graphics Using Adobe Illustrator CC; and Create and Modify PDF Documents in Adobe Acrobat XI.

Classes available in the near future are Adobe InDesign CC Advanced Layout Techniques and Beyond the Basics in Adobe Illustrator CC.

Courses are for UAB employees only.

An e-mail sent to UAB accounts with the subject line “Your Email Account” appears to be a phishing attempt designed to steal personal information. The body of the e-mail includes the words "Security info replacement."

UAB IT is taking steps to prevent the further dissemination of e-mails from this sender, but reminds UAB employees remain vigilant to potential phishing scams.


The email asks users to click a link and enter their account information. UAB IT will never ask for account information in an e-mail.

spam
To report suspected spam to AskIT, please follow the instructions here

Follow these additional tips to avoid being a phishing victim:

• Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.

• Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.

• Verify the address. Malicious Web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).

• Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.

• If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request. 

• Don’t open attachments. They may contain viruses or malware that can infect your computer.

• Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.

• Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555.  Hospital employees can call the HSIS Help Desk at 205-934-8888.




Logging onto a public WiFi network might be convenient, but it can also be dangerous. Learn tips to protect yourself in to the latest issue of the IT Risk Bulletin.

The January issue of the bulletin, a joint effort of the of UAB, the University of Alabama, UAB Health System and the University of Alabama-Huntsville, provides dos and don'ts for joining a WiFi network.

Among the tips:

Dos
  • Before joining a network, ask an employee the official name of the business' WiFi. Be sure you are connected to the right WiFi spot and not a rogue location.
  • Select a secure WiFi network that requries a password to connect. A secure connection is indicated by an icon that looks like a lock.
  • Stay up-to-date with your antivirus software, applications and your system's security patches, especially before traveling.

Don'ts
  • Do NOT conenct to an unknown WiFi network.
  • Do NOT pay bills, access bank accounts or make purchases over public WiFi.
  • In Windows 7, do NOT select anything other than Public Network when setting a network location. Public Network blocks file and print sharing and turns off network discovery. This can be disabled in Mac OS X.

For more dos and don'ts and to see past issues of the bulletin, click here.
With students back on campus after a long winter break, here’s a reminder about the various services UAB IT offers.

For more information about how to get started with services, visit the Student Quicklinks and Contacts page.

BlazerID and Password

If you need to change your BlazerID password, you can visit BlazerID Central at uab.edu/blazerid. Student passwords expire after 180 days, but you will receive multiple advance notifications of a pending password expiration date. Sign up for the Identity feature at BlazerID Central so that you can reset an expired password yourself.

BlazerNet

Using your BlazerID and password, log into BlazerNet, UAB's student portal, uab.edu/blazernet. From there you will be able to link to class registration, grades, financial aid and other academic resources.

Help Desk

For support with all things IT contact AskIT, UAB's IT help desk. Many self-help articles and FAQs are available on the AskIT Web site. To access the FAQs, open a ticket or chat with an agent visit uab.edu/askit,or call AskIT at 205-996-5555Hours of operation vary and are posted on the Web site.

Wireless Networks

Stay connected on campus by accessing the UAB WiFi network using your BlazerID and password: uab.edu/it/wireless. Dorm WiFi access is maintained by Apogee ResNet, not UAB IT. For information about how to contact Apogee, click here.

mathematicaUAB students, faculty and staff now have access to Mathematica, a desktop and cloud-based software system based on symbolic mathematics.

Mathematica is available for free to UAB faculty, staff and students, thanks to funding from the College of Arts and Sciences and the School of Engineering.

To learn more about the product and how to download Mathematica, click here.

Customers have used Mathematica for everything from engineering and math to art and architecture. Mathematica 10 software, which is available for Windows, Mac and Linux, includes these featured areas:

• Mathematical structures

• Geometric computation

• Differential equation solving

• Machine learning

• Structured and semantic data

• Core language enhancements

• Geographic computation

• Time-related computation

• Random process analysis

• Visualization and graphics

• Image processing

• Engineering computation

• Software engineering

• External connectivity

An email sent to several UAB accounts purporting to be from Lister Hill Library, with the subject line, “Library Account,” appears to be a phishing attempt designed to steal personal information.

UAB IT is taking steps to prevent the further dissemination of e-mails from this particular sender, but remind UAB employees remain vigilant about potential phishing scams.
library phish


To report suspected spam to AskIT, please follow the instructions 
here

Follow these additional tips to avoid being a victim:

• Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.

• Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.

• Verify the address. Malicious Web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).

• Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.

• If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request. 

• Don’t open attachments. They may contain viruses or malware that can infect your computer.

• Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.

• Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555.  Hospital employees can call the HSIS Help Desk at 205-934-8888.


Phishing attempts threaten not only employees' personal information but also University resources, according to the latest issue of the IT Risk Bulletin.

The December issue of the bulletin, a joint effort of the of UAB, the University of Alabama, UAB Health System and the University of Alabama-Huntsville, provides tips on avoiding getting "phished."

• If you get an email, instant message or phone call in which you are asked for financial or personal information, do not reply or click links within the message.

• Never provide sensitive personal or financial information through email.

• Do not click links in potentially fraudulent email. A link that looks like it points to a valid Web site could be forged or cause your computer to download malware.

For more tips and to see past issues of the bulletin, click here.
“Your paycheck has been compromised.” That’s the kind of subject line you’ll see in a phishing email that’s trying to trick you into revealing personal information — like your BlazerID and password.

But if you fall for it, your paycheck — and all of your other personal information — truly could be compromised.

UAB has been under attack from scam artists and phishing e-mails. Dozens of individuals have fallen victim to the attacks and have had their e-mail accounts compromised and used for malicious purposes.

Users whose accounts are compromised will have their passwords revoked. The recommended method to reset them is through BlazerID self-service, particularly during the holidays when AskIT will have limited hours. AskIT will be closed on Thursday, Nov. 27, and Friday, Nov. 28, and will reopen at 9 a.m. Saturday.

Scam e-mails typically increase around the holidays, so take steps now to be able to recover your password by registering for BlazerID self-service.

Be extremely cautious about any e-mail message that claims to be from UAB, and NEVER provide your password in response to an e-mail communication.

Follow these additional tips to avoid being a victim:

• Do NOT click links in messages that ask you to log in. Type a trusted Web address in your browser or Google for the Web site if you don’t know the address.

• Never type personal, sensitive information (such as passwords or account numbers) on Web sites without verifying the Web site’s authenticity and security — look for an “https” in the address bar.

• Verify the address. Malicious Web sites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (.com vs. .edu).

• Misspellings and grammatical errors can be a dead giveaway in phishing emails and subject lines.

• If you are unsure whether a request is legitimate, contact the company directly. Do NOT use contact information provided in the request.

• Don’t open attachments. They may contain viruses or malware that can infect your computer.

• Protect your password. Information security and IT officials at both the university and UAB Hospital will never ask users for passwords or any other sensitive information.

• Report suspicious activity. If you have any questions or you receive a suspicious email that you want to report, university employees and students can call the AskIT Help Desk at 205-996-5555.  Hospital employees can call the HSIS Help Desk at 205-934-8888.