Fall 2015 IMO MEETING Pace University | Information Technology Services Fall 2015 IMO Meeting Agenda 1. ITS Updates 2. Academic Technologies: Summer Builds Update 3. IT Security: National Cyber Security Awareness Month Presentation 4. Questions and Feedback ITS Updates 1. 2. New IT Staff Newsletters 1. Exchange Email Upgrades 2. IE 11 Update 3. Lecture Capture Cleanup Reminder ITS Updates 4. New Services 1. Adobe Document Cloud eSign (formerly EchoSign) 2. PollEverywhere 3. LabArchives 4. EndNote 5. Kaltura 5. PC Replacement Update 6. Student Tech Fee Changes 7. New and Upcoming Operating Systems 1. El Capitan 2. Windows 10 Academic Technologies: Summer Builds Update George Chacko (gchacko@pace.edu) Summer Builds Wrap-up Classroom Type Current Basic Build Classroom 99% of classrooms are equipped with technology (Projector, PC and video playback) Advanced Classroom 37 classrooms between NYC and PLV are equipped with interactive boards and integrated webcams Video Conferencing spaces 2 pairs of fully integrated Video conference spaces. Active learning Classrooms Currently we have 2 ALC rooms in PLV and 3 more coming this fall: 1 in PLV (willcox lecture hall) and 2 in NYC (W510 and 511) Type of upgrade PLV NYC Total Basic 25 71 96 Video Conferencing 1 1 2 Advanced builds 6 5 11 Web conferencing enabled rooms 7 5 12 Assisted Listening enabled rooms 8 8 16 Active learning classrooms 2 Rooms upgraded 49 summer 2015 2 90 139 Fusion RV Now Coming soon • • • • • • • • • • Midtown rooms Dyson hall Lienhard hall Scheduling panels in ALC rooms Reports of equipment usage R25 integration Occupancy sensors Ad-hoc room booking Room usage metrics More rooms!! Contact us at: email: acadtech@pace.edu phone: 914-773-3664 or contact me directly at: email: gchacko@pace.edu IT Security National Cyber Security Awareness Month Chris Bohlk (cbohlk@pace.edu) National Cyber Security Awareness Month Information Technology Services, ITS Christopher Bohlk, Information Security Officer Cybersecurity is everyone's responsibility How Aware Are You? Hackers WANT YOU!! They want your personal information such as credit card numbers, social security, passwords to email/banking accounts, etc. in order to get money or steal intellectual property. Security Breaches Office of Personnel Management – 22 million government worker records breached Anthem healthcare breach – 80 million records compromised Sony Pictures Entertainment – Breached data and wiped servers Target Breach – 110 million records compromised, 40 million credit card numbers, 70 million customer records at a cost of at least $148 million Home Depot – At least 56 million credit card numbers were compromised. Why Do We Care? Identity Theft – Potential fraudulent charges can be made against the individuals whose information has been breached or stolen. New accounts can also be opened or existing accounts can be taken over by an attacker. Consequences to the University Loss of Reputation/Trust – if a breach occurs, the ramifications to a university’s reputation is high affecting future enrollment and alumni donations which all relate to financial implications as well. Financial Cost – in order to respond to a security breach, the institution will have to fund a large amount of money in credit monitoring, communication, internal/external resources to remediate the situation. Potential legal fees could also apply. REDUCE YOUR RISK Passwords What are some password best practices? Think before you click When in doubt, throw it out http://stopthinkconnect.org/tips-and-advice/ Example 1: Most Common Dear Webmail User, Your mailbox has exceeded the allocated storage limit as set by the administrator, you may not be able to send or receive new mail until you upgrade your allocated quota. To upgrade your quota, CLICK HERE to verify your email account. Thank you for your anticipated cooperation. System Administrator IT Helpdesk EXAMPLE 2 Other Types of Phishing Emails Anticipate that you may receive fake UPS, Fedex, Amazon, or other emails trying to get you to click on links or provide personal information. Simply delete these emails. Also anticipate Holiday greetings, birthday messages, funny videos, or gossip headlines as ways which attackers will try to steal your information or send you to a malicious website. Delete all such suspicious messages. Web Browsing Visit trusted websites that are needed to conduct Pace University business. What happens when visiting a malicious website? An attacker may be able to take full control of your computer, log all key strokes including your username and password and all information you type, may be able to access all the information you are authorized to view, an attacker can impersonate you by sending messages from your account, they can access everything on your computer without you knowing Aimless surfing to non-work related sites increases the chances that you will be compromised. Although Antivirus software is an important tool, it is only 60%-75% effective in detecting malware. What is PII? Properly Handle Personally Identifiable Information (PII) When there is a business process that Should never be uploaded to a public web requires the handling of PII, extreme care server should be taken to protect the information. Pace PII should not be stored to cloud Examples of PII type information: services, such as Dropbox Social security numbers Data that is needed by the University should never be downloaded and stored on Credit card numbers workstations, personal (home) computers, Bank account numbers USB drives, mobile devices, or laptops. Health information Should be kept confidential and never shared Requirements for handling PII: with third parties or individuals not authorized to handle this data Should only be accessed if there is a business need to perform one’s job function through the authorized server/database Printed documents containing PII should be locked in a cabinet in a secure location - it must not be in plain sight or easily accessible Data that does not need to be maintained by the University should never be stored Questions? Questions? Suggestions?