Sending PII
Sending Social Security numbers or medical record numbers via email can make you or others more vulnerable to identity theft.

UAB IT will soon implement policy tip warnings via email if it appears you are trying to send a Social Security number or medical record number via your UAB email account.

These warnings are intended to alert you to potential danger and help you protect your data and the information of others.

The popup policy tip will say: "The content of this email appears to conflict with UAB Policy regarding unsecured transmission of Social Security numbers, medical record numbers or other personally identifiable information. Be safe and review the email content before sending."

With the introduction of the policy tip, emails will not yet be blocked from being sent. But emails that appear to include Social Security or medical record number information will eventually be blocked — both in incoming and outgoing emails.

A policy tip has already been established to prevent UAB email users from sending credit card numbers.

“Sending credit card information, Social Security numbers, dates of birth and other personal or financial information is extremely dangerous and could leave you or others vulnerable to identity theft,” said Brian Rivers, assistant vice president and chief information security officer. “Our goal with these policy tips is to help protect our students, faculty and staff.”
UAB IT has completed the migration of all faculty and staff email accounts to Office 365.

The change allows UAB faculty and staff to take advantage of the same email system used by students. Office 365 is a cloud-based system that offers new tools and continues upgrades to improve the service and environment.

The new link to online mail is mail.uab.edu. That email link will be changed on the UAB Quicklinks, which appears on all UAB web sites, on Wedesday, July 12.

Learn more about Office 365 here.
Splunk UAB Innovation Depot 08

Technology leaders from the Birmingham area met at Innovation Depot June 29 with officials from Splunk to explore ways to coauthor future educational programs.

Splunk is the leading platform for real-time operational intelligence. Their technology is a standard for security professionals, and having people trainined in Splunk is exponentially beneficial.

Innovate Birmingham, which graduated its first class of new technology professionals last spring, could be a new site for Splunk training. Innovate Birmingham, led by UAB and a network of 15 partners from the education and tech sectors, is funded by a $6 million America’s Promise grant and is designed to establish a pipeline of local talent to fuel innovation for local employers. Students can receive grants and scholarships to attend the educational training program, which is broken up into individual cohorts, each focused on a different area of technology.

Corey Marshall, director of Splunk4Good, said he was impressed by the partnership already in place in Birmingham.

“I know you guys say you have something special here, but I don’t think you realize how special this really is,” he said.

Marshall said he was impressed with the structure, space and support that Innovation Depot, along with its partners, provides to the Birmingham community, and said he could see the program being used as a model for other cities.

Splunk could provide valuable content and insight that is founded on their technological expertise. This potential partnership with Splunk would bring more opportunities to the students in the Innovation Depot training programs as companies have already expressed their interest in hiring the graduates trained by Splunk.

Other opportunities for Splunk could include corporate training for Birmingham businesses as many companies currently have to send their trainees out-of-state or online to receive training.

Innovate Birmingham’s first graduating cohort, focused on computer support, had an employment rate of 75 percent at graduation and 100 percent within one month of graduation. The latest cohort started in June 2017 and is focused on developer training in corporate partnership with Covalence. The goal of these programs is not merely focused on yield but rather community and economic impact for the long term.

“The students applying for this program are not doing so because their mom sent them. They are doing this because they have the drive and desire to improve their life and the life of their families,” UAB Vice President and CIO Dr. Curtis A. Carver Jr. said.

UAB IT hired two graduates from Innovate Birmingham’s first cohort, both of whom are working in AskIT.
A new ransomware cyberattack called “Petya” is spreading globally and infecting computers, allowing malicious attackers to demand ransom payments to restore data.

The attack is similar to the WannaCry ransomware attack that spread a few weeks ago. Experts believe the initial infection comes from an email attachment, possibly a Microsoft Word attachment.

Some tips to avoid falling for Petya (also called Petwrap):

  • Patch your Windows-based computers and update your Microsoft Office suite. Contact AskIT if you have any questions.
  • Be extremely vigilant when opening email from anyone with whom you are not familiar.
  • If you receive email from an unknown sender, be cautious about replying, opening an attachments or clicking on links or graphics in the email.
  • If you believe you have received a suspicious email, click the “PhishMe Reporter” button in your Outlook or forward the email to phishing@uab.edu.
  • Be cautious about attachments you were not expecting. Even if you receive an email from someone you know, that person’s email may have been infected with ransomware. Contact the sender by phone to make sure the attachment is legitimate.
  • Be wary of emails with incorrect grammar or spelling, or messages in which the signature does not match the sender’s name.
  • Do not click links in messages that ask you to log in. Type a trusted web address in your browser, or Google for the web site if you don’t know the address.
For the past year, UAB IT’s Alexandra Fedorova has been spending several days a week helping to teach a new generation of potential IT employees through the TEALS program, which places tech experts in high school classrooms to give students basic computer science skills. 

“The students are all eager,” Fedorova says. “They want to learn, but most local school just don’t have the resources or experience to teach them.”

TEALS, a national program funded by Microsoft, is in its second year in Birmingham and has partnerships with nine schools, said Tracey Wilson, regional coordinator for the organization. 

TEALS provides volunteer instructors with lesson plans and assignments. Volunteers should expect to spend about an hour to two hours in the classroom twice a week, with some extra time for grading assignments or making modifications to lesson plans. The goal is not only to reach students but to teach high school teachers how to instruct students in computer science skills.

Anyone interested in volunteering for TEALS can visit the web site at tealsk12.org.
Scammers looking to steal electronics are using a new scheme targeting university stores across the country, FBI officials said.

Law enforcement agencies are warning higher education institutions about potential credit card scams involving electronic purchases.

The FBI said the scams, which began this spring, target campus bookstores and students with valid campus identification. Scammers use students to help purchase high-end electronics, particularly Apple products, using students’ valid campus IDs and a stolen or cloned credit card.

Here’s how the scam works:

  • Perpetrators coerce unwitting students into helping them purchase electronics by claiming to be current students who have lost their student IDs.
  • The unwitting students are shown a cloned credit card and identification matching the name on the cloned credit card.
  • Perpetrators accompany students to the campus store cash register and swipes the cloned credit card, while the legitimate student shows the clerk valid campus ID.
FBI officials said that in some cases, perpetrators swiped several declined cards before one was accepted.

To protect yourself from the scam, law enforcement officials recommend you:

  • Do not facilitate a purchase from someone who does not provide valid student ID — especially someone you don’t know.
  • Establish procedures at campus stores that include provisions against allowing someone to use a credit card in someone else’s name.
If you have been a victim of the scam, contact UAB Police.
TechConnect's Laptop Program has a number of new options for students — and through the summer, those computers qualify for a $150 rebate for students through Dell.

The laptop program is convenient for students because they can get service and support right on campus at TechConnect, UAB IT's technology store at the Hill Student Center. Purchases made through the Laptop Program include:
  • Educational pricing
  • 3-year premium warranty and accidental damage protection
  • Pre-loaded with UAB software
  • Loaner laptop while yours is being repaired
  • On-campus service and support
TechConnect's experts have developed recommendations for the best options for students through the Laptop Program. Visit the store on the first floor of the Hill Center or visit the web site at uab.edu/TechConnect.
GoodGames

The gift of two monitors for Good Games UAB will help the student organization with growing eSports activities on campus — activities that help foster innovation.

Windstream donated the two monitors to the group on Wednesday, May 24.

“Our thanks to Windstream; these monitors are invaluable to us,” said Michael Pitts, president of Good Games UAB, or gg.UAB. “We also want to thank UAB IT for their continued support. We would not have the infrastructure to do what we do without you.”

Good Games hosts a number of gaming events on campus, including its largest, BlazerCon, which attracted more than 500 people in April. The student organization is part of a growing eSports, or online gaming, trend. About a quarter of millenials say they watch eSports daily. There are 1,600 club programs across the country, with 600 universities involved — and 11 universities even have varsity teams.





UAB Vice President and CIO Dr. Curtis A. Carver Jr. said gaming is about having fun — but it’s also about innovation. Supporting the group makes sense because UAB IT wants “partnerships with young people at UAB who think in a different way,” he said.

“The members of GoodGames think outside the box, they are very diverse, and believe it or not, they are quite social,” Carver said. “They want to change the world.”

Windstream representative Greg Jenkins said he attended BlazerCon and was excited to see so many young people involved.

“I saw the diversity among those who attended,” he said. “It was a fantastic thing.”

Pitts said involvement in Good Games has given members leadership experience and helped them develop goals to grow gaming and eSports.

“We want to build an all-inclusive gaming community,” he said.
  • AlabamaCIO Watts
  • AlabamaCIO 2
  • AlabamaCIO 3
  • AlabamaCIO 4
  • AlabamaCIO 5


Keeping information technology at the forefront of strategic planning helps advance not only UAB but also the Birmingham community, UAB and city leaders told members of the Alabama CIO Leadership Association Thursday, May 25, at a meeting of the group on campus.

“There is no question that IT is at the center of everything we do,” said UAB President Dr. Ray L. Watts said, noting that to achieve a world-class health system and provide resources for ground-breaking research, a strong IT infrastructure is key. “The role of IT is advancing our mission. Continued strategic planning around IT is vital for our organization.”

Watts credited UAB Vice President and Chief Information Officer Dr. Curtis A. Carver Jr. with making great strides in improving UAB’s technology infrastructure, security and research computing over the past two years.

“It’s hard to believe how much we have accomplished in the past two years under Dr. Carver,” Watts said.

Among the IT accomplishments at UAB since June 2015 are one of the fastest university supercomputers in the Southeast; the fastest university internet in the state; and a more than fivefold improvement in the service rating of the AskIT help desk.

But UAB is also taking a leading role in improving the technology ecosystem in Birmingham — in fact, enhancing the community of IT excellence is one of UAB’s seven IT imperatives.

UAB is working to extend its successes to the community at large, with the expansion of the 100GB network to Innovation Depot expected by this fall, which will give the city a competitive advantage when attracting new businesses.

UAB has also partnered with Innovation Depot and other businesses on a grant to train new technology employees in the community.

The first Innovate Birmingham class graduated in May, with 15 of the 18 graduates taking jobs at local businesses, including two at UAB IT.

The new workforce initiative is giving young people opportunities to succeed — and helping to supply the growing need for technology employees, said Josh Carpenter, UAB director of external affairs, principal investigator for the America’s Promise grant that paved the way for the Innovate Birmingham program.

Innovation Depot has been a partner in Innovate Birmingham, housing the classes for students and taking an active role in the program. Director Jennifer Skjellum said building partnerships in the technology community is key to growing Birmingham.

“Our overall mission is to grow the technology ecosystem — and to make sure there are a lot of ecosystem partners,” she said.

Carpenter said the city can be a role model for even larger metropolitan areas through programs such as Innovate Birmingham.

“Birmingham is small enough to create alignment,” he said. “That’s extremely rare in large cities. We’re small enough to move the needle on something like youth unemployment, but large enough to provide scalable solutions.”

Bob Crutchfield, operating partner with Harbert Growth Partners, said UAB is a “crown jewel” for the city.

“UAB has been an igniter for a lot of the things we are trying to do in downtown Birmingham,” he said.
  • InnDepotGrad 1
  • InnDepotGrad 2
  • InnDepotGrad 3
  • InnDepotGrad 4
  • InnDepotGrad 6


Two new staff members joined UAB IT last month after graduating from the Innovate Birmingham Workforce program, a unique grant-funded program designed to connect young adults in the Birmingham area to high-demand IT careers.

The inaugural class of Generation IT students graduated from the Innovate Birmingham Workforce program on May 5 during a graduation ceremony held at Railroad Park.

For Allante Jowers and Tristian Scarborough, the opportunity is one they don’t take lightly. Both are new technicians on the AskIT help desk, which recently earned a fivefold improvement in its customer service rating.

Jowers said he is prepared to “carry (the opportunity) to the finish line.” He aspires to merge his love for cooking and technology to create a business that innovates Birmingham.

Prior to enrolling in the Innovate Birmingham program, Jowers was a student at UAB majoring in information systems with a minor in business management. Scarborough has been working on a second novel. Their new roles in AskIT are only a first step in helping them to achieve their ultimate goals of owning their own business.

“This puts my life and family’s life in a better position by creating a better direction for all of us,” Scarborough said. He is still figuring out his next steps in life, but knows he wants to “be impactful and push the limits as far as he can go.”

Jason Johnson, associate director for AskIT, said, "UAB is honored to have the graduates from Innovate Birmingham on our team. They are very eager to contribute and have already started using their skills learned in the program. We are very excited to have this opportunity for Tristian and Allantè to grow their information technology career with UAB."

The inaugural class consisted of 18 students, all from the Birmingham area. Other graduates had secured job offers from companies including Blue Cross and Blue Shield of Alabama and Regions Bank.

“Invest in the talent of young people, and they will rise to the moment,” Josh Carpenter, director of external affairs at UAB and principal investigator for the America’s Promise grant, told those assembled at the graduation.

UAB President and Birmingham Business Alliance Chairman Ray L. Watts said, “An opportunity like this for our area young adults through the Innovate Birmingham Workforce program is just one of many ways Birmingham is making sure innovation will thrive in the coming years. I want to thank all our partners for their leadership and congratulate the talented graduates for their hard work. We all wish them the best in their new and exciting careers.”

The graduates completed the 12-week program that involved intensive technical and professional training at Innovation Depot. The Innovate Birmingham Workforce will train and prepare young adults to fill 925 high-wage jobs by 2021.


Protecting yourself online also helps protect everyone. Follow these six recommendations to better protect yourself online and make the Internet more secure for everyone:

  • Fortify each online account or device. Enable the strongest authentication tools available. This might include biometrics, security keys, or unique one-time codes sent to your mobile device. Usernames and passwords are not enough to protect key accounts such as e-mail, banking, and social media.
  • Keep a clean machine. Make sure all software on Internet-connected devices — including PCs, laptops, smartphones, and tablets — are updated regularly to reduce the risk of malware infection.
  • Personal information is like money. Value it. Protect it. Information about you, such as purchase history or location, has value — just like money. Be thoughtful about who receives that information and how it is collected by apps or websites.
  • When in doubt, throw it out. Cybercriminals often use links to try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.
  • Share with care. Think before posting about yourself and others online. Consider what a post reveals, who might see it, and how it could be perceived now and in the future.
  • Own your online presence. Set the privacy and security settings on websites to your comfort level for information sharing. It is okay to limit how and with whom you share information.
student computer

Faculty at UAB have begun using a new automated communications tool in Canvas that allows them to send messages to students who have missed class or who have not logged in to view information about the class.

Instructors across campus have found that the tool not only benefits the students, but also the faculty in the classroom.

Stephen Yoder, assistant professor in the Collat School of Business, said the automated alerts not only helps to remind the students to remain committed, but Yoder has also found that “I am engaged as well.”

The intent of the messaging is to increase student engagement and retention.

Alerts can serve as the guardrail for students who may need a wake-up call to “nudge them back on track,” as Josh May, assistant professor of philosophy, describes it.

“The alerts are especially useful for online classes,” May said, since students are not required to physically attend in-class lectures.

The alerts work for classes big and small, notes Mitzy Erdmann, instructor in the Department of Chemistry.

“The alerts are easy for instructors to set up, and I will definitely use them in the future,” Erdmann said.

Faculty members can use the automated alerts through their faculty profiles in Canvas.
WannaCry header

UAB’s cybersecurity protections have warded off “WannaCry” ransomeware. To date, this malicious software has had little effect at UAB because of security protections put in place by UAB IT. However, the UAB community should remain on guard to protect from future threats.

The ransomware attack using what’s been called WannaCry software has locked computers in more than 150 countries, exploiting vulnerabilities, and has already inspired similar attacks.  In a ransomware attack, malicious software can encrypt and block the data on your computer or device — and hackers can then demand payment in exchange for the return of access to your data. 

The UAB community must be aware of the risks to avoid being tricked into installing malicious software on their computers, which can then also spread to other computers on the network.

This kind of attack is not new — it is a new twist on an old crime — but the rapid worldwide spread of WannaCry heightened media attention.

Over the past year, UAB IT has been putting new protection methods in place that help guard against such cyber attacks.

Among the new defenses:

  • SCCM, or Microsoft System Center Configuration Manager, provides automated patch management to systems across campus. Patch management helps protect against potential malicious intrusion and allows the network to be monitored constantly — that way, immediate action can be taken if a patch has yet to be released when a vulnerability is discovered. Patch operating systems, software and firmware on devices. A centralized patch management system, like UAB’s SCCM, is the best way to manage system patching. SCCM patched many UAB systems against the WannaCry malware more than a month before the outbreak. Anyone who is not using SCCM is encouraged to contact AskIT to work with UAB IT staff to deploy it on their systems.
  • Default-deny is a new firewall posture implemented late last year to better protect against intrusions by external attackers. The posture, which is considered a best practice, means only approved network services are allowed. Everything else is denied to help protect the network — and UAB and employees’ and students’ data. This posture protected UAB’s systems from external WannaCry scans and infections.
  • PhishMe simulated campaigns and PhishMe Reporter tool have helped increase awareness of the dangers of phishing emails among UAB students, faculty and staff.  Phishing scams often take the form of fraudulent emails designed to trick users into revealing sensitive or protected information, such as usernames and passwords or bank information, but posting as a legitimate entity such as your bank, social media sites — or even the university president.
UAB faculty, staff and students are urged to remain vigilant against phishing attacks. To guard against phishing and ransomware attacks:

  • Be aware that you are a target.
  • Scrutinize links contained in emails, and do not open attachments in unsolicited emails.
  • Report any suspected phishing emails.
  • Keep all software on your computer up to date.
Automatic email forwarding to a non-UAB IT account is permissible, but be sure you understand the risks and policies that affect you.

Storage or forwarding of Restricted/PHI data is not permitted in uab.edu email.  However, if you receive an email containing Restricted/PHI information and you have configured your mailbox to forward to a third party; this will lead to a breach of this information.


Also, UAB IT encourages faculty, students and staff not to automatically forward email to non-UAB accounts because of the lack of security oversight of those types of services; data protection concerns around FERPA and HIPAA; and the desire to guarantee the best possible supported user experience on campus.

If you choose to set up email forwarding, please note:

  • Any UAB message, regardless of location, is subject to UAB open records policy.
  • Any phishing remediation resulting from forwarding messages will be charged back to the individual, not the department.
  • Information forwarded to third parties, outside of UAB contracts, could constitute an unauthorized disclosure of restricted information. You are liable for these disclosures.
  • It is a violation of UAB HIPAA policy to forward email containing sensitive information or Protected Health Information to public email systems.
In an effort to better protect the UAB community from cyber threats, specifically the increasing number of phishing and malware attacks that students, faculty and staff are experiencing, UAB IT is enabling URL Filtering at the UAB internet connection. 

URL filtering technology starts by assigning each known website into different risk categories and can be configured to allow or prohibit access to these sites based on these categories. As part of this implementation, UAB IT will be protecting networked systems from access to the most dangerous categories, malware and phishing. The changes will be effective on May 20.

Users can test a site’s categorization here.

The upcoming change does not impact any servers or services located within the UAB Health System network.

If you have any specific technical questions, feel free to contact the Enterprise Information Security staff at 975-0842 or via email at datasecurity@uab.edu.
UAB IT will host two online town halls this month to explore alternative options for the UAB Dropbox service.

Town halls will be held at 2 p.m. Thursday, May 18, and at 9 a.m. Tuesday, May 23.

Join the May 18 town hall here, or call 205-996-0000 and enter conference ID 514784.

Join the May 23 town hall here, or call 205-996-0000 and enter conference ID 795562.

The current UAB Dropbox is nearing the end of life, or end of sustainability, and UAB IT will be evaluating options for replacing it or encouraging use of current cloud collaboration services. UAB IT will offer a survey following the town halls for members of the campus community to express their opinions about the options.
UAB IT's office for institutional cell phone service and support is moving to the TechConnect store, located at the Hill Student Center, effective Monday, May 8.

The cell phone office has been located in Cudworth Hall.

The new location is a better fit with the services already offered at the store, which provides sales and service for personal technology purchases for students, faculty and staff.

Hours of operation are Monday through Friday from 8 a.m. to 4 p.m. Appointments are encouraged and can be scheduled via e-mail to Ed Ramsey at eramsey@uab.edu.


In just six months, UAB IT has improved its customer service rating from a 0.4 to at least a 2.2, according to HDI, an industry-leading customer service consultant. 

Since summer 2016, UAB IT has made improvements in the AskIT help desk a main priority — with UAB IT leadership, including Vice President and CIO Dr. Curt Carver, taking time answering phone calls from students, faculty and staff.

New training, standard knowledge sharing and process improvements have helped AskIT's technicians deliver a more consistent customer experience for the UAB campus community.

"We've really been pleased to see these changes coming through," said Karen Buckner, director of operations for the School of Nursing's Dean's Office.

And improvement plans don't stop there.

"We're strategically working to better analyze and track the types of issues our customers are having so that we can develop better processes and improve our system so you don't even need to call us because we've already identified the trend," said Jason Johnson, associate director for AskIT.

"Our goal is to solve your problems quickly, so that you can get back to work and get back to changing the world," Carver said.
In an effort to provide transparency and measurable results, UAB IT’s Infrastructure & Operations has developed a new infrastructure service level agreement (SLA) to govern managed server provisioning, maintenance, and support.

The new SLA is currently being reviewed by existing clients for feedback and planning sessions and includes topics such as Service Descriptions, Support Procedures, and Standard Maintenance Windows.

The new SLA will take effect for new customers starting in May 2017 and will be published in the Service Catalog

Existing customers will be moved to the new SLA upon renewals in FY18 with the existing rates staying the same for FY18.  However, Infrastructure & Operations is working hard to develop new services and new rates under this SLA in order to stay competitive with the various consumer cloud infrastructure services and to appropriately protect UAB’s IT resources, such as networking and data security, with new contracts and new cloud-based services.

UAB IT’s Infrastructure & Operations will next be working on similar SLAs and Service Roadmaps for Storage & Backup Services, Colocation Services, and Mail & Web Services to be available by the end of the summer within the Service Catalog.

For questions or comments, please reach out to Rachel Moorehead, 205-934-5065, rmoorehead@uab.edu, executive director of infrastructure & operations.
digital signage screens
UAB IT is now dropping the cost of maintenance for digital signage from $45 to $30 a month. There will also no longer be an upfront license fee.

These changes are to ensure that UAB IT is doing its part “to provide a consistent, cost-effective digital signage solution for campus," said Robert Howard, associate vice president and deputy chief information officer.
UAB digital signage offers dynamic, vibrant messaging with easily adaptable, branded content. With proper hardware, signs can even be interactive.

UAB digital signage offers branded content, automatic emergency notification integration and media flexibility. It is easily managed and maintained through a simple web interface.

For more about digital signage, click here.