Latest SRSU COVID-19 Information

President's Statement and Latest Announcements


Click For More

Author Archives: Dave Gibson

About Dave Gibson

Chief Information Officer at Sul Ross State University

Ransomware – One Year Later

It was one year ago today that we experienced the ransomware event that challenged all of us and changed the way we think about technology.

As I look back at this event and the corporate response, I feel a combination of pride and thankfulness for the way everyone pitched in to get us past the initial attack: the support and kindness offered to the OIT team members while they dealt with this difficult situation, everyone’s willingness to figure things out on the fly until systems were restored. Without your help and support, getting things back to normal would have been more difficult, maybe even impossible.

The reality is that an event like this never completely leaves us and could happen again. The folks in the black hats never stop trying and due to the complexity of technology in the 21st century, there are more ways than ever to attack.

What has changed? Today, we have better software on our computer to detect and remediate the malware designed to steal or destroy our institutional information. We hired a security specialist to spend more time watching for and dealing with these attacks. We’re using encryption on more devices to protect the information stored on them in case of an attack. And, we are putting more time and effort into educating everyone on the possibilities of another attack and how prevent it.

Even with all these changes in place, our best hope for keeping the bad guys out is you. You do this every day by being vigilant against all forms of attack. You do this when you “Don’t Click” an attachment or link in an email you were not expecting. For all of this I say, “Thank you.”

I want to offer a special thanks to the people in OIT who work hard every day so that systems run, email messages (the right ones) are sent and received, checks are cut, POs generated, networks network, and computers, those infernal machines that they are, connect to give us the ability to create and share. I specifically want to thank the OIT team for getting us back to our new normal. It was a Herculean task and I am thankful for what they accomplished.

Now, we look forward. We look to newer, better, faster things than we have had in the past: better classrooms, better applications, better security, better experiences. We ask for your help in this next phase of our technology journey. It will not be easy and we will hit a few bumps in the road. With your help, we can get there.

Microsoft 365 Office Suite Available for Free Download

Current students of Sul Ross State University have access to the Office Suite, Word, Excel, Powerpoint, and other applications through a download link in Microsoft 365 (https://office.com). Only current student, those that are actively attending classes (does not include those auditing a class), are licensed for the download.

Under the agreement between Sul Ross and Microsoft, you are allowed to download and install any of the Microsoft Office applications on as many as five devices, including desktops, laptops, tablets and smart phones.

Here are some resources to assist you in the download and installation processes.

Follow the link below (requires login) for a video to that shows how to download and install the applications you need.

https://web.microsoftstream.com/video/b6c18088-4a48-47e4-a6db-48e71ed99d82

Additional information from Microsoft is linked below:

To download and install on PC or Mac

https://support.office.com/en-us/article/download-and-install-or-reinstall-microsoft-365-or-office-2019-on-a-pc-or-mac-4414eaaf-0478-48be-9c42-23adc4716658

To download and install on a mobile device

https://support.office.com/en-us/article/set-up-office-apps-and-email-on-a-mobile-device-7dabb6cb-0046-40b6-81fe-767e0b1f014f

If you have any questions or need help with this process, please call us at 432-837-8888.

Like us on Facebook @sulrossoit

Follow us on Twitter @srsuoit

See us on Instagram @srsu_oit

Zoom: Is It Safe to Use?

I want address some of the hyperbole around Zoom and the recent issues that have surfaced as Zoom has become a considerably more popular and widely-used application during the COVID-19 pandemic. 

Updated 4/9/2020:

Here are a number of updates from our contact on Zoom. This is a list of features they have updated over the last week or so.

Security Toolbar Icon for Hosts

  • The meeting host will now have a Security option in their meeting controls, which exposes all of Zoom’s existing in-meeting security controls one place. This includes locking the meeting, enabling Waiting Room, and more. Users can also now enable Waiting Room in a meeting, even if the feature was not turned on before the start of the meeting. For more information, please visit this recently published Blog.

Invite Button on Meeting Client Toolbar

  • The button to invite others to join your Zoom meeting is now available at the bottom of the Participants panel

Meeting ID No Longer Displayed

  • The meeting ID will no longer be displayed in the title bar of the Zoom meeting window. The meeting ID can be found by clicking on Participants, then Invite or by clicking on the info icon at the top left of the client window.

Remove Attendee Attention Tracking Feature

  • Zoom has removed the attendee attention tracker feature as part of our commitment to the security and privacy of our customers. For more background on this change and how we are pivoting during these unprecedented times, please see a note from our CEO, Eric S. Yuan 

Removal of the Facebook SDK in our iOS client 

  • We have reconfigured the feature so that users will still be able to log in with Facebook via their browser

File Transfers

  • The option to do third-party file transfers in Meeting and Chat was temporarily disabled. Local file transfer is available with our latest release. Third-party file transfers and clickable URLs in meeting chat will be added back in an upcoming release

New Join Flow for the Web client

  • By default, users will now need to sign in to their Zoom account or create a Zoom account when joining a meeting with the Web client. This can be disabled by the Admin or the User from their settings page

Join Before Host Emails Disabled

  • Notifications sent to the host via email when participants are waiting for the host to join the meeting have been disabled.

Setting to Allow Participants to Rename Themselves

  • Account admins and hosts can now disable the ability for participants to rename themselves in any meeting. This setting is available at the account, group, and user level in the Web portal.

Language for Directory and Company Directory (please note, this does not impact your account)

  • Domain contacts: For free Basic and single licensed Pro accounts with unmanaged domains, contacts in the same domain will no longer be visible. We’ve also removed the option to auto-populate your Contacts list with users from the same domain. If you would like to keep those contacts, you can add them as External Contacts.

Change in visibility of contacts with same domain (please note, this does not impact your account)

  • For Basic and single licensed Pro accounts with unmanaged domains, contacts in the same domain will no longer be visible under ‘Company Directory’ in the ‘Contacts’ tab. Consequently, for the single Pro accounts with unmanaged domains, we’ve removed the option in the admin experience to populate Company Directory with users from the same domain. If these affected users would like to keep contacts with the same domain, they can add them as External contacts. This change will not impact paid accounts with multiple licenses and all accounts with managed domains.

Growth of this magnitude for any technology product attracts legitimate users and also the attention of malicious actors who seek to abuse or compromise the platform.  This attraction, particularly by those with mal intent, is the same faced by any technology company, including Microsoft, Cisco, Blackboard, Ellucian (Banner) and many others.

It is difficult for any vendor to anticipate every fracture that results from heavy and continued usage, particularly by those with evil intentions.  All technology at some point will fail: some is small ways, others in more pronounced ways .  The challenge for any technology organization, whether that is Zoom, Microsoft or OIT, is how to react to the failure. 

Zoom has experienced issues in recent weeks.  Zoom Bombing, that is interrupting a class lecture or a meeting by hijacking a meeting to display inappropriate, vulgar or racists material on the Zoom connection, is the most pronounced and obvious way the Zoom meetings have been attacked recently. 

As these events occurred and were discussed in the media, Zoom provided solutions for the issues and communicated to their customers in a matter of hours.  And Zoom continues to provide fixes for their software to ensure all of us have the best  and safest experience possible.  See this article, https://medium.com/@0xamit/zoom-isnt-malware-ae01618e2046, authored by security professionals for a perspective on Zoom’s response to recent attacks.

Additionally, here is a message from the CEO of Zoom detailing the approach they took when this all started, including actions taken by Zoom and what they continue to do to ensure the best experience possible: https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-users/.

Allow me to address some of the more talked about issues that you may be aware of.

  1. Zoom Bombing: Most of the attention surrounding Zoom currently is focused on Zoom Bombing. Zoom’s product is designed to be very flexible and to be able to easily accommodate attendees from outside of your organization. That flexibility provides the host of a meeting a great deal of flexibility in how strict or lax they want to be in protecting their online meeting. Here is an article that provides guidelines provided by Zoom to help prevent Zoom Bombing: https://blog.zoom.us/wordpress/2020/03/20/keep-uninvited-guests-out-of-your-zoom-event/.  Those of you hosting classes in a Distance Education Room need to contact OIT for assistance as those spaces require special handling in regards to managing your guests.

One action you can take, if you are concerned about Zoom Bombing, is to password protect your meeting.  This is done by selecting the Require Meeting Password checkbox on your Zoom MeetingID setup and supplying a reasonably complex password.  Share this password with your students or other staff members so they can attend the meeting.

  1. Zoom Encryption: Encryption is defined as providing cryptographic assurances that only the individuals that are supposed to see a message can do so.  End-to-end encryption (E2E) describes a system where content is encrypted when it is stored (sitting on a hard drive or server) and when it is being transmitted (sent over the internet or a network). Zoom does guarantee E2E for every device attached to a Zoom meeting that is using their software for a connection.  If you use the Zoom app on a desktop, laptop or mobile device to connect to Zoom, your connection is end-to-end encrypted.  If you use one of the Distance Education rooms to connect to Zoom through a Conference Room Connector (CRC), which is what we do with our DE rooms at Sul Ross, the connection is end-to-end encrypted as well once it connects to the CRC in the cloud.  One device that is never E2E is a telephone connecting over a traditional land line.  As state in the article on encryption, Zoom’s goal is to “keep data encrypted throughout as much of the transmission process as possible.”  If you would like more information on encryption methods used by Zoom, see this article: https://blog.zoom.us/wordpress/2020/04/01/facts-around-zoom-encryption-for-meetings-webinars/.   
  1. Zoom Privacy: Zoom sharing usage data with Facebook has been a recent headline. The Facebook sharing was limited to the IOS mobile app, involved aggregate metadata only, meaning there is no evidence that identifiable or sensitive information is being shared without user consent, and was removed after the PR backlash that resulted from this awareness.  Zoom addresses where they share data with third-parties in their privacy policy at https://zoom.us/privacy.

My intention is not to convince you to use Zoom.  If you are uncomfortable using Zoom for your classes or your meetings, I encourage you to look at one of our other supported applications such as Blackboard or Microsoft Teams.  My goal here is to break through much of the hyperbole in the media and to assure you that while some issues surfaced recently with the Zoom product, it is a good solution for your meeting needs and comes with a great deal of usability, stability and security.  I am comfortable recommending the use of Zoom for any of your classes or meetings.

If you have questions, feel free to contact me directly.  If you need assistance with any of the configuration items in Zoom, please contact my staff at the Helpdesk and we will guide you through those discussions.

Applications Update – July 2019

This blog lists the applications and services that are now available for your use. If something is missing or needed, please contact me or LTAC and we will add to the list.

  • Banner 8 and 9 (only available on campus)
  • LoboOnline (Banner Self Service)
  • Blackboard
  • ImageNow
  • mySRSU
  • Email
  • Evisions Suite (Argos, Form Fusion, Intellicheck)
  • DegreeWorks
  • Office 365, including Sharepoint sites, OneDrive and Teams

Applications and Services we are working on at this time

  • Network Shares – once the network shares are available, we will encourage each individual and department that has a network share to migrate their data to Office 365.

You may contact LTAC at techassist@sulross.edu, 432-837-8888, x.8888, or toll free at 888-837-2882.

Like us Facebook SRSUOIT

Follow us on Twitter @SRSUOIT

Projects for Summer 2018

The Office of Information Technology is busy with several projects and updates over the summer.  Here is a list of some of our most important project on our plate along with status and possible completion dates.

  • PBX/Server Room Updates.  The Systems and Networking team is busy with two significant updates in our PBX/Server room.  They are working with Dell to install new servers that provide faster processing capabilities and higher throughput.  These new servers are used to run many of our institutional applications, including email, Banner, Perceptive Content (formerly ImageNow) and others.  These new servers will allow us to continue to offer these services for the next several years.  Dell is scheduled to be onsite July 17 and 18 to install the new hardware.  Over the few weeks following the install, all the applications will be migrated to these new servers.  There should not be any downtime associated with this installation and the migration to this new hardware.  The Systems and Networking team is also replacing a number of aging network switches in this space to ensure we can maintain the network connectivity you are used to seeing across the campuses and to the internet.  These new switches will be installed during the August timeframe.  Expect some downtime with this upgrade.
  • Banner 9.  The next iteration of Banner, our ERP solution that includes the student information system, finance system, human resources system, and others, is being updated and tested.  The advantages of this software over previous versions of Banner is it not longer requires java on the local computer, it runs in a larger number of browsers, and can be accessed through our single sign-on mechanism.  The software has been installed, is being tested, and is slated to be the only version of Banner we run sometime during the fall semester.
  • Touchnet OneCard VIP Solution.  Our existing ID Card system, installed in the mid-2000’s, is old and difficult to keep running.  To replace this old system, SR has contracted with Touchnet, our bill payment provider, to implement their OneCard VIP (?) system.  The initial phase of this project will replace the current card reader locations one-for-one and provide a supported, stable environment for us to grow with.  Locations for this upgrade include Lobo Village 1, 2, 3 and 4, Fletcher Hall, Warnock Science, Centennial, ANRS and the Museum.  A new location, ACR, will be added to the system to allow us to experiment with the wireless access system Touchnet is selling now.  If the wireless systems performs as advertised, expanding into other locations across the Alpine campus will be easier since we won’t be required to pull wire to each access location.  With this update, the card production facilities are to moved to Lawrence Hall, in the one-stop-shop located on the first floor of that building.  We are on schedule to implement this new system between July 30th and August 3rd.
  • Switch/Network Updates for RGC Campuses.  The switch hardware for the Del Rio and Eagle Pass campuses is in need of updates.  The Networking team has already completed the needed updates in the Del Rio Campus and will perform the same updates for the Eagle Pass campus during the fall semester.  In the fall, we will consider replacing some of the switches that are beyond their life expectancy and are no longer supported by the manufacturer.
  • New Classrooms for RGC Campuses.  The Educational Technology Director and LTAC are building six new classrooms for the RGC campuses, two at each location, with equipment salvaged from the Castroville site.  These classrooms allow more offerings at those locations in support of student demand at those campuses.  These classrooms are scheduled to come online before the start of the fall semester.
  • Fire and Safety Systems Updates.  A number of repairs and updates are being applied to the various safety systems across the Alpine campus (SWTJC provides these updates to the RGC campuses).  These include updates and repairs to fire alarm systems, fire sprinkler systems, the current card access systems, and others.  These repairs and updates are already in place or to be completed in time for the start of the fall semester.
  • Print Management via Papercut.  The team in LTAC is installing and configuring an application, Papercut, that is used widely for print management.  Once the software is installed and running, it will be used to monitor printing activity in labs, some classes, and in locations where printers are generally available, such as the Library.  For at least one long semester, data is to be collected on these locations in order to determine who is printing and how much are they printing.  The software will be ready for the start of the fall semester.
  • Disaster Recovery Replacement.  For the last 4 years, servers at an alternate location have been used as a backup location in the event of a disaster  that requires us to run our applications from an alternate location.  This hardware is now nearing its end of life and needs replacement.  The OIT staff are pulling together information and developing alternatives for this important feature.  While new solutions won’t be in place until next summer, this evaluative process is the starting point for determining where we need to go next.  Alternatives include:
    • Expanding the use of alternative systems we already own
    • Cloud-based options
    • Third-party options
  • Annual Risk Assessments.  OIT and other areas of the institution are required to perform an annual risk assessment on the state-owned information resources available to us.  This analysis allows us to understand and develop plans for the risks associated with these assets.  Over the remainder of the summer, OIT will work with other departments to complete the risk assessments for 2018.
  • General Lab and Classroom Cleanup.  Each summer, while many of our academic spaces are not in use, LTAC reimages and cleans up many of the computers in these spaces to ensure they are ready for the coming academic year.  For example, this summer LTAC is working on LH 300, LH309, Ferguson 201, and others.  This includes cleanup of computers as well as the physical space. These updates are to be completed before the start of the fall semester.
  • Security Camera Expansion.  We are evaluating locations for an expansion of the current security camera system.  A number of locations have cameras and recorders that are no longer functioning and need to be replaced.  Additionally, a number of new locations need to be brought online to ensure we have adequate coverage for the campus.  This evaluative process is to be completed this summer with the expansion work being completed in the fall.

 

Telephone System Team

The day has finally arrived and the new phone system is ready to go.  The team pictured here all had a hand in some aspect of this project.  Today, we’ll be out and around the campus ensuring that all the phones come back to life and that everything is working to the satisfaction of our campus partners.

 

  Can’t say enough about each of the SRSU team members and also want to thank the folks from Big Bend Telephone for the support through this project.

 

OneDriveforBusiness Now Supports Version History for All File Types

OneDrive is a great place to store all your important documents.  Prior to the recent announcement from Microsoft, while you could store and edit almost any file type on OneDrive, only Microsoft Office documents allowed you to store and edit multiple versions of a file.

Microsoft today (7/29/2017) announced that version history is available for all (yet to be defined) file types and not just Office files. This allows you to look at and edit previous versions of older PDF and CAD files, for example.

“Previously, version history only supported Office files. Now, version history is compatible with all file types, so you no longer need to worry about your PDFs, CAD files or even your photos and videos getting accidentally edited—you’ll always be able to restore or download a previous version”

See more at this web page:
https://blogs.office.com/en-us/2017/07/19/expanding-onedrive-version-history-support-file-types/

Phishing Attempts: Internal Communications Work

I’m not the most consistent blogger around. And when I do blog, it is typically meant for the internal audience at my institution. I’m usually try to tell them about a new feature we’ve implemented or warn them about an issue we see that could impact our computers, network or servers.

In this post, however, I want to turn my attention to those outside of the institution and, in particular, to those inside the various IT organizations, such as CIOs, ISOs, Comm Managers (if you are lucky to have someone like that in your staff), generally anyone that has responsibility for communication from IT to your institution/organization centered on IT opportunities or issues. And, my message is very brief: Communications work!

As the CIO/ISO for my institution, I have responsibility for much of the communication outside of the Office of Information Technology (OIT). When we have a new offering or see an issue on the horizon, I sometimes blog about it, put it in social media (or have my assistant do that), and often wonder if it makes a difference. I also email the campus on a regular basis (at least monthly) and use the various venues I have to speak to the campus about these things. But, still, that small voice in the back of my mind ask that question again, “Does it make a difference?”

I say it does make a difference and encourage you to start or continue your communications practices because they do work. It is also safe to say that if you don’t communicate then you will have no positive impact whatsoever. That much I can assure you of.

Our campus constituencies often see stories on TV, on social media, and other venues that inform them about a major breach, virus infection, or new opportunity from Microsoft, Google, Amazon, or Facebook. My job and a primary reason for the communication from my office is to let them know that I am also aware and that my staff is keeping their eyes on things. The worst thing I can do is leave them wondering if I know or care. I see the same things they see and I want them to know that I am aware and am concerned.

How do I know communication works? As I walk across campus and meet people on the sidewalk, they like to say things to me such as, “I didn’t click today!” which is an obvious reference to the number of phishing attempts we all see on a regular basis. I might also hear a thank you for letting them know about that new software feature or that opportunity to learn more about this or that.

Today, I received another phishing attempt. This one was in Italian. Thankfully, I can still read a few words of Italian from the time I lived there many years ago and knew it was an attempt to get me to follow a link in the message. But, here is the great thing I realized. Due to the communications I have sent over the last few years and the speeches I have given about being careful on the internet, I feel that most of the people at my institution are aware of these opportunities and know not to click. I recognize that not everyone will get it and sometimes people just forget. Stuff will happen. But, I feel better knowing we have communicated to and educated the Sul Ross institution and have confidence that our risk is lowered by taking time to educate our members. And that helps me sleep better at night and have a more relaxing weekend (I’m writing this in Saturday morning after all).

My encouragement to you is to communicate or continue to communicate if you are already doing so. Does it work? Absolutely. Is it a panacea for all our IT problems? Absolutely not. But, I assure you, it helps our institutions and it helps the CIO and the ISO to sleep a little better and enjoy their time off a bit more. And there is nothing wrong with that.

Thanks for reading.

Access to Office 365 and OneDriveforBusiness

We changed the way you access Office 365 and OneDrive for Business.  In the past, it was common to go to the Sul Ross Home Page (www.sulross.edu), and click on Office 365 in the Quicklinks menu.  That link has been removed and access to Office 365 and OneDriveforBusiness is now through mySRSU, the Sul Ross portal.  View these quick videos below for how you access these two helpful web applications today.

Open Office 365

Open OneDrive

 

 

 

mySRSU: Update on Single Sign On (SSO)

mySRSU logo
By now, many of you have logged into and used mySRSU, the portal offering for the campus.  As you have done so, you have experienced that not all of the links and applications within mySRSU use Single SIgn On (SSO).  Here is an explanation for this behavior in mySRSU and information about what to expect going forward.

The goal is for everything we offer in mySRSU is that you only have to log in once and have access to all the content and applications within the application.  As of today, not all of the links to information in mySRSU are working as expected.  Specifically, the Email and One Drive links are challenging because Microsoft uses a different authentication mechanism than mySRSU.  We are trying to figure out how to get these Microsoft application links to align with the vision of mySRSU.  This will happen but will take longer than originally planned.  The Lobo Online link is a similar issue.  We are working with Ellucian on resolving this authentication challenge and hope to have a solution in place in the next two or three weeks.

As for Blackboard, the authentication is working.  If you log into mySRSU and then click on the Blackboard link within 10 minutes, you will be taken to Blackboard without having to log in again (after you hop through the official Blackboard page).  The issue here is that the SSO engine only respects your original credentials for 10 minutes (600 seconds to be exact), after which you must provide your LoboID and password again for any new applications, in this case Blackboard.  Once again, we are working with Ellucian on this issue.  We are asking them to increase the amount of time EIS respects the credentials for your login.  This is actually fairly easy to do.  The challenge is finding the right amount of time so we are not inadvertently leaving apps open for hours at a time, putting your data at risk.  We recognize the timeout as it is today is too short.

As you use mySRSU and find other concerns, please use the feedback button at the bottom of the page.  This feedback helps us improve your experience.