CIS Staff Technology Blog
Matthew Migration
All files previously stored on Matthew should now be migrated to SharePoint or be in read-only mode for a short while until the old storage platform is retired. If you still rely on access to any files on Matthew, please contact cis-bst@spu.edu so you don’t lose access to those files.
Zoom Client Upgrade
Zoom will be deprecating older versions of the Zoom client over the next few months. To prevent disruption, we have updated academic computers and podiums with the latest version and have made the new version available in Software Center.
We recommend you ensure your computer is setup to receive automatic updates and is on the latest version of the desktop client. To check the version you have installed or to download the latest version, please take some time now to make sure your computer is ready by following the steps below:
Once signed in, select your profile photo in the top right corner.
Select Check for updates. If there are updates available, Zoom will download and install.
If you have additional questions or concerns, please reach out to the CIS HelpDesk at help@spu.edu or at 206-281-2982.
Classrooms and Labs
Demaray 356 Updates
Demaray 356 is transitioning into an integrated hybrid pilot classroom! This pilot room space will be used to test a new integrated hybrid system. Previously installed hybrid classrooms did not have an integrated PC with the system, whereas the new system being trialed has an integrated system that you can plug your laptop into.
If you’re interested in learning more about how the room works or would like to have a demo of the classroom, please reach out to CIS at help@spu.edu!
Academic PC Software
CIS is in the process of rolling out Windows 11 for all of campus! We are also collecting software requests for fiscal year 2024-2025.
For questions or concerns regarding the Windows 11 rollout and how it may impact academic lab spaces and/or classroom podium pcs, individuals can collate their requests for their department via submitting software requests form here: Software Requests ‘24-25.
If you are concerned about specific software compatibility with Windows 11, such as specialty hardware or legacy software, please complete the form linked above.
As a reminder, we encourage you to reach out the CIS HelpDesk if you have any questions or concerns at help@spu.edu.
Deployment for Windows 11 devices has begun! It has been announced that Microsoft will cease support for Windows 10 by the end of 2025, so CIS is proactively initialing our Windows 11 deployment process to stay ahead of the curve.
While Windows 11 has been available for a couple of years now, we understand that it may be new to some of you who have not yet upgraded. Our goal is to ensure a smooth and comfortable transition for all users. With this, you can find many helpful resources below!
Windows 11 Wiki Documentation
Documentation for Windows 11 is now available on the SPU Wiki as we begin processing deployments. This may serve as a valuable resource for anyone needing guidance on navigating the new system. Additionally, we have provided walkthrough videos to assist you in familiarizing yourself with Windows 11.
Microsoft Copilot
We are also going to introduce Microsoft Copilot, and encourage faculty and staff to consider leveraging this powerful AI tool within their work processes. Copilot can significantly enhance workflow efficiency, and understanding its functionality is increasingly valuable in today's AI-driven landscape. Documentation for Copilot is also accessible on the SPU Wiki for those interested in learning more.
Upgrade Checklist
To ensure a seamless transition during the deployment of updated Windows 11 devices, we've prepared a checklist for you to review before your visit to the HelpDesk. Once you've completed the checklist, there will be a link to schedule an appointment to receive your upgraded Windows 11 device. Please note that your previous laptop will be retained for one week to ensure that all data has been transferred successfully.
Faculty and Staff will be notified by the HelpDesk when to begin preparing for their device upgrades via email.
Windows 11 and Copilot Tips and Tricks
As deployment commences, we will be posting a weekly series of tips and tricks to help guide you through the transition and discover new efficient ways to enhance your work productivity. You can find the series of tips and tricks for Windows 11 and MS Copilot below:
Similar to Windows 10, Windows 11 features Snap Layouts. While you can still drag windows to the sides and corners for half- and quarter-screen layouts, Windows 11 introduces a new hover menu over the Maximize button, offering various layout options.
For instance, you can choose to have one large window on the left and two stacked on the right or opt for three windows in a row. The available choices depend on the size of your display.
To select your preferred formation, simply click and then arrange your apps accordingly. If you’d prefer, you can disable this behavior in Settings. Additionally, there are keyboard shortcuts available for quickly snapping windows. For example, pressing Windows Key-Left Arrow snaps a window to the left half of the screen.
For more information, please refer to the Snap Layouts and Snap Groups wiki page.
Virtual desktops are designed to help users organize windows and enhance multitasking, similar to how snap layouts work. Virtual desktops offer a flexible workspace where users can group related tasks or applications together, switch between different projects or workflows seamlessly, and maintain a clutter-free desktop environment. With virtual desktops, users can efficiently manage their workflow and productivity by allocating specific applications or tasks to different desktops, thereby streamlining their work and optimizing their desktop experience.
Microsoft has replaced the old Task View button with a redesigned icon on the taskbar, making it easier to create and manage multiple desktops in Windows 11. Hovering over the icon reveals any open virtual desktops or allows you to create a new one effortlessly.
These desktops can then be rearranged as needed, and apps from one desktop can be seamlessly dragged into another. You can also toggle between multiple desktops with ease by using the shortcut Ctrl + Win + Left/Right Arrow.
In Windows 11, you also have the option to use different wallpapers for each virtual desktop. Simply right-click on the desktop, choose Personalize, then Background, and select a unique image for each desktop. It's important to note that this feature only applies to the Background choice and not to Themes. If you select a Theme, it applies to all virtual desktops; however, you can still customize the background per desktop after applying a theme. When you make this adjustment, you'll notice a smooth cross-fade effect between the two backgrounds when switching between virtual desktops.
For more information, please refer to the Virtual Desktops wiki page.
The most noticeable change in Windows 11 is the relocation of the Start button. Traditionally situated in the lower-left corner of the screen, it's now centered along with the other icons on the taskbar.
However, if you prefer the classic layout, you can easily revert it. To do so, simply right-click on the taskbar and choose Taskbar Settings. From there, select the Taskbar Behaviors drop-down menu and adjust the Taskbar Alignment to Left.
By making this adjustment, your taskbar icons will shift to the left, and the Start button will return to its original position. Additionally, you can further personalize your taskbar by pinning and adjusting apps. For more advanced customization options, refer to the taskbar personalization settings within the Settings app. To access these settings, navigate to Settings > Personalization > Taskbar.
For additional information and guidance, please refer to the Start Menu and Taskbar wiki page.
Sticky Notes in Windows 11 serve as versatile digital reminders and note-taking companions, seamlessly integrated into your desktop experience. Accessed via the search bar or the Windows Accessories folder, Sticky Notes can provide a convenient platform to jot down quick thoughts, to-do lists, and important reminders right on your desktop. With a simple click or shortcut (Ctrl + N), you can create new notes, which can be easily customized in terms of color, size, and text formatting to suit your personal style and organizational preferences. What sets Sticky Notes apart is their seamless synchronization across devices through your Microsoft account, ensuring that your notes are always accessible whenever and wherever you need them, whether you're on your PC, tablet, or mobile device.
Furthermore, Sticky Notes offer advanced features to enhance your productivity, such as insights and keyboard shortcuts, accessible through the settings menu. By pinning notes to your desktop or keeping them minimized in the taskbar, you can keep essential information at your fingertips without cluttering your workspace. To get to the Sticky Notes settings menu, Right-Click on the Sticky Notes app within the taskbar and then go to Settings.
Use the snipping tool to take quick photos or screenshots (WIN+SHIFT+S).
The Snipping Tool in Windows 11 is a versatile and user-friendly tool designed to capture and annotate screenshots with ease. Accessible through the Start menu or by searching, the Snipping Tool offers various snipping modes, including rectangular, freeform, window, and full-screen, allowing you to capture exactly what you need with precision and flexibility. With its intuitive interface, you can quickly capture screenshots of specific windows, regions, or the entire screen, providing a seamless way to document and share information.
Once captured, the Snipping Tool offers a range of annotation tools, including pens, highlighters, and text boxes, enabling you to add notes, highlights, and explanations directly onto your screenshots. Whether you're highlighting key information, circling important details, or adding context to your screenshots, the Snipping Tool empowers you to communicate effectively and efficiently. Additionally, you can save your snips in various formats, including PNG, JPEG, and GIF, or easily share them via email, messaging apps, or social media platforms, making collaboration and communication a breeze.
How to Switch:
To use the new Microsoft Teams app on your window's device, there should be a toggle at the top left corner of your menu bar.
This will prompt a pop up window. Select Get it now. The new teams will begin installing. The Microsoft Teams app will reboot to open the new Microsoft Teams.
Alternatively, if you do not see a toggle at the top left corner of your menu bar, you may select the following link to download the new teams directly from the Microsoft webpage.
Link to download: Download Microsoft Teams
Microsoft Teams Toggle
What's New:
You can now view your status in the Microsoft Teams icon in your taskbar.
Microsoft Teams was rebuilt for performance, operating quicker and much simpler than the previous teams. The new format allows for enhanced functionality while using less battery and memory of your device.
The new update downloads and installs faster, allowing for an increased ease of access for joining meetings and responding to messages. It also requires less memory and disk usage, increasing the efficiency of your device.
The New Microsoft Teams Look:
How to add Another Account
The new Microsoft Teams allows for multi-account support, meaning you will be able to add another account to your Microsoft Teams App.
To add a new account, select your profile picture at the top right of the application window. Then, select Add another account.
Adding another account to your Microsoft Teams desktop app will allow you to get notifications for both accounts, in real time.
You will be able to participate in different chats, calls, and meeting without having to manually switch between accounts.
You will also be able to set your status for each account individually.
For a more in-depth explanation of how to add another account, please visit Manage Accounts and Organizations in Microsoft Teams, or by following the link below:
Other Microsoft Teams-related Updates
View what else is new by following the link: Microsoft What's New in Teams.
Also, linked below is the starting video in Microsoft Teams Youtube Playlist covering Microsoft Teams:
How Microsoft Teams Used to Look:
October is Cybersecurity Awareness Month - CSA
It is CIS's responsibility to share some vital information about how to be safe while using the internet and managing yours and students' information.
Over the next few weeks, CIS will be releasing a weekly blog post that expands on four core topics for this year's CSA month: Phishing, Social Engineering (whaling), Passphrases for passwords, and Ransomware.
At the end of the month, there will be a quiz released to employees and students. Receiving 100% on the quiz will automatically enter the user into a raffle. The raffle will have two winners, one student and one employee, who will each receive a prize* from CIS!
Keep an eye out for the first blog post on October 9, and then every following Monday until the end of the month!
*Please note that prizes will be ordered once they are selected by the prize-winners. CIS will contact prize-winners when the prizes are ready to be picked up from the HelpDesk.
You can champion Cybersecurity Awareness Month by practicing and sharing the information we share this month with your friends and family. Each October, we try to raise awareness about digital security and empower everyone to protect their personal data from digital forms of crime.
Now in its 20th year, Cybersecurity Awareness Month continues to build momentum and impact. It is co-led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA).
Online Safety Basics - Learn how to protect yourself, your family and devices with these tips and resources.
Security Awareness Week 1: Phishing emails
What is Phishing?
Often carried out over email -- although the scam has now spread beyond suspicious emails to phone calls (so-called "vishing"), social media, SMS messaging services (aka "smishing"), and apps -- a basic Phishing attack attempts to trick the target into doing what the scammer wants.
Exactly what the scammer wants can vary wildly between attacks. It might be handing over passwords to make it easier to hack a company or person, or sending payments to fraudsters instead of the correct account. This information is often stolen by making requests that look entirely legitimate -- like an email from your boss, so you don't think twice about doing what is asked.
How would you identify a Phishing email?
Emails that contain the following should be approached with extreme caution, as these are common traits of phishing email:
- Urgent action demands.
- Multiple sources in the from email address line.
- Poor grammar and spelling errors.
- An unfamiliar greeting or salutation.
- Requests for login credentials, payment information, or sensitive data.
- Offers that are too good to be true.
Phishing is also a popular method for cyber attackers to deliver malware by encouraging victims to download a weaponized document or visit a malicious link that will secretly install the malicious payload on the person's computer. These kind of attacks mostly are trying to distribute a trojan malware, ransomware . These cyber hackers are hoping you don't look to deep into the email, that you just gloss over the details and click on the link, or download the attachment. Below is a screenshot of a phishing email, and you can see just how tricky they can be.
Why is Phishing called Phishing?
The overall term for these scams -- Phishing -- is a modified version of the word 'fishing' except in this instance the one doing this fishing is a scammer and they're trying to catch you and reel you in with their sneaky email lure. In most cases, they will send out many of these lures.
FUN FACT! - Why is Phishing spelled with a "Ph"?
The “ph” spelling of phishing is influenced by an earlier word for an illicit act: phreaking, which involves fraudulently using an electronic device to avoid paying for telephone calls. The people who perpetrated phreaking were called “Phreaks,” and since phreaks and hackers were closely linked, the “ph” spelling was used to denote the phishing scams involving these underground groups. Pretty cool!
We hope by sharing these resources with you, that you will have the tools and information necessary to make informed decisions when using the Internet.
Security Awareness Week 2: Ransomware
The CISA defines Ransomware as a "form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption."
Ransomware can be planted into a network using many methods, like Phishing and Social Engineering. Once it is planted, hackers locate and secure access to important files and move those files to a secure network of their own.
Oftentimes, a hacker needs only access into a network, and can gain such access in a myriad of ways. For example:
- By sending phishing emails requesting login information or containing malicious code(as we have seen in last week's post)
- Looking for weaknesses within your network's security
- Users are redirected to a suspicious website that infects their computer by browsing or prompts for them to download files off the internet.
Ransomware Double Attack
A double attack occurs when hackers gain access to a network, move that network's files onto a network they control, then encrypt the data and demand a ransom for a user to regain access and/or to prevent the public publication of those files. The risk: if the ransom is not met, the hackers will sell your data or publish it online.
Unfortunately, users are not typically aware of the attack until they are notified, often by a pop-up declaring the infection and demanding a ransom to receive the decryption key.
Regarding personal data files, law enforcement agencies advise against paying the ransom on such accounts. However, if you don’t have a good back up system, it may be cheaper to pay the ransom to regain access and return your important data.
Computer Safety Tips:
Regularly back up important and sensitive data to a separate drive.
Install and regularly update antivirus software on your device.
Exercise caution when following links in emails, text messages, and websites.
Be mindful of what files your are downloading from the internet and avoid suspicious sites.
SPU Employees SPU-Managed Devices:
Software and application patches, anti-virus updates, data backups, mandatory browser and security settings are all implemented by CIS and enforced on your school-issued devices.
However, it is still essential for all employees to use their best judgement when viewing emails and websites.
If you believe your system is compromised, we urge you to do the following:
Turn off your device.
Disconnect from the internet.
Disconnect your device from any and all external attachments (e.g., usb drives).
Call or email the CIS HelpDesk immediately (206-281-2982 or help@spu.edu)
Example 1. Fake websites
A cyber-criminal will design a carefully-worded phishing email which includes a link to a spoofed version of a popular website. The website imitates the layout of the original site to trick the victim into entering their account credentials.
Example 2. CEO Fraud
An attacker will take control of an email address familiar to the employee, such as their company’s CEO, Human Resources Manager, or IT admin. The hacker will assume this individual’s identity and ask the user to complete an urgent action, such as transferring funds, updating their personal information, or installing a new app.
Example 3. Malware
In these types of phishing attacks, an attacker will try to trick an employee into clicking on a malicious email attachment. Usually, this type of attack is carried out with a fake invoice or delivery notification.
If you think that the email may be legit, go to a link that you know is safe (one that you have save for the company) and log in from there. Or, you can always call the company and confirm or deny the validity of the email you received.
REMEMBER
If you don't recognize the sender, NEVER click on the attachments or links!
Example 4. Smishing
An SMS-based phishing attack in which a hacker will send an SMS or voice message asking the recipient to click on a link to accept a gift, change your password or call a number. The link will take them to a phishing website that they will use to try and gather more information from you.
Also, the link you click on could have malware in it. What does that mean? It could install a program on your phone that will allow the hacker to gain access to all your personal information, e.g. contacts, passwords, email, photos.
Example 5. Vishing
An unknown caller will call the victim and or leave a voicemail urging them to phone them back and hand over personal information, usually by impersonating someone from a trusted company.
The most common type of this is a Tech Support Call.
This attack is widespread in large companies where employees might not know or have met members of the tech support department. Scammers will pretend they need to do a computer update or repair and ask for the victim’s password to do it.
Education is key to beating these attacks. Frequently remind users that you will never ask them to divulge their password over the phone and that they shouldn’t do so under any circumstance.
Security Awareness Week 4: Passphrases and Canary Files
Zero Trust System
CIS is striving to get as close as possible to Zero Trust security system to secure infrastructure and data across SPU's network. A Zero Trust System requires all users to be authenticated and continuously validated for security configuration before being granted access into SPU's system.
A Zero Trust system is a framework that aims to prevent data breaches from both inside and outside the network. Since only individuals who have been authenticated and authorized for SPU's network can access entry points, adhering to this system provides an added layer of protection for all sensitive data that SPU stewards and prevents unauthorized access to easily accessible entry points.
This framework does not imply that SPU and/or CIS do not trust their students and employees, but rather acknowledges that breaches can occur from anywhere. This system is designed to prevent such incidents.
Multi-Factor Authentication (or MFA)
MFA is one facet of this system to help protect the SPU network and its users. All SPU users must link their SPU accounts with the Microsoft Authorization app on their phones. When students and employees sign into their accounts, SPU will automatically work to verify that the individual logging into the account has been authorized before granting access.
Creating a Strong Passphrase
It is also important for users to use a strong Passphrase or password for securing your account. A strong password will protect your account while also not containing any personally identifiable words; like your mother's maiden name or your childhood pet. It is also important to use a strong or complex password, as a more simple passphrase can be easily guessed.
Here are some key things to follow when creating a password:
- Use a combination of numbers, capitalization and special characters.
- Use a longer passphrase that you can easily remember.
- Don't use a password you have used before, or a slight variation of a pre-existing password.
Do NOT write down OR your share your SPU password with anyone.
Password Managing
If you are worried about keeping track of your passwords, use a password manager that will keep track and record all of your passwords and where they are used. It is also likely that your phone or Google account will have password tracking enabled.
For more information on SPU's Password Policies, please select here.
Canary Files
Canary files are false or fake files with anti-malware software embedded within them that notifies the user when there has been a breach in your device's security. The files are similar to normal files that would typically be stored on a device by a user.
The normal user will not normally access these files and instead they are acting as a form of bait for files that may be seen as valuable to cyber-criminals. Just like the practice of using canaries in coal mines to signal when it was safe for miners to work, Canary files exist as a prevention method against malware (including ransomware).
There have been rare cases of SPU employees discovering canary files on their device. If you come across canary files on your device, please contact the HelpDesk at (206) 281-2982 or at help@spu.edu for further assistance
Cybersecurity Awareness Month Quizzes
Thank you for joining us for this year's Cybersecurity Awareness month as we covered Phishing, Ransomware, Social Engineering (Spear Phishing), Passphrases, and Canary Files.
If you have questions or concerns about the topics covered, or would like to learn more, a student technician with the HelpDesk would be more than happy to assist! You can contact the HelpDesk by phone at 206.281.2982 or by email at help@spu.edu.
As a reminder, we are offering one quiz for Faculty and Staff and one quiz for Students to test their knowledge on the topics we covered this month. The quiz will remain open until November 15th, 2023.
A Few Rules to Follow:
- One quiz attempt per individual.
- A student may not take the employee quiz and employees may not take the student quiz.
- Only scores of 100% will be automatically entered into the raffle.
- Prizes will only be given out to the winning individual(s) after they have made their *selection.
- One prize per winner.
*Raffle winners will be contacted by CIS and choose their prize from the available options. Options include bluetooth speakers and/or gift cards.
Faculty and Staff Quiz Here
Student Quiz Here
CIS HelpDesk Operations
Helpdesk walk-in hours will be limited to 10am-4pm on weekdays. The helpdesk will no longer provide evening and weekend support. We also expect the current longer than historical response times on work requests to be the new normal.
Reason for the Change
There are three key drivers for this change: headcount reductions; the transition from salaried to hourly staff, and minimum wage increases without budget enhancements for several years have decreased student employee labor hours.
Centralized PC Purchasing Changes
CIS is changing the way computers are funded and refreshed to better steward limited resources. The Centralized PC Purchasing Policy has been updated to reflect these changes. This shift will mean the following:
- One PC / Knowledge Worker - CIS will provide one standard PC (Windows or Mac) to each employee classified as a knowledge worker. CIS will cover the up-front expense and a permanent budget transfer is no longer required.
- Second Devices - With very limited exceptions, all employees with more than one computer will be reduced down to a single device.
- Shared Computers - All shared computers (student / adjunct workstations, kiosks, etc.) will be reviewed for business need. Devices without a clearly explained need will be eliminated. Funding of shared computers by business units will not change. See the Centralized PC Purchasing Policy for details.
- Equipment Refresh Cycle - Equipment refresh cycle goals, under 5 years, have been increased by 1 year.
- Equipment Stewardship - All equipment will be "stewarded" by CIS. When positions become vacant, computers will be returned to CIS to be rebuilt and re-issued when a position is filled.
- Eliminated Equipment Budget - Funds stewarded by CIS to maintain/replace any eliminated equipment has already been returned to the institution to reduce the deficit.
Reason for the Change
The Centralized PC Purchasing budget has been significantly reduced to reduce overall institutional operating expense. The change necessitates a realignment of existing equipment investments and downsizing the numbers of computers on campus to fit within SPU's budget and support labor capacity. Returning equipment to CIS during employee transitions simplifies inventory and asset tracking processes, improves device security, ensures better use of resources, and sets new employees up for success with a freshly refurbished device.
Printer Program Changes
The fleet of Multi-Function-Printers (MFPs) will be reduced from 85 printers to 50 printers across campus. The locations eliminated were determined based on usage, distance to the next closest MFP, and accessibility. This change also necessitates the removal of sending print jobs directly to a printer. Secure Print will be the only option to print to the University MFPs.
Reason for the Change
Budget for the Centralized Printing program has been significantly reduced and requires downsizing of the MFP fleet. The shift to Secure Print significantly reduces complexity, support expense, and reduces the risk of printing sensitive information to publicly accessible printers.
Additional Service Reductions and Changes
AV Equipment Checkout
Audio/visual equipment for checkout from the CIS Helpdesk has been eliminated. CIS will develop a list of local vendors that rent equipment to support events.
AV Event Support
AV technology support for online and in-person events has been eliminated. CIS will develop a list of local contractors you may hire to provide these services.
Matthew File Shares
The current hardware platform past its end-of-life and will not be replaced. CIS will work with departments to transition their files to Document Libraries in Office 365 over the course of the '23-'24 Academic Year.
If you've been waiting for a good time to review, re-organize, or remove old content from Matthew, now is a great time since it'll expedite the migration process once we get started.
Reach out to cis-bst@spu.edu if you'd be interested in moving your department's files early in the process and we meet to start things moving.
Tableau for Data Reporting
The University's Tableau license for ongoing maintenance has been canceled. CIS will continue to operate the Tableau server in a locked-down fashion for some time, but expect most departments to slowly transition reports and dashboards to Power BI.
Project Management
The IT Project Manager position and project management services offered by CIS have been eliminated. CIS will continue to partner in the review of technology projects, but project management will now be done by the requesting department's leadership or professional services staff provided by technology vendors.