Thursday, 22 September 2016 11:26

Passphrase vs. Password

Passwords are the first line of defense against cyber-attacks.

Creating a safer password
Here are some general rules for creating a safer password:
  • Change your password frequently. People hate to hear this tip, but the fact is, most passwords will not be “cracked” or “guessed”, they will be stolen from an infected machine or a compromised website.  Changing your password often gives a shorter period of time for an attacker to use your compromised password.
  • Make passwords unique. When you change your password, consider it retired; attackers typically keep collections of old passwords that they routinely test in the hopes that someone reused them.
  • Make passwords unique. Add something to your password that customizes it and makes it different for each website or service account you use so a compromised password only works on the compromised site.
  • Create strong passwords. The longer a password is, the longer it takes an attacker to guess it; with current technology, an attacker can guess EVERY combination of an eight character password in 6 hours.  You should use passwords that use different character types including upper/lower-case, numbers and symbols.
  • Avoid obvious dictionary words. Anything related to your normal life (job, hobbies, pet names, etc.) should be excluded from your passwords.  An attacker might build a dictionary that is custom tailored to contain words related to information they gathered about you.
Creating a passphrase
One way to use these rules is by using passphrases versus a password. Here is one way to create one:
  • Start with a long phrase that you'll remember. This can be anything — such as a favorite song, poem or title. For example, we'll use a line from the UAB Alma Mater:
          Praise to thee our UAB
  • Make some memorable changes to the passphrase. In our example below, we removed the spaces, added a symbol, and replaced the word "to" with the number "2."
          praise2theeourUAB!
  • Make the password unique and memorable. Returning to our example, we'll add the first three letters of the web site where the passphrase will be used and something different like the number of letters in the name.
          apple.com = App5praise2theeourUAB!
          facebook.com = Fac8praise2theeourUAB!

Important links:
Thursday, 22 September 2016 11:09

PhishMe Reporter

So you’ve received a suspicious email and you think it may be a “phish” designed to steal your UAB account credentials.  But how do you report this message and find out for sure?

Reporting suspicious messages used to be a multi-step process for UAB users, but now you can report a suspicious message with a single-click. For those users on a Windows or Mac system who use Microsoft Outlook, UAB Information Security has partnered with PhishMe Inc. and made PhishMe Reporter available to all UAB users.   PhishMe Reporter is an add-on software “plug-in” to Microsoft Outlook that allows for one-click reporting of suspicious emails.
Thursday, 22 September 2016 10:31

PhishMe

PhishMe Logo

One of the most effective ways for a cyber-attacker to compromise an organization’s cyber resources is to gain unauthorized access by compromising an account through phishing emails. In fact, industry experts report that 91 percent of all breaches start with phishing emails.  If such an email lands in a UAB inbox, we are just a few clicks away from having UAB’s security compromised.  This means UAB students, faculty and staff are all an integral part of our information security posture.

In an effort allow our users to become familiar and more resilient to tactics used in real phishing attacks, UAB Information Security will be working with PhishMe Inc. to send out fake phishing emails to our students, faculty and staff that imitate real attacks. These emails are designed to give you a realistic experience in a safe and controlled environment.

Please note, that we will not be receiving nor storing any passwords, there is no penalty to falling victim to one of the simulations, and victimized users will not be singled out.  However, we do ask the users who have fallen victim to the phishing email to take 30-60 seconds to review the education material that is presented after falling victim to one of the simulated attacks.
Thursday, 22 September 2016 10:18

Keeper password manager

Keeper Logo

Keeper is a password management application. It stores your login credentials for different websites so they are easily accessible to you while still being stored securely when not needed. Instead of having to remember all of your login credentials, you only need to remember the one master password for your Keeper Vault.

Keeper is available to UAB staff, students and faculty. It is not available to UAB Hospital staff at this time.


To create a Keeper account and start your vault:
  • Register with Keeper here.
  • Create a master password that is not the same as your BlazerID password. When creating your Master Password, Keeper requires a 15-character password length with one special character (e.g. !@#%), one uppercase letter, one lowercase letter and at least one number. Ideas for secure passwords are available here. Note: Your browser may prompt you to save your Keeper Master Password. NEVER allow the browser to save your Keeper password.
  • To complete the registration process, you will need to enter your @uab.edu email address, and set a Master Password along with a "Security Question and Answer."  Keeper offers you the ability to choose between one of their security Q&A or you can create your own.
  • Next you must accept the terms of use and click "Create Account."
NOTE: You must use your @uab.edu email address that is listed in the UAB phonebook. That address can be either your BlazerID@uab.edu or Alias@uab.edu. You can check what your @uab.edu email address by searching your name or BlazerID in the UAB directory (available here).


Browser extensions
Install the browser extensions available for Chrome, Firefox, Safari & Internet Explorer here. These extensions allow Keeper to automatically create entries in your vault for credentials you enter into different websites. It also allows Keeper the ability to automatically enter credentials for sites for which you have saved entries. For example: If you have saved credentials for Facebook in your Keeper Vault, Keeper will offer to enter those credentials when you visit Facebook.com.

Keeper Vault
Download the Keeper Vault for your Desktop (Mac, Windows, Linux) from here

Keeper App
Download the Keeper App for your mobile devices.


  • Tutorials, Quick Start Guides, and 24/7 support & live chat are available here.
  • The UAB Keeper User Guide is available here.

Monday, 05 September 2016 14:56

IT Update for September 2016

*|MC:SUBJECT|*
 
View this email in your browser
September 2016
A monthly report to UAB leadership and the IT community about technology projects
designed to enhance the work and lives of UAB staff, faculty and students.

Welcome back, Blazers!

UAB IT focuses on student technology needs

Students are a central focus for UAB IT, and as fall classes begin, there are a number of technology improvements designed to improve students' lives on campus. A stronger, faster network; new discounts on laptops at our TechConnect store; and expanded WiFi are just some of the improvements we have made. Read more about our commitment to student success here.

CAMPUS
UAB internet speed, capacity increases
A new partnership with content delivery network Akamai has increased internet speed and capacity for UAB, improving the potential for innovation and productivity for researchers, students, faculty and staff. Learn more about the partnership here.

UAB IT responds to student request for stronger WiFi
Expanded, stronger WiFi connections across campus will give students more places to study. New outdoor WiFi hotspots have been installed over the past several months. The SGA last spring requested improved WiFi coverage in a top ten list of technology needs presented to UAB IT leadership. Learn more here.

Easier software download process is coming this month
A faster, more convenient method for UAB faculty and staff to access software for UAB business purposes will debut this month. Learn more about the new process.

TechConnect expands repair services
TechConnect, UAB IT's technology storefront at the Hill Center, now offers a variety of technology repair services. The services, at competitive prices and in a convenient, on-campus location, are available for students, faculty and staff. Learn more here.

AskIT closed for Labor Day holiday
AskIT will be closed for the Labor Day holiday on Monday, Sept. 5, but you can still submit a ticket at askit.uab.edu. Regular hours will resume Tuesday, Sept. 6.
RESEARCH
Event to showcase research cyberinfrastructure
UAB faculty, staff and students are invited to attend Research Computing Day, which will highlight how UAB researchers are using the resources supported by IT. Registration for the event, which will be held Sept. 14, is free, but is required as seating is limited. Learn more here.

Dedication for high performance computer set for this month
UAB will celebrate its investment in research computing infrastructure with a dedication for the UAB high performance computer scheduled for later this month. Learn more about UAB's research computing environment here. UAB leadership has been instrumental in the investment in research computing. Learn more about that investment here.
TEACHING & LEARNING
UAB IT assists new Blazers on freshman move-in day
Representatives from UAB IT were on hand to answer technology questions as students moved into residence halls for the fall semester. UAB IT had already met many of the incoming freshmen through participation in new student orientation throughout the summer, and will participate in the Sept. 1 Student Life Day on the Campus Green. Students who need assistance on campus can visit the TechConnect store at the Hill Center or contact AskIT at 996-5555.

Automated messaging can improve student retention
UAB is piloting new automated communications in Canvas that will allow instructors to send messages to students who have missed class or who haven’t logged in to view information about the class. The intent of the messaging is student engagement and retention: Instructors can personalize the messages, but the idea is to give students a second chance when they might otherwise drop or fail the class. Eleven faculty members from the Collat School of Business are participating in the pilot and will provide feedback to improve the feature, which could be rolled out campus-wide for the spring semester. Faculty members can use the automated alerts through their Faculty Profiles.

Faculty Profiles expands with new features, reports
The past year has been a productive one for the Faculty Profiles system. Since the first of year, UAB has activated the Faculty Profiles Reporting module for all departments and schools currently using the Profiles system. These reports include new Faculty Evaluation reports and more than 30 Custom Reports that faculty can use to report on all aspects of their profile. Learn more here.
OPERATIONS & ADMINISTRATION
Upgraded central authentication more agile, scalable
UAB’s central authentication system saw 142,000 logins on the first day of fall classes — a workload UAB IT knew that the CAS would be able to handle because of extensive testing done over the summer. In recent weeks UAB IT upgraded its central authentication system, which allows users to log in to a number of UAB systems, including BlazerNET and the new Kronos timekeeping system. The upgraded technology is more agile and scalable and will have additional features, and the testing ensures that the system is reacting to the user load appropriately.

UAB Staff Council launches SPARK campaign
The UAB Staff Council has launched a SPARK campaign seeking input and ideas from UAB staff members. The SPARK campaign leverages a UAB IT-provided platform for crowdsourcing ideas. The Staff Council elected its executive committee over the summer and established subcommittees, and will begin formal meetings this month.
COMMUNITY
Seminar highlights local technology vendors
UAB's IT Strategic Plan offers insight into the kind of projects local vendors might be interested in supporting, Vice President and CIO Dr. Curt Carver told business representatives at a seminar and trade show hosted by the university's Small Business Inclusion Office. "We need strategic partners," Carver told business owners, encouraging them to read the plan to learn more about plans for technology at UAB. UAB IT is planning an on-campus session for area vendors later this month so they can learn more about opportunities to partner with UAB IT. To request Dr. Carver as a speaker, click here.

Carver named to board of Alabama Supercomputer Authority
Vice President and CIO Dr. Curt Carver has been appointed by Gov. Robert Bentley to serve on the Alabama Supercomputer Authority Board of Directors. The Alabama Supercomputer Authority's mission is to provide a professional portfolio of information technology resources and services for the advancement of education, research, and economic development in Alabama. The authority works to develop and operate the statewide Alabama Research and Education Network and the Alabama Supercomputer Center.

Information Security staff speaks on internet safety
UAB IT's Paul Walker spoke recently at a lunchtime class sponsored by the UAB Employee Assistance and Counseling Center. His topic, Internet Safety for Children, gave parents tips to help their children protect themselves and their online reputation. Any group interested in scheduling a similar talk can contact AskIT.
SECURITY
Security tip: Know your personal backup plan
Mobile phones, tablets, and laptops continue to provide us with the opportunity to work "on the go," but this added convenience could also mean more risk. These personal devices are making it easier to store and access information, but they are also easy to steal or misplace. Do you know what to do if your device is lost or stolen? For more tips on securing your data, click here.
TECH CORNER
New campus edge protections coming later this year
UAB IT is continuing plans to update and modernize its campus edge protections to limit the impact of attempted intrusions by external attackers. UAB will be modifying the border firewall posture later this year to what is known as “default-deny,” a best practice for enterprise environments. This posture will improve the security of the campus network, information systems and any private or sensitive data stored at UAB. UAB IT will be working with departments across campus to implement the changes over the next several months.

Alabama IT Symposium coming in November
The inaugural Alabama IT Symposium, set for Nov. 10 at the Doubletree Hilton in Birmingham, is a one-day, executive level event designed to bring together IT management teams in Alabama. IT leaders will have the opportunity to network, collaborate and learn from their peers. Vice President and CIO Dr. Curt Carver will kick off the day with a keynote presentation. Learn more about the event here.
ON THE HORIZON
CYBERSECURITY AWARENESS: UAB IT is planning several events in October to coincide with National Cyber Security Awareness Month, including training for campus IT professionals and a free laptop checkup for students. The laptop checkup is set for Oct. 4-5 at the Hill Student Center and will provide free security checks and consultations, malware removal and antivirus help, and general troubleshooting. 

1GB TO DESKTOPS: This fall UAB IT will be building the infrastructure to support 1GB connections to desktops on campus. Learn more about the upgrade plans here.
DID YOU KNOW?
EASY PASSWORD RESET: You can easily reset your BlazerID password if you are signed up for automated password reset through BlazerID Central. Sign up a cell phone number through the B-Alert Identity feature to get text messages to reset your password, so you can bypass AskIT.

DON'T GET HOOKED: No one at UAB or law enforcement agencies will ever call to ask for your password or to demand money. Last year, several students and their parents were targeted by phone scams, with malicious callers impersonating police or university officials to try to steal money or personal information. Learn more here.
Facebook
Facebook
Twitter
Twitter
Instagram
Instagram
Website
Website
YouTube
YouTube
Feedback
Feedback
 
SOE Pic 1The Faculty Profiles team demonstrated the system at the School of Education Faculty Resource Fair in August. From left are Midge Ray, Assistant Dean School of Health Professions Honors Program; Ralph O’Flinn, Applications Engineer II – Enterprise/Faculty Profiles Project Technical Lead; and Divya Kondepudi, Functional Systems Analyst.

The past year has been a productive one for the Faculty Profiles system. Since the first of year, UAB has activated the Faculty Profiles Reporting module for all departments and schools currently using the Profiles system. These reports include new Faculty Evaluation reports and more than 30 Custom Reports that faculty can use to report on all aspects of their profile. In the last few weeks, UAB has also released Aggregate Reports that can be used by chairmen, deans and their administrative delegates. In June, the School of Health Professions used Faculty Profiles for their faculty performance evaluations.

Starting last month and continuing into September, the Faculty Profiles team is training all faculty members and their staff who are taking part in T32 grants. This will add more than 500 new faculty members and their delegates from the Schools of Medicine, Health Professions, Nursing, Public Health, Dentistry and Optometry. We continue to evaluate ways to assist them with their T32 data requirements.

Also trained this year were Art & Art History, School of Dentistry, and School of Public Health. All trainings in total added more than 800 new faculty and staff to the system.

On Aug. 23, the Faculty Profiles team had an exhibit at the School of Education Faculty Resource Fair down at Region’s Field. The team demonstrated the tool, including the new reporting function, and answered questions. 

Currently in development are the ORCID and VIVO integrations as well as the upgrade to Elements from 4.17 to 5.1, which will facilitate an even more friendly user experience.
Monday, 29 August 2016 13:00

Research Computing Day set for Sept. 14

UAB IT's Research Computing division will host a Research Computing Day on Sept. 14, giving faculty, students and staff an opportunity to find out what research work is being done using the resources supported by UAB IT.

The Research Computing Day will also highlight trends in research cyberinfrastructure, with industry leaders participating in the discussion.

"UAB researchers will be able to share how they are using campus cyberinfrastructure to enhance their research, gain new insights from peers and industry experts and contribute towards the growth of research infrastructure at UAB," said Dr. Puri Bangalore, interim director of research computing at UAB and assistant director of the UAB Center for Information Assurance and Joint Forensics Research.

Research Computing Day will be held from 8:30 a.m. to 2 p.m. Sept. 14 at the Hill Student Center, ballrooms C and D. 

The event is open to all UAB faculty, staff and students. There is no registration fee; however, seating is limited and registration is required. Complete registration here.

Thursday, 18 August 2016 12:31

TechConnect services

TechConnect offers a variety of services, from virus removal to computer backup.

TechConnect Services Table
The UAB network will experience one, and possibly three, 2-4 minute outages between 6 and 9 a.m. on Saturday, August 20, as UAB IT performs annual network upgrades.

UAB IT has scheduled the outage while classes are out of session to lessen the impact on campus.

The UAB Hospital network will not be affected by the outage.
Tuesday, 02 August 2016 12:26

IT Update for August 2016

*|MC:SUBJECT|*
 
August 2016
A monthly report to UAB leadership and the IT community about technology projects
designed to enhance the work and lives of UAB staff, faculty and students.

Investing in you

$2.5 million will help improve speed for UAB network

Upgrade will create a competitive advantage for researchers and improve performance for students, faculty and staff. More improvements are under way or planned to strengthen network connectivity across the university and UAB Healthcare. Read more about your network here.

CAMPUS
May we help you? AskIT improvements a priority for UAB IT
If you call AskIT in the near future, you might receive help from Vice President and CIO Dr. Curt Carver. Department leadership will be taking an active role in assessing how AskIT can improve how we serve campus — in some cases by answering calls and helping customers. A team from HDI, an association of technical support professionals, has been auditing AskIT to make recommendations on improving service. The goal is to provide quick, reliable assistance to students, faculty and staff. Learn more about the planned improvements.

Don't stay stuck on UABStartHere; switch to UABSecure
When you are using WiFi on campus, make sure you log on to the UABSecure network, which will provide greater security and stability for students, faculty and staff. Need help to get your device to "forget" UABStartHere? We have instructions in the IT Service Portal's knowledge base to help so that you can log in to the secure network every time.

Last name, first name: Searching email addresses now easier
A change in the email system global address list has modified the user name search order to Last Name, First Name Middle, Suffix. This will make it easier and quicker for users to find the correct email address on campus and at the UAB Health System. Learn more here.

RESEARCH
Research computing aids team investigating Parkinson's
Parkinson’s disease symptomatically affects more than 1 million people living throughout North America. There are many researchers throughout the world searching for ways to prevent and cure this degenerative disease. A major step towards a breakthrough would be the discovery of something called biomarkers. A research team on the forefront of this search is being led by a fellow Blazer. Neurologist Frank Skidmore of UAB is the project principal investigator as part of the Extended Collaborative Support Services (ECSS) program component of the National Science Foundation’s eXtreme Science and Engineering Discovery Environment (XSEDE). This is a joint effort between computational scientists at the University of Tennessee and medical researchers from UAB. This partnership exemplifies the deep support for science teams that UAB Research Computing has been working to provide. Other researchers from UAB include Thomas Anthony and Jon Marstrander of the Department of Electrical and Computer Engineering and Yuliang Liu of the Department of Biostatistics. 
TEACHING & LEARNING
Get a $200 gift card with Notebook Program purchase
For a limited time, students who purchase a laptop through the TechConnect Notebook Program can also receive a $200 Dell gift card to use toward additional technology purchases. The new Notebook Program offers students discounts on laptops bundled with on-campus service and support. TechConnect's web site also offers a variety of other options for discounts on technology purchases, and the store — located at the Hill Student Center — takes both Apple Pay and Android Pay in addition to major credit cards.

UAB IT to help new Blazers on freshman move-in day
When freshmen arrive on campus to move into residence halls, UAB IT will be there to help greet them and answer questions about technology on campus — everything from logging on to the network to tips on secure computing. UAB IT has already met many of the incoming freshmen through participation in new student orientation throughout the summer.
OPERATIONS & ADMINISTRATION
SharePoint form system saves time for School of Nursing
UAB IT's SharePoint team was able to create a new form for the School of Nursing that saves time and effort for students, faculty and staff. The new preceptor planning form system, created in SharePoint, offers a better solution to route the forms through multiple offices, making it easier to perform placement for 600 students per semester located across the country. "This saves faculty and staff a tremendous amount of time," said Dr. Ashley Hodges with the School of Nursing. "Documents are secure and we don’t find ourselves looking for lost forms. We now have a system to archive old PPFs. Faculty and staff who are part of the PPF approval system can now track progress in the PPF approval system and easily determine where it is in the process."
COMMUNITY
Birmingham, UAB highlighted at new Sloss Tech event 
"The genesis of ideas happens when you least expect it." That sentiment from Andy Grignon, speaker at the inaugural Sloss Tech hosted by TechBirmingham, was among the messages shared at the day-long event designed to highlight Birmingham's growing technology community. Not only did tech entrepreneurs share their stories of success — and some advice on failure — they also showcased what Birmingham and UAB have to offer. "UAB is a hotbed of good ideas," said UAB neurosurgeon and entrepreneur Dr. Bart Guthrie, who added that the university is a great resource for people thinking "there must be a better way." The technology summit was a kickoff for the second annual Sloss Fest music festival, and TechBirmingham President Jennifer Skjellum said organizers hope to grow Sloss Tech into an event similar to Austin's South by Southwest, or SXSW.
SECURITY
Security tip: Protect yourself online
Browsing web sites, shopping online, playing Pokemon Go — there are dozens of ways we go online every day. While no browser, app or device can be perfectly secure, learning safe browsing habits and practicing them every day can help you be safer and more secure online. For more tips on how to protect yourself online, click here.

Don't get hooked by phone scams
With new and returning students arriving on campus this month, we want to remind students, faculty and staff that students and parents have been targeted by phone scams over the past year, with malicious callers impersonating police and university officials and trying to steal money or personal information. No one at UAB or law enforcement agencies will call to ask for your password or demand money. Learn more here
TECH CORNER
Co-designed software download solution coming next month
Campus IT professionals have been working with UAB IT to co-design a new solution for institutional software downloads for UAB-owned computers. In coming weeks, UAB IT will be scheduling training for the new solution, which uses Microsoft System Center Configuration Manager (SCCM). When the new download solution debuts next month, the current software download site will remain live as UAB transitions to the new system for UAB-owned computers. For software downloads for their personal home computers, students, faculty and staff can go to On the Hub.

UAB IT updates Java recommendations for UAB systems
UAB IT has updated the minimum recommendations for the version of Java as for use with UAB's administrative systems. Java 1.8.91 is the currently recommended version.

UAB continues partnership with Auburn on IT ideas
UAB IT leadership met last month with counterparts at Auburn University to share ideas and discuss areas of mutual interest. Representatives from both schools have found common ground for a partnership that will benefit both institutions and their students.
DID YOU KNOW?
PASSWORD TOOL: UAB IT offers a new password tool to help better protect . Learn more about those improvements to technology at UAB here.

30th ANNIVERSARY: The University's .edu domain name turns 30 this year. UAB was the first university in the state — and the 40th in the nation — to secure a .edu domain name when the internet was in it early stages. UAB.edu debuted a new look earlier this year.
Facebook
Facebook
Twitter
Twitter
Instagram
Instagram
Website
Website
YouTube
YouTube
Feedback
Feedback