Announcing Windows 8 Installations

July 11th, 2014 by michael_jessen

Beginning today, IT will be installing Windows 8.1 on new Windows-based computers instead of Windows 7. All new computers with Windows 8.1 will be distributed with a “cheat sheet,” including a link to an instructional guide on our website. You can take a look at this guide now to familiarize yourself with some of the most noticeable changes.

Many of the functions you use day-to-day remain unchanged, and some are even easier. Most importantly, we’re remaining up-to-date with security enhancements and patches, ensuring utmost reliability.

Mac-based computers will continue to have the most recent version of OS X installed on the computer when it arrives, currently Mavericks. This will transition to Yosemite in the fall.

As always, please feel free to contact the Help Desk if you have any questions, by phone at 617-824-8080, or online at it.emerson.edu/help.

Summer 2014 Workshops and Survey Results

June 9th, 2014 by carlin_corrigan

Every semester, Emerson IT hosts an array of computing and software workshops. During the Spring semester, we offered a wide selection ranging from our traditional Adobe CC workshops to our Microsoft Office drop-in clinics. However, our attendance numbers were less than we had hoped for.

In an effort to increase faculty and staff participation, we recently sent out a survey to gather some data regarding workshop interest and preferences.

The data revealed a few things:

  • Over 95% of the survey takers preferred email as their method of learning about workshop opportunities.
  • More than half of the survey takers did not have time to attend workshops.
  • Less than 35% of the survey takers utilize Lynda.com for free video tutorials.

Many workshop topics were suggested but the most frequently mentioned was Excel, followed closely by Adobe Creative Cloud. The other suggestions were spread out pretty evenly over a variety of subjects – some new and others we currently offer:

SummerWorkshopSuggestions2014

After reflecting on the data and discussing with our IT Staff, we are excited to announce our newest Summer 2014 Workshop Offerings designed specifically for Faculty and Staff, here: it.emerson.edu/workshops

We have included two Excel sessions, Adobe Photoshop and InDesign, a new curated Lynda.com course, and brand new offerings including Google Drive, SQL and Cognos Reports! You can click the link under each listing to RSVP, but we also welcome drop-ins. Don’t forget to add the event to your calendar!

For Canvas questions, the Instructional Technology Group (ITG) offers one-to-one and group-based training. Contact ITG with your availability at itg@emerson.edu or 617-824-8090.

For Skype questions, the Media Services team offers one-to-one training. Contact MSC for more information at media_services@emerson.edu or 617-824-8676.

We hope to see you this Summer!

What’s Up With TrueCrypt Encryption?

June 5th, 2014 by Francis Frain

What's Up With TrueCrypt?Several weeks ago, we announced our plan to encrypt all college-owned laptops and desktops. For Windows, we planned to use the open source software TrueCrypt, but last week, the tech world was surprised to see a dramatic change to the TrueCrypt website. Suddenly, the widely-used software was said to be insecure. The nameless developers released a new version, only for decryption purposes, and announced the old software should no longer be used.

Obviously, this gives us pause. On the one hand, TrueCrypt version 7.1a, which we were deploying, has successfully undergone the first half of an independent security audit. No backdoor exploits or major vulnerabilities were found. The second half of the audit is ongoing for v7.1a.

As is common with any open source software created by anonymous developers, communication can be sporadic and disparate, and it’s just as likely that a new team of developers could resume TrueCrypt’s life. Additionally, the second half of the audit could return with entirely positive results, and many companies/institutions will opt to continue using the software. However, the situation is uncertain.

For this reason, we have decided to take a breath, not react impulsively, and wait for more information. In the interim, the only change we intend to make is to not encrypt new Windows computers. This does not impact our continued encryption of Macs with FileVault2.

Please contact us with questions, and please continue to use this blog as your resource for all security and general IT updates.

Emerson IT 2.0, Part 4: New Teams and Emergency Procedures

June 3rd, 2014 by Cyle Gage

Emerson IT has grown a lot over the last year or so. We’re asked fairly often about new happenings within IT, and we’ve written about our new initiatives, our mission and vision, our policies, and much more.

But that’s not enough. It’s never enough. There are still questions, and we love being transparent about them. It’s been a challenge to get organized, but we feel really good about how IT is working right now. Here are some examples of ways we have become more efficient:

The Communications and Policy Management Teams

Two teams have assembled over the last year and have made strides towards reshaping how we work in IT. One is the Communications Team, a group of people from across the department who meet weekly to discuss anything communications-related. This includes drafting emails to the community, writing documentation and blog posts, and generally discussing how to improve communications within IT and with the Emerson community. We also consult with other departments to help draft any communication that involves our technology. Every email blast from IT, new blog post, and update to our website and our email template over the last year has gone through the Communications Team. Having one group to manage and discuss communication has been a giant leap forward.

The Policy Management Team was assembled for a very clear purpose: draft and publish the many policies that have never been publicly available. Like the Comm Team, the PMT is made up of representatives across IT, and has had the ongoing help of Emerson’s Legal team. After a lot of hard work, we successfully published 15 new policies, and are continuing to work on more. We are also partnering with Dennis Levine, our new Security Administrator, to work on future security policy changes. We feel that the best policies are those drafted and discussed as a group, instead of a top-down monolithic decision-making process.

Our Emergency Procedures

One of the biggest and scariest issues affecting all businesses these days is disaster recovery. It’s particularly relevant for Emerson, since we’re downtown in a major city. What happens if the Emerson campus loses power? What happens if the EVVYs has a massive technological failure and needs IT’s help? What happens if the trustees or a classroom needs technical support? We’ve come up with emergency procedures for all of these issues.

One of the first things we did was to move offsite a few critical systems that would aid in any attempt at recovering from a disaster on-campus. These include our main internal documentation wiki, our password safe, our internal chat service, and an external monitoring service. In the event of a catastrophe that brought down our on-site datacenter, we would still have the ability to access our own documentation on how to fix everything. (It’s surprising how many businesses don’t have that ability during a disaster.) All of our internal instant messaging and chatrooms are now fully offsite using Slack, which has been amazing at increasing the efficiency of our group problem-solving and would be integral to keeping our team in touch no matter where we were all located.

Furthermore, we drafted and adopted an elaborate IT Emergency Flowchart. It’s complicated and a bit overwhelming, but it’s worked very well when we’ve had the unfortunate opportunity to put it to the test. One of the critical parts of the flowchart is the separation of responsibility during a true crisis: there should be people fixing the problem, and other people communicating about it. Trying to do both jobs always makes the problem worse. A critical issue can very often be fixed within literally 15 minutes, so we try to allow for that small grace period before raising serious alarms.

Being Fun and Transparent

IT Poster

Beyond these measures, we’ve made an effort to be more accessible and transparent. We love feedback! One way we try to reach out is by putting out surveys, and we love posting the resulting charts and graphs and metrics for everyone to see. Likewise, we’ve tried to inject a little humor into our blog posts and our on-campus posters.

All of these efforts together have made big changes within IT and how we work every day. It’s for the ongoing support of the Emerson Community that we continue to try to improve ourselves, and we can only measure that by how well we’re doing every day to service all of you. The more we know how you feel, and how we can make you feel even better, the more we can do to make Emerson a great place to learn and work!

eBay security compromise

May 22nd, 2014 by Robin Chace

eBay logoYesterday, eBay announced that one of their databases which contains encrypted passwords has been compromised.

While eBay has found no evidence that customer accounts have been affected, they are requiring that all users change their passwords. Each account’s activity will be suspended until the password has been updated.

For more information about this breach, the actions eBay is taking, and eBay’s recommendations to users, please visit their FAQ on the situation: http://www.ebayinc.com/in_the_news/story/faq-ebay-password-change

As always, if you receive an email prompting you to update or verify account information, use your web browser to navigate directly to the site (in this case, www.ebay.com) to do so. This is to protect you against phishers attempting to take advantage of the situation.

Digital Literacy at Emerson College

May 19th, 2014 by carlin_corrigan

One of our Help Desk Technicians, Peter Paradise Michaels, wrote the following article for the Emerson College Sustainable Innovation Project:

Digital literacy is many things, but in higher education it’s often considered a measure of one’s computer skills and comfort level with existing and emerging technologies.

A discussion and analysis of technical literacy as it applies to our faculty is increasingly relevant as each new generation of students become more and more savvy, and communication, collaboration, and content delivery evolve as more and more reliant on rapidly changing technology. These issues have already been researched in general terms by various studies and reports for more than a decade, but I want to take this opportunity to provide some personal perspective gleaned from over 22 years in the computer industry, with 15 of those years in higher education markets.

Here are a few suggestions to improve technical literacy.

  • Don’t panic! Anxiety clouds rational thinking and obscures reasoned outcomes and sound problem solving.
  • Reboot your computer. Really.
  • If you have an error message on the screen that hasn’t disabled your computer, enter it into a search engine like Google. It’s likely that someone else has seen a similar issue and has posted some insights and solutions.
  • Check your cables and connections.
  • Use the Help menu in the application you are using to search for answers.
  • Look for patterns and cause and effect relationships. Is the issue the result of something you do or does it happen at random?
  • Ask yourself, when was the last time it worked? Has anything on the computer changed since it last worked?
  • Keep your devices up to date. Make sure to run all the system and program updates.
  • Learn how to confirm that you are connected to the Internet with either a wired or wireless connection.
  • Understand file sizes and how to interpret them.
  • Keep track of where to save files and use tools like folders and tags to keep them organized.
  • Choose a back-up strategy that is robust, fail safe, and easy to implement and maintain.
  • Learn the difference between memory and hard drive space, and why they are relevant.
  • Set up a VPN connection for remote access to work files.
  • Put a password management system in place.

If you approach digital literacy with these ideas as part of your basic skill set, you will see your productivity go up and your stress go down.

In my experience, a person’s comfort level with computers is more than just basic skills. It’s an attitude. It begins with patience and enthusiasm. One useful approach is to apply a non-mission critical project or hobby to an area of technology you’d like to become more familiar with. For example, it you are a runner and would like to become more competent with Microsoft Excel, consider using it to keep track of your workouts, mileage, race times, and progress. If you enjoy taking photographs, Adobe Photoshop is an amazing tool to help you edit them and create a portfolio. If you are a collector, learning Filemaker Pro can help you create a searchable catalogue.

It’s enthusiasm for these projects that help to drive you through the inevitable learning curves these programs present. The process of attaining the skill level to complete or maintain these projects will overlap into many other areas of digital literacy, so the journey will be much broader than learning one program or process.

Finally, use your resources! For example, the Emerson IT department provides regular workshops on basic skill acquisitions, many commonly used computer programs including Canvas, Banner, and even hardware training on things like mobile devices, printers, and wireless networks. We offer individual tutoring on most computer related topics.

In summary, the best way to enhance your digital literacy is to pursue it because you want to, not because you have to!

Internet Explorer Vulnerability Patched – For XP too!

May 2nd, 2014 by michael_jessen

Yesterday, Emerson IT notified the community about a serious vulnerability in versions 6 and above of Microsoft’s Internet Explorer web browser.

Shortly after our post, an emergency patch was issued. While Microsoft has indeed discontinued support for Windows XP, an exception was made for this vulnerability due to its proximity to the support end-date.

It is imperative that all Windows users, including those who do not regularly use Internet Explorer, run Windows Update as soon as possible to obtain this patch. Refer to this page from Microsoft for instructions on running Windows Update. Because Internet Explorer powers many behind-the-scenes functions in Windows and Microsoft Office, this patch is important for everyone.

If you have any questions or would like assistance installing this patch, please contact the IT Help Desk by phone at 617-824-8080 or online at it.emerson.edu.

Internet Explorer Security Advisory

May 1st, 2014 by Francis Frain

IE Security AdvisoryUPDATE 5/2: Microsoft has released an emergency patch for this vulnerability!

Microsoft has discovered a security vulnerability in its web browser, Internet Explorer. When a person visits a malicious or compromised website using Internet Explorer versions 6 and above, attackers could gain full access to the person’s computer and information.

Microsoft has not released an official fix yet, therefore Emerson IT recommends avoiding the use of Internet Explorer when websites/applications do not require it. Other common web browsers (Safari, Google Chrome, Mozilla Firefox) are not affected.

If your home computer is still running Windows XP, be aware that Microsoft will never release a fix for this vulnerability. Microsoft has discontinued all support for Windows XP, and recommends upgrading Windows immediately.

We will update this blog when Microsoft releases a fix for all other versions of Windows. Please check our blog regularly as a reliable resource for news and recommended actions as new security threats are discovered.

IT Interviewed by JR-103 Student

April 22nd, 2014 by Francis Frain

Emerson Freshmen Hantzley Audate interviewed Frankie Frain, the Director of Networking and Telecommunications, about the recent Heartbleed bug for a Journalism class assignment (JR103).

Important Security Update Regarding Heartbleed Bug

April 9th, 2014 by Cyle Gage

Yesterday, a massive security flaw (nicknamed “Heartbleed”) was uncovered which compromises secure computer systems across the Internet: at least 66% of websites as well as mail servers and other systems.

OpenSSL, a library of security and cryptographic algorithms, was discovered to have a vulnerability that’s been present as far back as two years. Many websites and apps that you use every day are affected by this, and they are scrambling to fix the issue. Most notable software using OpenSSL are the open source web servers like Apache and nginx. The combined market share of just those two out of the active sites on the Internet was over 66% according to Netcraft’s April 2014 Web Server Survey.

How was Emerson impacted?

Some of Emerson’s secure websites relied on potentially-exploitable OpenSSL libraries. We have patched these sites with an update fixing the vulnerability, and have replaced their security certificates. This means that there should be no way for anyone to exploit these websites, or decrypt traffic coming to and from them, even if they had been compromised.

The Heartbleed.

How does this exploit work?

This vulnerability may have allowed malicious hackers to capture small bits of data on secured systems, including user account information, such as passwords, as well as the systems’ security keys themselves. This could allow unencrypted eavesdropping even after the vulnerability is closed, if the system’s security keys haven’t been changed. Unfortunately, there’s no way to know if anything actually was compromised, as the exploit leaves no trace. It’s that bad.

What now?

At this point, many affected websites across the Internet are applying the patch and getting new security certificates. You can think of this as replacing the deadbolt and rekeying the lock. Some websites you use may ask you to change your password in the coming days as an additional precaution. Make sure you do not click links in emails. Make sure you go to the website directly, and only if you have been prompted.

There is nothing to suggest that Emerson usernames or passwords were compromised, but to be safe, we strongly recommend you change your Emerson password as soon as possible. Please visit http://password.emerson.edu/ to do so.

You can read more about the Heartbleed bug as well as the internet’s response at TechCrunch.

If you have any questions or concerns, please feel free to contact us by phone at 617-824-8080 or online at it.emerson.edu/help.