Information Systems Connection

With several EMU email accounts having recently been compromised because the EMU mailbox owners were tricked into giving away their passwords, I feel I need to, again, remind the campus community that you should never, never, never give away your EMU password.  Did I mention NEVER?

Email messages are being sent to @emu.edu email addresses nearly every day with very clever messages that attempt to trick employees and students into thinking they need to reply or click on a link to go to a web page and provide their username and password.  Our systems block many of these but some inevitably get through our filters.

These are called “phishing” email messages which attempt to have you disclose your EMU email password.  The “phishers” want your username and password so that they can access your email account, not necessarily because they want info about you – although that could be the case in some rare circumstances.  Most likely it is because they want access to an email account from which to send spam – and when that happens to an EMU email account we are ALL put at risk of not being able to send email – because the big email processors (Google, Microsoft, Verizon, AOL, Yahoo) will quickly “blacklist” email servers that they see sending spam.  And the process of getting removed from a spam server blacklist is very difficult.

You can absolutely count on the following to be true:

1. Information Systems will NEVER ask for your password.
2. Information Systems will NEVER send you an email telling you that there is a problem with your account.
3. Information Systems will NEVER send you a link** to a page where you need to re-enter your username and password to “reset” your account.

Please – “just hit delete” whenever you see an email message telling you that something is wrong with your EMU account and you need to “do something” to fix it.  First, our systems would not have these kinds of problems and, second, if there is ever some kind of problem with your account we will NOT use email to communicate with you to resolve it.

I am baffled as to why users continue to be tricked by these messages.  Could it be that we are all drowning in email and we “just want to get through them” and which causes us to zone out and we don’t really stop to think about what we are doing when one of these trickery messages appear?

Slow Down!  Think!  Hit Delete!

Don’t fall for the clever come-on by the phisher!  Everyone is counting on you to “do the right thing” – JUST HIT DELETE!

** We may send you a reminder that your account password will expire in “X” number of days but our instructions will always be to go to MyEMU (my.emu.edu) and then click on the “Royal Password” link on the left column and follow the directions to change your password.

Broadcast email messages are those sent to everyone, all-students and non-students @emu.edu. Any EMU employee can send to these email addresses. Info Systems receives unsolicited feedback periodically from the campus community that is often critical of the number and kinds of broadcast messages sent. I offer the following comments for the campus community to consider:

1. SGA reps on the Info Systems Planning Committee (ISPC) consistently tell us that students do not regularly read EMU email messages, and many always ignore “all-students” messages, mostly because they consider these messages “internal spam”.
2. Students and employees can “opt-out” of broadcast messages by visiting the email broadcast options page.  Urgent broadcast messages are sent to everyone-urgent, all-students-urgent and non-students-urgent @emu.edu addresses and are not subject to the opt-out provisions of the system. Only a limited number of authorized persons can send “urgent” broadcast messages.
3. Before sending a broadcast message, senders are urged to consider alternative communications venues. These are discussed in the Broadcast Communications section of the Info Systems HelpZone (www.emu.edu/is/helpzone) and include using the EMU Web Events Calendar and EMU eClassifieds.
4. Our broadcast email system is aging and due for a major upgrade which will be part of an overall email system upgrade sometime in the next two years.  As part of our planning process we will be considering a wide spectrum of communications resources, some of which could replace current broadcast email use.
5. When sending broadcast messages, we recommend that you:
   1. Keep the message short and succinct.
   2. Proof-read the message carefully.  Consider sending it to yourself first to make sure it says what you want it to say.
   3. If attaching a file, PDF files work best (and they are generally smallest). All EMU-owned computers can create PDF files.  If you don’t know how to do this, contact the IS Helpdesk.
   4. Send to the most narrowly defined list.  Broadcast email lists are described on the Broadcast Communications web page.
   5. Use “plain text” format.  Because our broadcast email system is aging it often cannot format full HTML messages properly and the result is “a bunch of garbage”.  There is no way for you to know what will format correctly and what won’t (in this case, sending a sample message to yourself does not use the same “email engine” that broadcast messages use).

To summarize: Think carefully as you consider whether to send a broadcast email message.  If you decide you need to send a broadcast message, take some time to carefully write it.  Review the information on the Broadcast Communications web page to determine how best to send your message.

EMU relies heavily on its Internet connection for a wide spectrum of resources and functionality.  As of December 2011, the campus uses a 45mbps metropolitan Ethernet connection which costs about $50,000 each year.  This is a relatively low amount of bandwidth for an institution our size because, for a number of reasons, Internet bandwidth in our area is very expensive.  A “data traffic shaper” management appliance is used to ensure that this scarce resource is available to those who need it most to fulfill their institutional responsibilities.  During traditional work-hours (Mon-Fri, 8am – 5pm) prioritization is given to faculty and staff and outside of these hours the full capacity of the connection is made available to the residence halls.

The types of Internet use determines how much of the connection an individual user uses.  Low bandwidth uses include email and casual web surfing. Bandwidth increases significantly for “streaming” activities such as listening to music and watching videos.  Some of the most intense use of bandwidth occurs with streaming video from movie sources such as NetFlix.  For this reason we block NetFlix in computer labs.

We evaluate our Internet connection needs each year during the budget planning process and project what kind of a capacity increase we should build into the budget.  Because of the tight budget situation this year (2011-12) we did not increase our Internet capacity in September.  The result is that our Internet connection is now “maxed-out” most of the day (i.e. from about 10am through mid-night).

We are in the process of determining whether to re-prioritize some budget areas to allow for an purchasing an increase to our Internet bandwidth but we also know that the campus community will use whatever capacity is available.

Special Note to Faculty/Staff: Because you are given “top preference” during traditional work-hours, please do NOT use your computer during these times to connect to “entertainment” kinds of web resources.  As examples, this means streaming videos (e.g. NetFlix, Hulu, Crackle, etc) and streaming audio (e.g. Pandora, Internet radio stations, etc).

In 1995 EMU implemented its first campus-wide network using the Novell networking system.  At the time it was the most popular networking system in operation, particularly on college campuses.  Over time, Microsoft networking systems improved and by 2000 Microsoft became the predominant system used in commercial environments and colleges and universities also began migrating to it. EMU’s decision to move from Novell eDirectory (eDir) to Microsoft Active Directory (AD) networking came in the late 2000’s, primarily because we believed (and continue to believe) that having our core business system converted to a Windows server system (i.e. Jenzabar EX) prior to migrating to Microsoft networking would be advantageous in the long run.

Over a year’s worth of planning preceded our actual migration work.  This is a huge project and with countless connections and dependencies, many of which ordinary users will never see or recognize.  The main categories of work to be completed for the project are:

User Impact

In all of our planning efforts we have attempted to minimize disruptions for the users.  However, because we must “live in two worlds” (Novell and Microsoft) for nearly a year (June 2011 thru May 2012) at times it is necessary for us to “bridge” these two worlds with special procedures.  One of the most visible of these “bridges” is the need for users to enter their password in a second prompt when logging into the network.  This is a temporary procedure and will be eliminated when a user’s computer is upgraded to Windows 7.  For users of Lab Computers or Teacher Workstations, the second prompt should be eliminated at the beginning of the spring semester when these computers become part of the domain.

Information Systems is undertaking a major systems change over the next year that will affect many of you at some point.  The successive versions of Novell NetWare software that EMU has used since the campus was networked in the 1990’s is being phased out in favor of Microsoft’s Active Directory and related products.  We anticipate better integration with other software as a result, as well as the ability to offer a broader range of services to the EMU community.  The main components involved in this change are:

1. Directory services, which stores all user accounts and provides central authentication to most other services, such as e-mail, myEMU and Moodle.
2. File services, providing network drives, such as P, Z and G.
3. Print services to all networked printers (which is most of them on campus).

Information Systems has committed a great deal of time and effort to ensuring that this transition is a smooth one.  However, this is a very complex project that involves many systems with many dependencies.  We ask for your patience and grace as there will likely be some hiccups and unintended consequences along the way that we will work to resolve promptly.

A number of system additions and changes have already been made, though the bulk of the effort for this project will be expended this fall.  The following approximate schedule has been planned:

Summer 2011

• Systems installation and testing.
• Pilot migration for one administrative department.
• Migration of student data.  (Because Info Systems doesn’t manage student computers, this task is relatively easy.)

Fall 2011

• Migration of administrative departments, requiring work to be performed on every computer in a department at a specified time.
• Migration of academic departments, requiring work to be performed on every computer in a department at a specified time.

Spring 2012

• Migration of remaining EMU-owned computers.

Another change that will occur at some interval after a department migrates from Novell to Microsoft is a move of computers running Windows XP to Windows7.  The upgrade to Windows7 will also provide us with the opportunity to upgrade Windows users to Office 2010. Our planning for Windows7 and Office 2010 upgrades is not yet complete but as soon as we finalize these plans, including training plans, we will announce them to the campus.

Look for more detailed information regarding the schedule and impact of all of these changes closer to the start of the fall semester.

Each Spring Information Systems surveys the EMU community to determine the level of customer satisfaction on campus. The survey results are also used to solicit suggestions from users.

You can read Information System’s response to the 2011 survey at http://www.emu.edu/is/info/survey/2011.html.

During the March 24, 2011 test of the EMU Emergency Notification System (ENS) we asked you to confirm that you’d received the test message and tell us how you received it. Over 120 of you responded. Many of you confirmed that you’d received the test message multiple ways–through the Via Radio HEARO devices, through a browser pop-up alert on your computer, through a text message on your cell phone, etc.–and we appreciate that too. Each confirmation from you gave us a better picture of how our ENS system works.

And the system does work! Messages are delivered quickly and widely. More than eighty percent of those who responded received an emergency notification within three minutes of the test beginning.  Keep in mind these are response rates: many of those who received the messages didn’t respond.

The Crisis Management Preparedness Team (CMPT) will be reviewing these results and making plans to further improve communication speed and coverage. We welcome your ideas and suggestions. You can contact Jack Rutt at ruttj@emu.edu or by calling 540 432 4478 (x4478 on campus).

Also, if you haven’t signed up for EMU Alerts–the cell-phone text message portion of the ENS–please do so by visiting my.emu.edu/ics/alerts .

(more…)

On behalf of the Crisis Management Preparedness Team (CMPT) this coming Thursday Information Systems and Physical Plant personnel will conduct a test of the EMU Alerts systems. Here are the details describing the test:

DAY/DATE/TIME OF TEST:

Thursday, March 24, 2011, 9:10am

SYSTEMS TO BE TESTED:

• Email message to everyone-urgent@emu.edu
• Email message to everyone subscribed to the EMU Alerts service with e2Campus
• TXT message to everyone subscribed to the EMU Alerts service with e2Campus
• Splash Screen on all computers that are turned on and connected to the EMU network
• myEMU “Alerts Banner” and ALERTS tab notification
• HEARO in-room audio and scrolling text devices

TEST PURPOSE: The purpose of this test is to ensure that our procedures for using these emergency notification systems are functioning properly.

The test message sent to each notification system listed above will clearly state that it is only a test and that no immediate action on your part is necessary.

WHAT IS A HEARO DEVICE? This is the first time we will be testing the HEARO in-room notification devices which were deployed over the past several months to about 140 building spaces, including classrooms, across the campus. Posted near each device is a set of instructions. We urge you to review these instructions prior to Thursday’s test so that you will understand how the device operates.

TEST FEEDBACK: In order to assess the effectiveness of our notification systems and this test everyone will be invited to complete a web survey with four quick questions. The survey will be available for about 24 hours following the test from a link that will be included in each test message.

EMU ALERTS SIGN UP: The EMU Alerts service for TXT messages and email addresses (other than @emu.edu addresses) is a subscription service we encourage all current students and employees to sign up for on my.emu.edu. To sign up, login to my.emu.edu and then click on the ALERTS tab where you can then click on the EMU ALERTS SIGN UP link in the left column. From there, follow the instructions.

More information about the EMU Alerts e2Campus subscription services can be found on the Information Systems website.

Information Systems wants all EMU email account owners to know the following “phishing phacts”.

1. CRIMINALS WANT YOUR EMU USERNAME AND PASSWORD: Email messages are being sent to @emu.edu email addresses nearly every day with very clever messages that attempt to trick employees and students into thinking they need to reply and provide their username and password. (more…)

The market for Learning Management Systems (LMSes) in small higher educational institutions is changing. Proprietary products like Blackboard and Jenzabar’s eRacer are being supplanted by the open source products Moodle and Sakai. Vendors of proprietary LMSes are finding it difficult to compete with the features, flexibility and value provided by open source offerings.  Information Systems has prepared a case statement for changing from Blackboard to Moodle for our future LMS.  Click here to access the case statement.