Tuesday, August 23, 2016

Classroom Technology Updates - Fall 2016

Reike Science Center - Leraas Lecture Hall
Over the summer I&TS User Services teams upgraded several classrooms to include smart podium technology, added new computers to some classrooms, upgraded computers in some classrooms to Windows 10 and Microsoft Office 2016, and upgraded TurningPoint 5 clicker software to TurningPoint Cloud 7. Read on for more details.

Classroom Podium Upgrades


New or updated classroom technology was installed in:
  • ADMN 211A, 211B 
  • HARS 109 
  • HONG 246A 
  • LIBR 332 
  • MGYM 103 
  • RCTR 103 (Leraas Lecture Hall), 116, 128, 212 

Computer and Software Upgrades


New computers with Windows 10 and Microsoft Office 2016 were deployed in:
  • HONG 246B 
  • MBRC 202 
  • RCTR 113, 210, 220 
  • XAVR 140 
Upgrades to Windows 10 and Microsoft Office 2016 were installed in:
  • ADMN 101, 202, 204A, 204B, 206A, 208, 211A, 211B, 212, 213, 215, 217, 219, 220, 221 
  • Garfield Station 22 
  • INGR 100, 109, 115A, 115B 
  • MBRC 116, 306, 322, 334 
  • OGYM 103, 104, 205 
  • RAMS 202, 203, 204, 205, 206, 207, 208, 317, 319 
  • UCTR 100, 133, 171, 201, 203, 214E, 214W

TurningPoint Cloud


Last spring, Turning Technologies rolled out their new clicker software, TurningPoint Cloud, to replace TurningPoint 5.X software. This summer we upgraded the Turning Technologies Sakai integration and classroom computers were upgraded with TurningPoint Cloud software 7.3. Visit the web page Making the Transition to TurningPoint Cloud for details and help documents describing what you need to do to prepare for using clickers in the Fall.

Have more questions? Contact itech@plu.edu for assistance or to schedule an Instructional Technology consultation.

Monday, August 15, 2016

Fall 2016 Technology Workshops



Check out the schedule of Fall 2016 Technology workshops at http://www.plu.edu/itech/workshops/ along with full workshop descriptions and registration information. Workshops include a diversity of topics, including:
  • Google Docs and Drive Collaboration 
  • Prezi Basics
  • Web Conferencing Tools
  • HTML Basics
  • Intermediate Excel
  • Photoshop Basics
  • Using Qualtrics Survey Software
  • InDesign Basics
  • Backups and Data Security at PLU
  • Windows 10 and Office 2016
For a complete listing of workshops and their descriptions, see the workshop listings page.

If you have a particular need for specialized and customized technology workshops for your class or department, contact Layne Nordgren (layne.nordgren@plu.edu, 253-535-7197) and we'll do our best to meet your specific needs.

Need one-on-one assistance with technology? Contact itech@plu.edu to schedule a consultation. We'll find the right staff to assist you with your specific needs. In addition, Instructional Technologies provides a design lab with computers and software for digital editing projects. The Digital Design Lab is located on the first floor of the Library near the Help Desk.

Friday, July 22, 2016

Classroom Podium Computer and Software Upgrades - Summer 2016

During the summer of 2016 I&TS User Support team will be upgrading many of the newer computers across campus from Windows 7/Office 2013 to Windows 10/Office 2016. In addition to computers used by individual departments and faculty and staff, these upgrades will affect many of the classroom and lab computers. If you are scheduled to teach in any of the affected classrooms this fall, the User Support team will be sending out an email notification to you to prepare you for the change.

With the updates there will be some noticeable differences with the new versions of the software that you may want to familiarize yourself with. Please see the following workshop and web links for more information:

Workshop

Windows 10 and Office 2016
9/29/2016 at 1:00 PM – Library 331
Discover some tips and tricks with working with Windows 10 and office 2016. This class focuses on the changes with Microsoft’s newest versions of these products and covers several of the most common questions we get about them.
Register at http://goo.gl/lFCGPG

Web Resources

Wednesday, June 8, 2016

PLU ePass Account Password Expiration

Your PLU ePass password provides you access to computers on the PLU domain as well as a variety of web resources including Gmail, the Sakai Learning Management System, Google Apps for Education, and library resources. Beginning on June 8, I&TS will begin enforcing ePass password expiration rules for PLU ePass accounts. If your password is set to expire, you will receive a series of email notifications to inform you of the need to change your password. These emails will provide a buffer so you can change your password at a time that is convenient for you. However, once your password expires, you will need to change your password at https://epass.plu.edu before you can log in to any other PLU resources.

Strengthen Your Password


To protect your personal information and privacy, it is important that you have a strong password. Changing your password is an opportunity to rethink how you might choose one that is more secure and easier to remember than those you have created in the past.

Visit the Change Your ePass Password page to change your password.
Strategies for Increasing Password Strength
The stronger your password, the longer you can keep it without it expiring. Below are some strategies for increasing your password strength. You’ll get interactive feedback as you update your password.

  • Longer passwords are more secure because it takes hackers longer to crack them when employing a brute force method. Consider using a password phrase with 16 to 24 characters.
  • Increase the number of alternatives for each character by using a mix of uppercase, lowercase, numbers, and symbols.

  • Computers are great at trying patterns to guess a password.  Avoid using:
    • your ePass username, PLU ID, first & last name, email, and email alias
    • dictionary words
    • keyboard spatial patterns like: qwerty, asdf, or zxcvbn
    • repeating characters like:  aaaaaaa or 1111111
    • sequences like:  abcdef, 654321, years, dates, or zip codes

More Information and Help


For more information on changing your PLU ePass password, visit the ePass Accounts web page and the PLU ePass Password Requirements Quick Guide.

For assistance with changing your PLU ePass password, contact the PLU Help Desk at 253-535-7525 or helpdesk@plu.edu.

Tuesday, February 9, 2016

Fraudulent Email and Phishing Redux

Example of phishing email (click to enlarge)
Yet another round of fraudulent "phishing" emails have been sent across Campus masquerading as an official email warning users that their accounts are about to be shut down unless they are verified.

As we have noted multiple times during these campaigns, the Help Desk will never solicit your account information. All of our account work is done via our ePass website [epass.plu.edu], and we will not intentionally put your account into a position where it cannot be recovered.

Given how these emails continue, we felt it would be appropriate to pass on a small FAQ to help better inform the PLU community about these phishing emails.

Summary

  • PLU (I&TS) will never solicit your account information via email
  • If you ever have even the slightest inkling that an email might be fraudulent, do not do anything with it and call the Help Desk at 253-535-7525
  • If you have clicked on any links in these emails or responded to them, call the Help Desk at 253-535-7525
  • This phishing campaign has been attacking users for several months, taking over PLU accounts and sending more phishing emails from PLU accounts
  • They often include PLU logos to mimic official PLU emails and claim to be from the non-existent PLU Webmail Management Team

FAQ

Q: What exactly is a phishing email?
A:  A phishing email is basically an email meant to trick users into revealing sensitive information, "baiting" them into giving out private info such as passwords, credit card information, etc.

Typically, a phishing email will masquerade as coming from an official source, often claiming to either have important information for the user or claiming that their "account will be terminated" if the user doesn't give out their password information.

Unfortunately, methods will vary from phishing email to phishing email.

Q: How can I tell if an email is a phishing email?
A: Most phishing emails are plagued with:
  • Spelling errors
  • Grammatical mistakes
  • Strange use of punctuation
  • Bits of "code" showing in the email
  • Vague claims or threats towards your account
  •  Inconsistent or incorrect information about the account system
Q: Why is this still happening months after the initial email?  Can't these emails be stopped?
A:  The way this particular phishing campaign is working is to send out as many emails as possible to PLU emails, collect a few accounts, sit on these accounts for a bit while sending out more emails, and continue to collect more accounts.  Every time the attackers get another account, they can send out hundreds of emails; if even one person responds, that's another account and another couple hundred emails.

It's a vicious cycle that we can only break by educating users about the existence of these emails.  While we do our best to shut down the accounts as soon as we receive a report, usually we don't get a report until after a few minutes of sending, which can be hundreds of emails by that point.

We are considering other alternatives system side, but we need to be vary careful about such alterations as they can affect the receiving of legitimate emails as well.

Q: What do the attackers have to gain by doing this?
A:  Just more sources to spam people with.  Once the spammers have a sufficient number of accounts stocked up, they can start sending out spam emails to other people.  Often times we will cleanse an account and find that it has been altered to look like a bank or a school or a credit union.

Q: What should I do if I have responded to one of these emails?
A:  Change your password immediate by going to epass.plu.edu [epass.plu.edu] and call the Help Desk at 253-535-7525.  We will need to walk you through cleaning your account to ensure that no one else has access.

Q:  Is there anything I can do to help combat these emails?
A:  Yes!  Continue to report them to us every time you get one.  It may seem futile or redundant, but the sooner we know about a new wave, the sooner we can take action.

Tell your colleagues and friends about the phishing emails and about how they can learn more about them; the more people that know, the better chance we have that the phishing waves will be ineffective.

Wednesday, July 8, 2015

PLU ePass Login Service Disruption

WHAT: PLU ePass Login Service Disruption 

Current Status: Resolved

Description:  As of some time this morning (Wed., July 8), users had been been experiencing a service disruption with the PLU ePass login system, preventing access to such services as Sakai, Gmail, Google Apps, and Web Help Desk. At approximately 12:15PM the issue was resolved and access to the affected resources have been restored. Please contact the I&TS Help Desk at 253-535-7525 if you have any remaining issues getting access to any of the affected resources.  Additional information is available at www.plu.edu/status.

Monday, August 4, 2014

Fraudulent Emails continue to plague PLU Community (or "What exactly is a Phishing email?")

Good Morning!

As many of you probably saw this weekend, yet another round of fraudulent "phishing" emails have been sent across Campus masquerading as an official email warning users that their accounts are about to be shut down due to exceeding their storage limit.  While it may be easy for many of us to write these off as non-sense, the newest batches have become progressively more convincing to the point that even seasoned users would require a bit of research to determine their authenticity.  

From a purely technical standpoint,
this fake email is a thing of beauty

As we have noted multiple times during these campaigns, the Help Desk will never solicit your account information like this.  All of our account work is done via our ePass website [epass.plu.edu], and we will not intentionally put your account into a position where it cannot be recovered.

Given how these emails continue to grow in their elaborateness, we felt it would be appropriate to do a more extended write up with a small FAQ to help better inform the PLU community about these phishing emails.


Summary:

  • PLU (I&TS) will never solicit your account information via email
  • If you ever have even the slightest inkling that an email might be fraudulent, do not do anything with it and call the Help Desk at 253-535-7525
  • If you have clicked on any links in these emails or responded to them, call the Help Desk at 253-535-7525
  • We post up-to-date information on the phishing emails going around on our Twitter @PLUHelpDesk
  • This phishing campaign has been attacking users for ~5 months, taking over PLU accounts and sending more phishing emails from PLU accounts
  • They often include PLU logos to mimic official PLU emails and claim to be from the non-existent PLU Webmail Management Team
It is imperative that we let as many people know about the existence of these fraudulent emails; the more people know, the less likely they are to actually respond to them.  I&TS has been using the Help Desk Twitter @PLUHelpDesk to notify users about the phishing emails, but we would love to know your preferred method of communication!  If you can think of a means of communication you'd prefer we use, let us know, and we will do our best to oblige.





FAQ:

Q: What exactly is a phishing email?
A:  A phishing email is basically an email meant to trick users into revealing sensitive information, "baiting" them into giving out private info such as passwords, credit card information, etc.

Typically, a phishing email will masquerade as coming from an official source, often claiming to either have important information for the user or claiming that their "account will be terminated" if the user doesn't give out their password information.

Unfortunately, methods will vary from phishing email to phishing email.

Q: How can I tell if an email is a phishing email?
A: Most phishing emails are plagued with:
  • Spelling errors
  • Grammatical mistakes
  • Strange use of punctuation
  • Bits of "code" showing in the email
  • Vague claims or threats towards your account
  •  Inconsistent or incorrect information about the account system
In the most recent instances, however, the phishers have gotten really fancy and upped the ante.  These most recent emails appear to be very real, as they include the PLU logo, are fairly free of any spelling or grammar mistakes, and even include our actual address!  (That was particularly surprising)

The only give-away on this wave of phishing emails was that the process for updating account info was completely wrong (we do everything through epass.plu.edu), and that we would never shut down your account in this fashion.  Also, we don't have a Webmail Management Team, and nothing would come up if you searched it.

These phishing emails were so well crafted, the only thing "wrong" about them was that they didn't send you to our actual epass.plu.edu page, which was done by design.  

Q: Why is this still happening months after the initial email?  Can't these emails be stopped?
A:  The way this particular phishing campaign is working is to send out as many emails as possible to PLU emails, collect a few accounts, sit on these accounts for a bit while sending out more emails, and continue to collect more accounts.  Every time the attackers get another account, they can send out hundreds of emails; if even one person responds, that's another account and another couple hundred emails.

It's a vicious cycle that we can only break by educating users about the existence of these emails.  While we do our best to shut down the accounts as soon as we receive a report, usually we don't get a report until after a few minutes of sending, which can be hundreds of emails by that point. 

We are considering other alternatives system side, but we need to be vary careful about such alterations as they can affect the receiving of legitimate emails as well. 

Q: What do the attackers have to gain by doing this?
A:  Just more sources to spam people with.  Once the spammers have a sufficient number of accounts stocked up, they can start sending out spam emails to other people.  Often times we will cleanse an account and find that it has been altered to look like a bank or a school or a credit union.

Q: What should I do if I have responded to one of these emails?
A:  Change your password immediate by going to epass.plu.edu [epass.plu.edu] and call the Help Desk at 253-535-7525.  We will need to walk you through cleaning your account to ensure that no one else has access.

Q:  Is there anything I can do to help combat these emails?
A:  Yes!  Continue to report them to us every time you get one.  It may seem futile or redundant, but the sooner we know about a new wave, the sooner we can take action.

Tell your colleagues and friends about the phishing emails and about how they can learn more about them (@PLUHelpDesk); the more people that know, the better chance we have that the phishing waves will be ineffective.