Information Systems Connection

With several EMU email accounts having recently been compromised because the EMU mailbox owners were tricked into giving away their passwords, I feel I need to, again, remind the campus community that you should never, never, never give away your EMU password.  Did I mention NEVER?

Email messages are being sent to @emu.edu email addresses nearly every day with very clever messages that attempt to trick employees and students into thinking they need to reply or click on a link to go to a web page and provide their username and password.  Our systems block many of these but some inevitably get through our filters.

These are called “phishing” email messages which attempt to have you disclose your EMU email password.  The “phishers” want your username and password so that they can access your email account, not necessarily because they want info about you – although that could be the case in some rare circumstances.  Most likely it is because they want access to an email account from which to send spam – and when that happens to an EMU email account we are ALL put at risk of not being able to send email – because the big email processors (Google, Microsoft, Verizon, AOL, Yahoo) will quickly “blacklist” email servers that they see sending spam.  And the process of getting removed from a spam server blacklist is very difficult.

You can absolutely count on the following to be true:

1. Information Systems will NEVER ask for your password.
2. Information Systems will NEVER send you an email telling you that there is a problem with your account.
3. Information Systems will NEVER send you a link** to a page where you need to re-enter your username and password to “reset” your account.

Please – “just hit delete” whenever you see an email message telling you that something is wrong with your EMU account and you need to “do something” to fix it.  First, our systems would not have these kinds of problems and, second, if there is ever some kind of problem with your account we will NOT use email to communicate with you to resolve it.

I am baffled as to why users continue to be tricked by these messages.  Could it be that we are all drowning in email and we “just want to get through them” and which causes us to zone out and we don’t really stop to think about what we are doing when one of these trickery messages appear?

Slow Down!  Think!  Hit Delete!

Don’t fall for the clever come-on by the phisher!  Everyone is counting on you to “do the right thing” – JUST HIT DELETE!

** We may send you a reminder that your account password will expire in “X” number of days but our instructions will always be to go to MyEMU (my.emu.edu) and then click on the “Royal Password” link on the left column and follow the directions to change your password.

Broadcast email messages are those sent to everyone, all-students and non-students @emu.edu. Any EMU employee can send to these email addresses. Info Systems receives unsolicited feedback periodically from the campus community that is often critical of the number and kinds of broadcast messages sent. I offer the following comments for the campus community to consider:

1. SGA reps on the Info Systems Planning Committee (ISPC) consistently tell us that students do not regularly read EMU email messages, and many always ignore “all-students” messages, mostly because they consider these messages “internal spam”.
2. Students and employees can “opt-out” of broadcast messages by visiting the email broadcast options page.  Urgent broadcast messages are sent to everyone-urgent, all-students-urgent and non-students-urgent @emu.edu addresses and are not subject to the opt-out provisions of the system. Only a limited number of authorized persons can send “urgent” broadcast messages.
3. Before sending a broadcast message, senders are urged to consider alternative communications venues. These are discussed in the Broadcast Communications section of the Info Systems HelpZone (www.emu.edu/is/helpzone) and include using the EMU Web Events Calendar and EMU eClassifieds.
4. Our broadcast email system is aging and due for a major upgrade which will be part of an overall email system upgrade sometime in the next two years.  As part of our planning process we will be considering a wide spectrum of communications resources, some of which could replace current broadcast email use.
5. When sending broadcast messages, we recommend that you:
   1. Keep the message short and succinct.
   2. Proof-read the message carefully.  Consider sending it to yourself first to make sure it says what you want it to say.
   3. If attaching a file, PDF files work best (and they are generally smallest). All EMU-owned computers can create PDF files.  If you don’t know how to do this, contact the IS Helpdesk.
   4. Send to the most narrowly defined list.  Broadcast email lists are described on the Broadcast Communications web page.
   5. Use “plain text” format.  Because our broadcast email system is aging it often cannot format full HTML messages properly and the result is “a bunch of garbage”.  There is no way for you to know what will format correctly and what won’t (in this case, sending a sample message to yourself does not use the same “email engine” that broadcast messages use).

To summarize: Think carefully as you consider whether to send a broadcast email message.  If you decide you need to send a broadcast message, take some time to carefully write it.  Review the information on the Broadcast Communications web page to determine how best to send your message.

EMU relies heavily on its Internet connection for a wide spectrum of resources and functionality.  As of December 2011, the campus uses a 45mbps metropolitan Ethernet connection which costs about $50,000 each year.  This is a relatively low amount of bandwidth for an institution our size because, for a number of reasons, Internet bandwidth in our area is very expensive.  A “data traffic shaper” management appliance is used to ensure that this scarce resource is available to those who need it most to fulfill their institutional responsibilities.  During traditional work-hours (Mon-Fri, 8am – 5pm) prioritization is given to faculty and staff and outside of these hours the full capacity of the connection is made available to the residence halls.

The types of Internet use determines how much of the connection an individual user uses.  Low bandwidth uses include email and casual web surfing. Bandwidth increases significantly for “streaming” activities such as listening to music and watching videos.  Some of the most intense use of bandwidth occurs with streaming video from movie sources such as NetFlix.  For this reason we block NetFlix in computer labs.

We evaluate our Internet connection needs each year during the budget planning process and project what kind of a capacity increase we should build into the budget.  Because of the tight budget situation this year (2011-12) we did not increase our Internet capacity in September.  The result is that our Internet connection is now “maxed-out” most of the day (i.e. from about 10am through mid-night).

We are in the process of determining whether to re-prioritize some budget areas to allow for an purchasing an increase to our Internet bandwidth but we also know that the campus community will use whatever capacity is available.

Special Note to Faculty/Staff: Because you are given “top preference” during traditional work-hours, please do NOT use your computer during these times to connect to “entertainment” kinds of web resources.  As examples, this means streaming videos (e.g. NetFlix, Hulu, Crackle, etc) and streaming audio (e.g. Pandora, Internet radio stations, etc).

In 1995 EMU implemented its first campus-wide network using the Novell networking system.  At the time it was the most popular networking system in operation, particularly on college campuses.  Over time, Microsoft networking systems improved and by 2000 Microsoft became the predominant system used in commercial environments and colleges and universities also began migrating to it. EMU’s decision to move from Novell eDirectory (eDir) to Microsoft Active Directory (AD) networking came in the late 2000’s, primarily because we believed (and continue to believe) that having our core business system converted to a Windows server system (i.e. Jenzabar EX) prior to migrating to Microsoft networking would be advantageous in the long run.

Over a year’s worth of planning preceded our actual migration work.  This is a huge project and with countless connections and dependencies, many of which ordinary users will never see or recognize.  The main categories of work to be completed for the project are:

User Impact

In all of our planning efforts we have attempted to minimize disruptions for the users.  However, because we must “live in two worlds” (Novell and Microsoft) for nearly a year (June 2011 thru May 2012) at times it is necessary for us to “bridge” these two worlds with special procedures.  One of the most visible of these “bridges” is the need for users to enter their password in a second prompt when logging into the network.  This is a temporary procedure and will be eliminated when a user’s computer is upgraded to Windows 7.  For users of Lab Computers or Teacher Workstations, the second prompt should be eliminated at the beginning of the spring semester when these computers become part of the domain.

On Friday evening (08/19/2011), Information Systems will be moving files currently located on the Faculty/Staff Novell server (FS) to our Microsoft Royals domain servers.  This will change what happens when employees log into the network during and after the moving is performed.  We want to make EMU employees aware of the following details:

Date/time for the student data moving process:

Begins: 5:30PM, Friday, 19 Aug
Ends: noon on Saturday, 20 Aug

Files that will be moved:

• Employee Z-drive files

Read the rest of this entry »

Information Systems will be moving files on the student Novell server (ST) to our Microsoft Royals domain servers.  This will change what happens when students and (some) employees log into the network during and after the moving is performed.  We want to make students, faculty and staff aware of the following details:

Date/time for the student data moving process:

Begins at noon on Thursday, 04 Aug
Ends at noon on Friday, 05 Aug

Student files that will be moved:

• Students’ P: drive files
• Students’ Z: drive files (for faculty, these are the W: drive files)
• Students’ G: drive files (few students have G: drives)
• Classdata V: drive files
• Apps M: drive files

Read the rest of this entry »

Criminals continue to develop increasingly clever ways to trick computer users into exposing their personal/confidential information, submitting their username and/or password, unknowingly downloading malicious programs onto their computers or falling for a money fraud scam.  This is yet another reminder for users to exercise caution, be skeptical and when in doubt, “don’t do it” – whatever “it” is that just doesn’t seem right.

What are some “best practices” for using the Internet?

1. UPDATE SOFTWARE: Keep your computer operating system and anti-virus software up-to-date.  Info Systems does this automatically for EMU owned computers. If a notification appears saying that an update is ready to install, allow it to proceed.
2. STRONG PASSWORDS: Make sure your passwords are strong.  They should be eight or more characters that include numbers, letters and at least one capital letter. Longer is better. They should NOT be your birthday or phone number, a person’s name or a word that is in the dictionary.
3. KEEP PASSWORDS TO YOURSELF: Never, ever give your password to someone else. Period!
4. THINK BEFORE YOU LINK: Financial institutions will never send you a link to use to login to your account. Whenever you receive any link in an email, don’t click it unless you really know where the link is going and that you have a good reason to go there. Just because it looks like a link (i.e. http://www.something-yadda-yadda) doesn’t mean it is the link that is displayed.  Most email programs allow you to hover over a link to reveal the actual web address that might be hidden by it.  When in doubt, don’t click it.
5. JUST HIT DELETE: You are not obligated to open every email you receive.  If you receive a message from someone unexpectedly become skeptical quickly. If the content seems “odd” be quick to delete the message.  If you receive an odd message from someone you know, contact them to determine if it was a legitimate message.  If it was and you deleted it, they can send it again.
6. CHECK USING GOOGLE: If you receive an email message that seems odd but you are curious to know if it might be a scam and you feel like doing some checking, select a phrase that is in the message and put it into Google surrounded by double quotes.  If it is a scam there is a high probability someone has already posted it somewhere on the net.  Scams and variations on them circulate on the Internet for years.

Things to remember if you receive a scam email message.

1. HIT DELETE: Deleting is always a good thing – and it is not necessary to notify Info Systems about messages you delete, regardless how strange the message may be.
2. MOST SPAM/SCAM MESSAGES CAUGHT: Info Systems cannot stop all scam/spam email from getting to your mailbox but we use some very powerful processes that prevent more than 99% of it from getting to you.
3. DELETE AND FORGET: There is nothing Info Systems can do to “track down” where the scam message originated.  Delete the message and forget it.
4. FAKE PLEAS FOR CASH: All “desperate traveler, pleading for assistance” messages are scams.  Be assured that your friend, whose name appears in the FROM field, did NOT really send you that message.    You can also be pretty sure that your friend has already been informed by others that these messages have been sent.  JUST HIT DELETE and go on to your next email.

Oops! You realize that your email account was compromised or that you were tricked and submitted information “you shouldn’t have” or downloaded some “bad stuff”.  What should you do now?

1. CHANGE PASSWORD: If you submitted your password, change it immediately and if it was for your EMU email account, please inform the Helpdesk that you did the “no-no” (and that you changed your password).  Knowing that an EMU account has possibly been compromised is information that is useful to us.
2. DON’T CLICK: Beware of “fake anti-virus” or “fake update” notices.  If you receive a pop-up stating that “unusual activity has been seen on your computer” you can be absolutely certain that this is not true.  Do NOT click anything that invites you to do so.  Close any open programs, preferably by using keystrokes. In Windows Use CTRL-TAB to switch to the program to be closed then ALT-F4 should close the active window. In Macintosh use COMMAND-TAB to navigate in the switcher to the program icon to be closed then, while still in the switcher, hit Q to quit the program.
3. PULL THE PLUG: If you realize that malicious code is in the process of being downloaded, disconnecting  your computer from the network or doing a power-button shut-down quickly are emergency measures that could limit the damage of malicious software downloads.  Be sure to perform a complete disk scan using your anti-virus software before reconnecting to the network to identify any malicious files that could have been downloaded.

Information Systems is undertaking a major systems change over the next year that will affect many of you at some point.  The successive versions of Novell NetWare software that EMU has used since the campus was networked in the 1990’s is being phased out in favor of Microsoft’s Active Directory and related products.  We anticipate better integration with other software as a result, as well as the ability to offer a broader range of services to the EMU community.  The main components involved in this change are:

1. Directory services, which stores all user accounts and provides central authentication to most other services, such as e-mail, myEMU and Moodle.
2. File services, providing network drives, such as P, Z and G.
3. Print services to all networked printers (which is most of them on campus).

Information Systems has committed a great deal of time and effort to ensuring that this transition is a smooth one.  However, this is a very complex project that involves many systems with many dependencies.  We ask for your patience and grace as there will likely be some hiccups and unintended consequences along the way that we will work to resolve promptly.

A number of system additions and changes have already been made, though the bulk of the effort for this project will be expended this fall.  The following approximate schedule has been planned:

Summer 2011

• Systems installation and testing.
• Pilot migration for one administrative department.
• Migration of student data.  (Because Info Systems doesn’t manage student computers, this task is relatively easy.)

Fall 2011

• Migration of administrative departments, requiring work to be performed on every computer in a department at a specified time.
• Migration of academic departments, requiring work to be performed on every computer in a department at a specified time.

Spring 2012

• Migration of remaining EMU-owned computers.

Another change that will occur at some interval after a department migrates from Novell to Microsoft is a move of computers running Windows XP to Windows7.  The upgrade to Windows7 will also provide us with the opportunity to upgrade Windows users to Office 2010. Our planning for Windows7 and Office 2010 upgrades is not yet complete but as soon as we finalize these plans, including training plans, we will announce them to the campus.

Look for more detailed information regarding the schedule and impact of all of these changes closer to the start of the fall semester.

Each Spring Information Systems surveys the EMU community to determine the level of customer satisfaction on campus. The survey results are also used to solicit suggestions from users.

You can read Information System’s response to the 2011 survey at http://www.emu.edu/is/info/survey/2011.html.

Jenzabar released the next major version of EX — 4.0 — on May 31.  This version represents a significant change in the user interface for the EX product, and allows a new level of customization.  Here’s a blurb from the product announcement:

Jenzabar EX 4.0 with My Workspace is now available for download on MyJenzabar.net. EX My Workspace is an engaging new environment where personality, technology, and productivity come together to transform your EX desktop ― to make it your own.

With My Workspace, you create your own virtual desktop to take you anywhere you want to go, from anywhere you are, fast.  Open your EX windows, read your files, open your reports, share information, view your favorite website, and get organized your own way as soon as you log on. Jenzabar EX 4.0 also provides international date formats and Windows 7 64-bit support.