CIS Staff Technology Blog
Matthew Migration
All files previously stored on Matthew should now be migrated to SharePoint or be in read-only mode for a short while until the old storage platform is retired. If you still rely on access to any files on Matthew, please contact cis-bst@spu.edu so you don’t lose access to those files.
Zoom Client Upgrade
Zoom will be deprecating older versions of the Zoom client over the next few months. To prevent disruption, we have updated academic computers and podiums with the latest version and have made the new version available in Software Center.
We recommend you ensure your computer is setup to receive automatic updates and is on the latest version of the desktop client. To check the version you have installed or to download the latest version, please take some time now to make sure your computer is ready by following the steps below:
Once signed in, select your profile photo in the top right corner.
Select Check for updates. If there are updates available, Zoom will download and install.
If you have additional questions or concerns, please reach out to the CIS HelpDesk at help@spu.edu or at 206-281-2982.
Classrooms and Labs
Demaray 356 Updates
Demaray 356 is transitioning into an integrated hybrid pilot classroom! This pilot room space will be used to test a new integrated hybrid system. Previously installed hybrid classrooms did not have an integrated PC with the system, whereas the new system being trialed has an integrated system that you can plug your laptop into.
If you’re interested in learning more about how the room works or would like to have a demo of the classroom, please reach out to CIS at help@spu.edu!
Academic PC Software
CIS is in the process of rolling out Windows 11 for all of campus! We are also collecting software requests for fiscal year 2024-2025.
For questions or concerns regarding the Windows 11 rollout and how it may impact academic lab spaces and/or classroom podium pcs, individuals can collate their requests for their department via submitting software requests form here: Software Requests ‘24-25.
If you are concerned about specific software compatibility with Windows 11, such as specialty hardware or legacy software, please complete the form linked above.
As a reminder, we encourage you to reach out the CIS HelpDesk if you have any questions or concerns at help@spu.edu.
Deployment for Windows 11 devices has begun! It has been announced that Microsoft will cease support for Windows 10 by the end of 2025, so CIS is proactively initialing our Windows 11 deployment process to stay ahead of the curve.
While Windows 11 has been available for a couple of years now, we understand that it may be new to some of you who have not yet upgraded. Our goal is to ensure a smooth and comfortable transition for all users. With this, you can find many helpful resources below!
Windows 11 Wiki Documentation
Documentation for Windows 11 is now available on the SPU Wiki as we begin processing deployments. This may serve as a valuable resource for anyone needing guidance on navigating the new system. Additionally, we have provided walkthrough videos to assist you in familiarizing yourself with Windows 11.
Microsoft Copilot
We are also going to introduce Microsoft Copilot, and encourage faculty and staff to consider leveraging this powerful AI tool within their work processes. Copilot can significantly enhance workflow efficiency, and understanding its functionality is increasingly valuable in today's AI-driven landscape. Documentation for Copilot is also accessible on the SPU Wiki for those interested in learning more.
Upgrade Checklist
To ensure a seamless transition during the deployment of updated Windows 11 devices, we've prepared a checklist for you to review before your visit to the HelpDesk. Once you've completed the checklist, there will be a link to schedule an appointment to receive your upgraded Windows 11 device. Please note that your previous laptop will be retained for one week to ensure that all data has been transferred successfully.
Faculty and Staff will be notified by the HelpDesk when to begin preparing for their device upgrades via email.
Windows 11 and Copilot Tips and Tricks
As deployment commences, we will be posting a weekly series of tips and tricks to help guide you through the transition and discover new efficient ways to enhance your work productivity. You can find the series of tips and tricks for Windows 11 and MS Copilot below:
How to add Another Account
The new Microsoft Teams allows for multi-account support, meaning you will be able to add another account to your Microsoft Teams App.
To add a new account, select your profile picture at the top right of the application window. Then, select Add another account.
Adding another account to your Microsoft Teams desktop app will allow you to get notifications for both accounts, in real time.
You will be able to participate in different chats, calls, and meeting without having to manually switch between accounts.
You will also be able to set your status for each account individually.
For a more in-depth explanation of how to add another account, please visit Manage Accounts and Organizations in Microsoft Teams, or by following the link below:
Other Microsoft Teams-related Updates
View what else is new by following the link: Microsoft What's New in Teams.
Also, linked below is the starting video in Microsoft Teams Youtube Playlist covering Microsoft Teams:
How Microsoft Teams Used to Look:
October is Cybersecurity Awareness Month - CSA
It is CIS's responsibility to share some vital information about how to be safe while using the internet and managing yours and students' information.
Over the next few weeks, CIS will be releasing a weekly blog post that expands on four core topics for this year's CSA month: Phishing, Social Engineering (whaling), Passphrases for passwords, and Ransomware.
At the end of the month, there will be a quiz released to employees and students. Receiving 100% on the quiz will automatically enter the user into a raffle. The raffle will have two winners, one student and one employee, who will each receive a prize* from CIS!
Keep an eye out for the first blog post on October 9, and then every following Monday until the end of the month!
*Please note that prizes will be ordered once they are selected by the prize-winners. CIS will contact prize-winners when the prizes are ready to be picked up from the HelpDesk.
Security Awareness Week 1: Phishing emails
What is Phishing?
Often carried out over email -- although the scam has now spread beyond suspicious emails to phone calls (so-called "vishing"), social media, SMS messaging services (aka "smishing"), and apps -- a basic Phishing attack attempts to trick the target into doing what the scammer wants.
Exactly what the scammer wants can vary wildly between attacks. It might be handing over passwords to make it easier to hack a company or person, or sending payments to fraudsters instead of the correct account. This information is often stolen by making requests that look entirely legitimate -- like an email from your boss, so you don't think twice about doing what is asked.
How would you identify a Phishing email?
Emails that contain the following should be approached with extreme caution, as these are common traits of phishing email:
- Urgent action demands.
- Multiple sources in the from email address line.
- Poor grammar and spelling errors.
- An unfamiliar greeting or salutation.
- Requests for login credentials, payment information, or sensitive data.
- Offers that are too good to be true.
Phishing is also a popular method for cyber attackers to deliver malware by encouraging victims to download a weaponized document or visit a malicious link that will secretly install the malicious payload on the person's computer. These kind of attacks mostly are trying to distribute a trojan malware, ransomware . These cyber hackers are hoping you don't look to deep into the email, that you just gloss over the details and click on the link, or download the attachment. Below is a screenshot of a phishing email, and you can see just how tricky they can be.
Why is Phishing called Phishing?
The overall term for these scams -- Phishing -- is a modified version of the word 'fishing' except in this instance the one doing this fishing is a scammer and they're trying to catch you and reel you in with their sneaky email lure. In most cases, they will send out many of these lures.
FUN FACT! - Why is Phishing spelled with a "Ph"?
The “ph” spelling of phishing is influenced by an earlier word for an illicit act: phreaking, which involves fraudulently using an electronic device to avoid paying for telephone calls. The people who perpetrated phreaking were called “Phreaks,” and since phreaks and hackers were closely linked, the “ph” spelling was used to denote the phishing scams involving these underground groups. Pretty cool!
We hope by sharing these resources with you, that you will have the tools and information necessary to make informed decisions when using the Internet.
Security Awareness Week 2: Ransomware
The CISA defines Ransomware as a "form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption."
Ransomware can be planted into a network using many methods, like Phishing and Social Engineering. Once it is planted, hackers locate and secure access to important files and move those files to a secure network of their own.
Oftentimes, a hacker needs only access into a network, and can gain such access in a myriad of ways. For example:
- By sending phishing emails requesting login information or containing malicious code(as we have seen in last week's post)
- Looking for weaknesses within your network's security
- Users are redirected to a suspicious website that infects their computer by browsing or prompts for them to download files off the internet.
Computer Safety Tips:
Regularly back up important and sensitive data to a separate drive.
Install and regularly update antivirus software on your device.
Exercise caution when following links in emails, text messages, and websites.
Be mindful of what files your are downloading from the internet and avoid suspicious sites.
SPU Employees SPU-Managed Devices:
Software and application patches, anti-virus updates, data backups, mandatory browser and security settings are all implemented by CIS and enforced on your school-issued devices.
However, it is still essential for all employees to use their best judgement when viewing emails and websites.
Example 1. Fake websites
A cyber-criminal will design a carefully-worded phishing email which includes a link to a spoofed version of a popular website. The website imitates the layout of the original site to trick the victim into entering their account credentials.
Example 2. CEO Fraud
An attacker will take control of an email address familiar to the employee, such as their company’s CEO, Human Resources Manager, or IT admin. The hacker will assume this individual’s identity and ask the user to complete an urgent action, such as transferring funds, updating their personal information, or installing a new app.
Example 3. Malware
In these types of phishing attacks, an attacker will try to trick an employee into clicking on a malicious email attachment. Usually, this type of attack is carried out with a fake invoice or delivery notification.
If you think that the email may be legit, go to a link that you know is safe (one that you have save for the company) and log in from there. Or, you can always call the company and confirm or deny the validity of the email you received.
REMEMBER
If you don't recognize the sender, NEVER click on the attachments or links!
Example 4. Smishing
An SMS-based phishing attack in which a hacker will send an SMS or voice message asking the recipient to click on a link to accept a gift, change your password or call a number. The link will take them to a phishing website that they will use to try and gather more information from you.
Also, the link you click on could have malware in it. What does that mean? It could install a program on your phone that will allow the hacker to gain access to all your personal information, e.g. contacts, passwords, email, photos.
Example 5. Vishing
An unknown caller will call the victim and or leave a voicemail urging them to phone them back and hand over personal information, usually by impersonating someone from a trusted company.
The most common type of this is a Tech Support Call.
This attack is widespread in large companies where employees might not know or have met members of the tech support department. Scammers will pretend they need to do a computer update or repair and ask for the victim’s password to do it.
Education is key to beating these attacks. Frequently remind users that you will never ask them to divulge their password over the phone and that they shouldn’t do so under any circumstance.
Creating a Strong Passphrase
It is also important for users to use a strong Passphrase or password for securing your account. A strong password will protect your account while also not containing any personally identifiable words; like your mother's maiden name or your childhood pet. It is also important to use a strong or complex password, as a more simple passphrase can be easily guessed.
Here are some key things to follow when creating a password:
- Use a combination of numbers, capitalization and special characters.
- Use a longer passphrase that you can easily remember.
- Don't use a password you have used before, or a slight variation of a pre-existing password.
Do NOT write down OR your share your SPU password with anyone.
Password Managing
If you are worried about keeping track of your passwords, use a password manager that will keep track and record all of your passwords and where they are used. It is also likely that your phone or Google account will have password tracking enabled.
For more information on SPU's Password Policies, please select here.
Cybersecurity Awareness Month Quizzes
Thank you for joining us for this year's Cybersecurity Awareness month as we covered Phishing, Ransomware, Social Engineering (Spear Phishing), Passphrases, and Canary Files.
If you have questions or concerns about the topics covered, or would like to learn more, a student technician with the HelpDesk would be more than happy to assist! You can contact the HelpDesk by phone at 206.281.2982 or by email at help@spu.edu.
As a reminder, we are offering one quiz for Faculty and Staff and one quiz for Students to test their knowledge on the topics we covered this month. The quiz will remain open until November 15th, 2023.
A Few Rules to Follow:
- One quiz attempt per individual.
- A student may not take the employee quiz and employees may not take the student quiz.
- Only scores of 100% will be automatically entered into the raffle.
- Prizes will only be given out to the winning individual(s) after they have made their *selection.
- One prize per winner.
*Raffle winners will be contacted by CIS and choose their prize from the available options. Options include bluetooth speakers and/or gift cards.
Faculty and Staff Quiz Here
Student Quiz Here
CIS HelpDesk Operations
Helpdesk walk-in hours will be limited to 10am-4pm on weekdays. The helpdesk will no longer provide evening and weekend support. We also expect the current longer than historical response times on work requests to be the new normal.
Reason for the Change
There are three key drivers for this change: headcount reductions; the transition from salaried to hourly staff, and minimum wage increases without budget enhancements for several years have decreased student employee labor hours.
Centralized PC Purchasing Changes
CIS is changing the way computers are funded and refreshed to better steward limited resources. The Centralized PC Purchasing Policy has been updated to reflect these changes. This shift will mean the following:
- One PC / Knowledge Worker - CIS will provide one standard PC (Windows or Mac) to each employee classified as a knowledge worker. CIS will cover the up-front expense and a permanent budget transfer is no longer required.
- Second Devices - With very limited exceptions, all employees with more than one computer will be reduced down to a single device.
- Shared Computers - All shared computers (student / adjunct workstations, kiosks, etc.) will be reviewed for business need. Devices without a clearly explained need will be eliminated. Funding of shared computers by business units will not change. See the Centralized PC Purchasing Policy for details.
- Equipment Refresh Cycle - Equipment refresh cycle goals, under 5 years, have been increased by 1 year.
- Equipment Stewardship - All equipment will be "stewarded" by CIS. When positions become vacant, computers will be returned to CIS to be rebuilt and re-issued when a position is filled.
- Eliminated Equipment Budget - Funds stewarded by CIS to maintain/replace any eliminated equipment has already been returned to the institution to reduce the deficit.
Reason for the Change
The Centralized PC Purchasing budget has been significantly reduced to reduce overall institutional operating expense. The change necessitates a realignment of existing equipment investments and downsizing the numbers of computers on campus to fit within SPU's budget and support labor capacity. Returning equipment to CIS during employee transitions simplifies inventory and asset tracking processes, improves device security, ensures better use of resources, and sets new employees up for success with a freshly refurbished device.
Printer Program Changes
The fleet of Multi-Function-Printers (MFPs) will be reduced from 85 printers to 50 printers across campus. The locations eliminated were determined based on usage, distance to the next closest MFP, and accessibility. This change also necessitates the removal of sending print jobs directly to a printer. Secure Print will be the only option to print to the University MFPs.
Reason for the Change
Budget for the Centralized Printing program has been significantly reduced and requires downsizing of the MFP fleet. The shift to Secure Print significantly reduces complexity, support expense, and reduces the risk of printing sensitive information to publicly accessible printers.
Additional Service Reductions and Changes
AV Equipment Checkout
Audio/visual equipment for checkout from the CIS Helpdesk has been eliminated. CIS will develop a list of local vendors that rent equipment to support events.
AV Event Support
AV technology support for online and in-person events has been eliminated. CIS will develop a list of local contractors you may hire to provide these services.
Matthew File Shares
The current hardware platform past its end-of-life and will not be replaced. CIS will work with departments to transition their files to Document Libraries in Office 365 over the course of the '23-'24 Academic Year.
If you've been waiting for a good time to review, re-organize, or remove old content from Matthew, now is a great time since it'll expedite the migration process once we get started.
Reach out to cis-bst@spu.edu if you'd be interested in moving your department's files early in the process and we meet to start things moving.
Tableau for Data Reporting
The University's Tableau license for ongoing maintenance has been canceled. CIS will continue to operate the Tableau server in a locked-down fashion for some time, but expect most departments to slowly transition reports and dashboards to Power BI.
Project Management
The IT Project Manager position and project management services offered by CIS have been eliminated. CIS will continue to partner in the review of technology projects, but project management will now be done by the requesting department's leadership or professional services staff provided by technology vendors.