Beginning November 1, 2021, Zoom will require their apps to be no more than nine months behind the current version at any given time.
If you are using a computer managed by UNI, Zoom updates will be done automatically for you and no action is required.
If you are using a personal device (computer or phone), Zoom apps that are outdated will be prompted to be upgraded upon connecting. Information Technology recommends that you regularly download and update to the latest version of the Zoom software by checking for updates within the Zoom client or by navigating to zoom.us/download to take advantage of all the latest security and functionality features. For assistance on keeping your personal devices updated, visit Zoom’s article on upgrading Zoom to the latest version on a personal device.
Duo enabled CatID accounts using Microsoft 365 applications and services will start to be prompted for multi-factor authentication (Duo) on November 3rd, 2021 to match campus security standards. If Duo is not currently turned on for your account, you will not be prompted. If you would like to learn more about multi-factor authentication at UNI, visit this page https://mfa.uni.edu/. If you are not enrolled in multi-factor authentication yet but would like to be, please visit this page https://mfa.uni.edu/enroll-your-account-duo.
Email is still one of the primary ways we communicate, both in our personal and professional lives. However, quite often we can be our own worst enemy when using email. Here are the most common mistakes people make with email and how to avoid them. https://www.sans.org/newsletters/ouch/avoid-the-most-common-email-mistakes/
In October of this year local landline calls to all numbers starting with 319 will need to be dialed with all ten digits. This change has been mandated by the FCC for multiple reasons including support of the new 988 National Suicide Prevention Lifeline. The UNI IT Voice team made system modifications so both 7 digit and 10 digit dialing will function as they always have using either procedure. In addition UNI long distance dialing will still require 1 followed by the 10 digit number.
For more information: https://www.fcc.gov/consumers/guides/ten-digit-dialing
Does it seem like cyber criminals have a magic wand for getting into your email or bank accounts and there’s nothing you can do to stop them? Wouldn’t it be great if there was one single step you could take that would help protect your from cyber criminals and let you securely make the most of technology? While no sole step will stop all cyber criminals, one of the most important steps you can take is to enable something called two-factor authentication (sometimes called 2FA, two-step verification, or multi-factor authentication) on your most important accounts. Read more at https://www.sans.org/newsletters/ouch/one-simple-step-to-securing-your-accounts/
Citrix is a resource available to UNI students and faculty to access applications and desktops while off campus. Important changes to be aware of for Citrix at UNI are noted below.
Citrix will start requiring MFA via Duo on August 10th, 2021 to match campus security standards. If you currently use Duo, you will start to see this change on August 10th. If you are a student that currently does not have Duo turned on, you won’t be prompted by Duo to access Citrix until it is turned on for your account. When this option is available, you will receive communication from campus IT. If you would like to learn more about multi-factor authentication at UNI, visit this page https://mfa.uni.edu.
Citrix is now available via your web browser! Simply navigate to https://vdi.uni.edu and access the applications and\or desktops in your web browser without having to download a client. You can continue to use the client, but we encourage you to give the web client a try.
If you decide to continue to use the client, no problem! When using the Citrix client you will not receive a prompt asking your preference for your Duo authentication. You can expect this Duo prompt to come to your phone and are required to verify your identity before you can log into the client.
Google has notified UNI IT they will be applying a Drive Security update to make link-sharing more secure on September 13, 2021. Security is a critical factor in managing our data in Google Drive, so we will be applying this update to a some of the files in our domain. Google will be sending an email on July 26th (similar to the message below) to users with impacted files, this will includes actions you will need to take and a link to the impacted files.
Here are some important aspects we have learned about this change:
- Files that will be affected by this security update are non-native Google files (e.g. Microsoft Word, PDFs, MP4s, etc.) shared prior to 2017. Google files (Docs, Sheets, Slides, and Forms) will not be impacted.
- Any Google user (internal or external) should be able to access any file they have accessed before, even after the update has applied. Users can request access if they have not accessed the file before the update.
- Only users (internal or external) who haven’t viewed the affected files previously will be affected by this change. If a new user uses the old link, a request will be sent to the data owner to allow access.
- You will need to share a new updated link (URL) for any files that still need to be publicly accessible with a link on websites or posted elsewhere. New links can be generated starting July 26th.
We ask that if you have questions or concerns about this email, please contact UNI Information Technology via servicehub.uni.edu and your question or concern will be routed to the appropriate team.
Additional information from Google can be found at: https://workspaceupdates.googleblog.com/2021/06/drive-file-link-updates.html
I wrote about ransomware about a year ago. The only things that have changed since then are that the result of becoming infected have gotten far more severe and the number of victims has increased exponentially. Today's variants not only encrypt your data and demand payment to decrypt it, they also steal your data and threaten to expose it to the world if payment is not made. Under that scheme, even if you have proper and sufficient backups to restore your data, making the encryption moot, there is the threat that your data will be published for all to see.
We are not immune from these attacks here in the midwest. Last fall, the University of Nebraska Medical Center and Nebraska Medicine were breached. Associated costs are many tens of millions of dollars. More recently, and even closer to home, DMACC suffered a ransomware attack early last month that shut their network and classes down for almost two weeks.
Phishing provided the initial foothold for the bad actors behind these and many other similar incidents. Vigilance and skepticism when reading email remains key. Don't fall for the emotions that all phishing actors try to evoke -
- Fear - something bad will happen if you don't click on the link in the message
- Greed - something good will happen if you do click on the link in the message
- Urgency - hurry up and click on the link in the message right now
- Concern/Empathy -
- I’m stranded in an unfamiliar city
- I’m falsely accused, in jail, and need bail money
- I’ve been mugged and am in the hospital
Don't click on links in email messages unless you're certain they are legitimate. Don't open attachments in email messages unless you're certain of the sender's identity and the content of the message makes sense to you. If you have any questions about the message, err on the side of safety and seek help by contacting email@example.com.
Mobile devices are an amazing and easy way to communicate with friends, shop or bank online, watch movies, play games, and perform a myriad of other activities. Since these devices are such an important part of your life, it is essential to keep you and your devices safe and secure. Read more at https://www.sans.org/newsletters/ouch/securing-mobile-devices/
On June 18th Information Technology will replace the security certificate used to secure connections to Eduroam WiFi on campus. All UNI-owned and managed devices will be automatically reconfigured for the new connection and nothing will be required. However, personally owned laptops, tablets, and smart phones will potentially be asked to accept a new security certificate the first time they connect to Eduroam WiFi on June 17th. These prompts could look something like the screen captures below.
If you have questions or trouble connecting to Eduroaom WiFi on campus, please visit this IT support article. You can also contact your IT support by submitting a "Get IT Help" request from the Service Hub Portal.