Information Security Program Reminder

The University of Memphis is committed to safeguarding the security and confidentiality of the information entrusted to us. Protecting our IT infrastructure and data by following policies, procedures, guidelines and approved technology is paramount and a shared responsibility. We appreciate your support toward this mission. It is important that we all continue to do our part by exercising due diligence and judgment in the use of resources and by adhering to University policies.

Policy IT6007 formalizes the University’s Information Security Program and defines protocols designed to protect institutional infrastructure and data. Employees responsibilities include:

  • Reviewing policies and guidelines at memphis.edu/its/security/policies-guidelines.php.
  • Completing the annual IT Security Awareness Training to demonstrate an understanding of basic principles designed to protect and enhance the University’s data security.
    • If you have not completed this year’s annual IT Security Awareness Training, please access the training portal and complete the training by February 28, 2021. Reminders are sent monthly.
  • Adhering to policies designed to protect the integrity of the University’s IT infrastructure and data.
    • Appropriate protections must be in place in accordance with the University’s classification of data.
    • It is critically important that individuals familiarize themselves with our data storage guidelines and ensure that data is appropriately encrypted when necessary.
      • IT Security personnel and LSPs are available to assist departments in their compliance efforts.

Information Technology Services (ITS) has implemented several technologies to support the Information Security Program and to assist employees with protecting institutional information. Specifically, technologies have been deployed to enhance security for email, networking, desktop security and authentication, in addition to supporting the IT Security Awareness Training efforts:

  1. Banners have been added to external emails to assist users with identifying emails that may require additional scrutiny, such as phishing emails and emails containing malicious links. Additionally, the University has enabled filtering for malicious emails and included URL rewriting designed to provide an added layer of security for those emails containing external links.
  2. External access to the University’s network has been restricted, and ITS collaborates with the research community and other offices when an exception is appropriate. Network content filtering was enabled to restrict malicious activity originating from the University’s campus network. Also, the University implemented a desktop security initiative to require encryption of desktop computers in administrative units handling sensitive information and deployed enhanced software to protect workstations.
  3. Duo was adopted for multi-factor authentication, which provides an extra layer of security when accessing University technology resources. Duo provides multiple ways to authenticate using a second factor (such as the mobile app), and employees are required to use Duo. Students will be required to use Duo effective January 25, 2021. While Duo does provide an extra layer of security, users must appropriately review and authorize requests for access. Users should report unsolicited Duo access requests or suspicious Duo behavior immediately to the ITS Service Desk as indicated below.

Looking forward, the University will review and implement technologies as appropriate to assist departments in adhering to the Information Security Program.

Thank you for your cooperation and support of our continued efforts to safeguard the University’s IT infrastructure and data. Individuals needing assistance to ensure compliance with the Information Security Program or with any technology issues may contact the ITS Service Desk at umtech@memphis.edu or 901.678.8888.

Additional ITS Security Measures

Information Technology Services (ITS) is implementing additional security measures to protect University resources and the user community from malicious activity such as phishing email:

  • Beginning Monday, Nov. 30, emails received from non-University accounts will have a yellow banner displayed at the top of the message. The banner will contain text indicating the email originated from outside of the University, making it easier to identify external senders especially on phones and devices where complete sender information may not be readily visible. The banner is a reminder to be extra vigilant toward messages from external senders. More information about the external email banner is available at memphis.edu/its/security/email-banners. NOTE: Emails from external University business partners may be excluded from receiving the external email banner. University offices wishing to request an exception for external business partners should contact the ITS Service Desk as indicated below.
  • Beginning Jan. 25, 2021, multi-factor authentication (Duo) will be required for all University student and employee accounts. Students are encouraged to enroll now by visiting iam.memphis.edu/duo. Duo provides a second form of verification in addition to a password when logging in. Users are encouraged to install the Duo mobile app. You can learn more about Duo at memphis.edu/duoBeginning Feb. 1, 2021, ITS will fully enforce the requirement to use Duo, and users not enrolled in Duo will be unable to log in to University resources.

Also, employees are reminded to regularly review the IT Security Policies and Guidelines page as well as the Guidelines for Storage of University Electronic Data page for appropriate storage services and locations for all classifications of University data.

For assistance, please contact the ITS Service Desk by visiting umhelpdesk.memphis.edu, emailing umtech@memphis.edu, or calling 901.678.8888.

ITS Security Alert 11/13/2020

Information Technology Services (ITS) is providing the following alert to warn against fraudulent email scam attempts targeting UofM email accounts. In some cases, emails are sent from a fake email account of University leadership or a supervisor to employees of a department. These emails typically begin with a phrase such as “Are you available?” or similar language and try to build a sense of urgency by stating the sender is in a meeting and needs an urgent errand to be completed. The sender is ultimately trying to trick the recipient into purchasing gift cards with the recipient’s personal funds and provide the gift card codes via email or text messages. In some cases, the urgent message may request a personal cell number where the attacker seeks to gain additional information about the victim including the possibility of exploiting the cell phone.

If you receive a suspicious email involving cash disbursement, gift card purchases, transfer of funds or any other financial activity that purports to be from a University official, or if you are asked to provide personal information via email, carefully review the email before responding and follow up with a phone call to the appropriate office to confirm the authenticity of the request. Forward suspicious emails to abuse@memphis.edu. If you receive an urgent request after hours and are unable to confirm the authenticity of the request, please follow up on the next business day. Taking a moment to confirm the email’s authenticity will help protect you and the University.

Note that the same methods used in email attacks can also be used via telephone calls. If you receive a phone call using similar tactics, do not feel pressured to respond immediately. Instead, request the caller’s contact information, seek validation of the request and return the call later if appropriate.

Remember to treat unsolicited job opportunities, special offers and unexpected email attachments with skepticism. Even if the message appears to come from a trusted individual, be mindful of language or addresses used in the message and be suspicious if they don’t match what you typically receive from the individual. If you receive any email message that has a suspicious attachment or asks you to take a questionable action, please report the message via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at 901.678.8888.

ITS Security Alert 10/2/2020

Information Technology Services (ITS) is closely monitoring an increase in spam and phishing attacks. Remember to treat unsolicited job opportunities, gift card requests, fund transfer requests, special offers and unexpected email attachments with skepticism. Even if a message appears to come from a trusted individual, be mindful of the language or addresses used in the message and be suspicious if they don’t match what you typically receive from the individual. If you receive any email message that has a suspicious attachment or asks you to take a questionable action, please report the message to ITS via email at abuse@memphis.edu.

For assistance, please contact the ITS Service Desk by phoning 901.678.8888, emailing umtech@memphis.edu or visiting umhelpdesk.memphis.edu.

ITS Security Alert

Information Technology Services is issuing this alert due to an active ransomware campaign targeting education institutions. Malicious actors are using email phishing attacks to gain access to account credentials in order to propagate ransomware throughout institutions.

Remember to treat unsolicited job opportunities, special offers and unexpected email attachments with skepticism. Even if the message appears to come from a trusted individual, be mindful of language or addresses used in the message and be suspicious if they don’t match what you typically receive from the individual. If you receive any email message that has a suspicious attachment or asks you to take questionable action, please report the message via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at 901.678.8888.

Welcome from Information Technology Services

Information Technology Services (ITS) welcomes you to the University of Memphis. The start of a new academic year is an exciting time for us all. Please take a moment to read these important reminders:

  • Forward any suspicious email to abuse@memphis.edu for analysis. Be especially vigilant for financial, gift card or employment scams. Do not click suspicious links, open attachments in suspicious emails, or text personal information to suspicious phone numbers.
  • Review tips for protecting your personal information at memphis.edu/its/security.
  • Visit memphis.edu/umtech/service_desk/policies/it_policies.php to review information technology policies.
  • Students are encouraged to enroll in multi-factor authentication (Duo) to obtain additional security protections. Information about enrolling in multi-factor authentication is provided on the Duo information page located at memphis.edu/duo.

For technical assistance, please contact the ITS Service Desk at umhelpdesk.memphis.edu, call 901.678.8888 or email umtech@memphis.edu.

Training on eCourseware (D2L) & Posting a Syllabus

ITS Center for Teaching & Learning (CTL) would like to invite you to an eCourseware training session. This session is especially designed to cover two topics:

  • How to log in to eCourseware (also known as D2L)
  • How to post a syllabus to your course

We are providing two opportunities for this training:

1)  Date/Time: Thursday, Aug. 6, 4:00 PM

https://memphis.zoom.us/j/97620969596?pwd=eVp4azNmczBLQ3RadUczZmREeHAyQT09

Meeting ID: 976 2096 9596
Passcode: 048437

2)  Date/Time: Friday, Aug. 7, 10:00 AM

https://memphis.zoom.us/j/91519043017?pwd=dkU1N2hjRS9rRUNmdk9URGRQYkN3Zz09

Meeting ID: 915 1904 3017
Passcode: 580641

Note: Please have your syllabus accessible and ready to upload.

If you’d like to try these tasks on your own, here are a few tutorials:

  1. How to log into eCourseware: Link to video
  2. How to post a syllabus to your course: Link to video
  3. Want the instructions in writing? View them on our website

For more info on eCourseware training, visit the Keep Teaching website.

ITS Remote Instruction Technology Resources

Information Technology Services (ITS) would like to welcome you to the fall semester with the August CTL Newsletter. This newsletter includes information about some of the major services we’ve been working on over the summer. We ask that you review it and remember to visit the Teaching & Learning website for more information on consultations and details about training opportunities.

During June over 500 faculty members participated in the Faculty Development and Teaching Summer Institute, a partnership between Academic Affairs and ITS. Recordings of those sessions are available for review here: memphis.edu/um3d/summer_institute.php.

Additional training resources for remote instruction are available on the Keep Teaching website located here: memphis.edu/umtech/teaching/keepteaching/index.php.

Department Aides are located in various departments to assist faculty within their disciplines in using eCourseware, and a list of those individuals is located here for reference: memphis.edu/umtech/teaching/department_aide.php.

If further assistance from the Center for Teaching and Learning is needed, please contact the ITS Service Desk at 901.678.8888, email umtech@memphis.edu, or visit umhelpdesk.memphis.edu.

Introducing Microsoft Teams

That’s correct. Microsoft Teams is available to all faculty, staff and students. Microsoft Teams is the hub for group collaboration in Microsoft 365 that integrates people, content, and applications. Teams brings simplicity to teamwork by joining collaboration, sharing, and communication all under one platform.

Microsoft Teams incorporates several applications into one. Here are a few functions offered: the chat function allows instant messaging between groups and individuals. Add GIFs, stickers or emojis to inject some personality into your conversation. Calls allow you to make audio and video calls over the network to students and colleagues. Channels are the conversations you have with your teammates. Each channel is dedicated to a specific topic or project and can be found within Teams. Files are documents that can be downloaded, edited, and shared with teammates. Files also offer quick access to your OneDrive storage. The activity feed is a summary of everything that has happened in the channels that are on your teams list. Apps provide you with seamless integration with Microsoft applications in your team workspace. Calendar integrates with your Outlook calendar to make time management more efficient than ever. Think about the tools, files, and dashboards that would be helpful to your group collaborations. Many of them can be added right into Teams.

Microsoft Teams is a chat-based collaboration platform complete with document sharing, online meetings, and many more features for group communications. Having a team space is key to being able to make creative decisions and communicate effectively with one another.

Introductory training for Teams can be found in LinkedIn Learning, Microsoft, and Learning Curve. More detailed information about Microsoft Teams can be found on our website.

ITS Security–Password Guidelines Update

University password expiration guidelines for Universal User ID (UUID) accounts are changing. Effective July 1, 2020, UUID password expiration is no longer required for individuals who utilize multi-factor authentication (Duo). Additional information related to password security and guidelines is located at memphis.edu/its/security/password.php.

Students are encouraged to enroll in multi-factor authentication to obtain additional security protections and take advantage of this change. Information about enrolling in multi-factor authentication is provided on the Duo information page located at memphis.edu/its/security/duo.php.

To assist with a smooth transition toward the fall semester, all UUID password expirations are temporarily paused. UUID password expirations will resume on Sept. 1, 2020 for any individuals who are not utilizing Duo multi-factor authentication.

For assistance, please contact the Service Desk by calling 901.678.8888, emailing umtech@memphis.edu, or visiting umhelpdesk.memphis.edu.