Staff Updates

For UNI-managed computers, IT takes care of ensuring that the machine you use is kept up-to-date and patched. For personally-owned devices, including many devices that aren't "computers", the update responsibility is squarely on your shoulders. Some devices provide "automatic updates".  Turn that on and take advantage of it! Otherwise, set a reminder at least once per month to check for updates and apply those that are available. https://www.sans.org/newsletters/ouch/power-updating/

It’s clear that users remain a key target for threat actors looking to gain a foothold in corporate systems. In the past, businesses have placed the onus on users – expecting them to know what to look out for and identify phishing attacks – but with techniques becoming more convincing, a new approach is needed. Read more at https://www.infosecurity-magazine.com/blogs/how-can-users-stay-protected/

Phone call scams are sometimes preferred by bad actors because they provide a direct connection between the bad actor and the potential victim. Guidance to protect yourself can be found at https://www.sans.org/newsletters/ouch/stop-phone-call-scams/

This upgrade has taken place on Thursday, May 26

In mid-to-late April, a number of Duo applications were upgraded to be able to convert to Duo's new Universal Prompt. See https://it.uni.edu/updates/duo-universal-prompt-phase-2 for those details. However, the set of applications scheduled for April 27 had some issues and was reverted. Those updates are now scheduled for this coming Wednesday, May 17.

• Wednesday, May 17:  Many internal and/or higher-use resources, e.g., Google apps, eBiz, Zoom, ServiceHub, CBORD GET, VPN, Docusign, EZ Proxy, FAMIS 360, etc.

The above is a sample of the most common applications affected. A complete list can be found at https://it.uni.edu/shibboleth-and-duo-universal-prompt-upgrades. Details on Duo's Universal Prompt can be found at https://guide.duo.com/universal-prompt