May 09, 2023 news FROM THE CIO Malcolm Rice The Cloud Services and Information Technology Procurement (06.01.09) policy states, in part that “UAH is committed to providing a wide range of high-quality information technology (IT) services to students, faculty, and staff in support of the mission of the university. In order to provide the best, most cost-effective, and secure IT resources to UAH, IT resources which exceed a one-time cost of $100,000, or which integrates with either Banner or other enterprise data systems must be reviewed before procurement.” OIT uses the Higher Education Community Vendor Assessment Toolkit (HECVAT) developed by Educause and OIT’s internal software questionnaire that is linked on the OIT project site to assist in the evaluation process. These tools give us an understanding of what is required to support the product/application and to properly plan for its implementation. Many vendors may already be familiar with the HECVAT and can readily supply that document. Because of the initial hardware, security, and support requirements identified in these tools, we are better able to gauge the support requirements and help identify any potential issues. If you are contemplating the purchase of any hardware or software that may meet the above requirement, or if you simply would like for OIT to assist you in the evaluation process, please do not hesitate to reach out to us. The sooner we are involved the smoother implementation can be. PROJECT INTAKE FORM MULTI-FACTOR AUTHENTICATION Two-factor authentication (via Duo) has been implemented for all accounts that have administrative privileges. If you need assistance, please contact the OIT Help Desk. Google 2-Step Verification is now enforced for all students, faculty, and staff. If you are unable to log into a UAH email account due to the “Your sign-in settings don’t meet your organization’s 2-Step Verification policy” error, please contact the OIT Help Desk and provide us with an alternate email address. Please note that Google 2-Step verification is similar to but separate from Duo. Google offers several options for 2-step verification, including code via text or phone call, or a pre-defined backup code. For more information about Google 2-Step Verification, please click here. You can print or download single-use verification codes for times when your verification devices are unavailable, such as when you forget or lose your phone. See https://support.google.com/accounts/answer/1187538 for more information about this option. If you lose the print-out of your backup codes, you can revoke them on your Settings page. In the Backup codes section, click Show codes, then click Get new codes. This will invalidate the previous set of backup codes and generate a new set. DUO Need to reactivate Duo on your new phone? Click New Phone to learn how. Did you know that you can use a passcode that’s generated in Duo Mobile even if your mobile device is offline? Click Here to find out more! GOOGLE Chat Transition - Access to Hangouts on the web will be available until November 1, 2022. After that time, users will be redirected to Chat on the web. Users can continue to use Google Takeout to download their data until January 1, 2023 (PST, GMT-7). Drive, shared drive - With Google drive you can share a file or folder with others that are owned by you, or, you can create a “shared” drive owned by a team. With the former, when the user who owns the file/folder is deleted from our Google workspace tenant the files are deleted as well. With the latter, the files are owned by the entire “shared drive” team. You don't need to worry about losing these files when someone leaves the organization. Please make use of shared drives for important content to avoid the risk of losing the data. OCTOBER WAS CYBER SECURITY MONTH Jeremy Shelley, UAH CISO I hope everyone had the chance to read our Cybersecurity Awareness Month articles on staying cyber secure, being alert for phishing scams, social engineering, and passwords. Just because cybersecurity awareness month is ending doesn’t mean the threats are going away. UAH receives thousands of attacks per day from network scans, login attempts, and phishing emails that attempt to steal your username and password, trick you into logging on to fake websites, and making purchases such as gift cards. UAH can only remain secure as long as we all remain vigilant. KUDOS "I wanted you to know what a great employee you have in Greg. He came over to check Alba's PC and diagnose the issue. Also, he spent time getting us a quote from Dell on what we should order. He was polite and personable. Much appreciated." -Diane Gibbs in regards to Gregory Carter "Van was so awesome in helping get a laptop back to a user in time before they would be out for travel. Their quick assistance was greatly appreciated!"