In a continued effort to follow best security practices, ITS has expanded the maximum character length of passwords to 30 characters.  Users will not be required to have that many characters in their passwords, but they can be changed up to that number if desired.  This may help people use phrases as passwords, which may be more mnemonic than a string of characters.   The minimum password length will remain at 12.  Also, remember that the University requires that passwords for all UUID accounts be changed every 6 months.  For more information regarding password security, visit the ITS webpage on this topic.

Thank you,

Ellen

IT Services would like to alert the campus community of a recently announced vulnerability that affects a number of web browsers and operating systems. The “FREAK” vulnerability is one that enables SSL Man-in-the-Middle attacks by forcing browsers to downgrade the cipher suites used in SSL/TLS connections.

Microsoft, Google and Apple have announced that patches will be released to correct the vulnerability. Individuals should ensure that they are running the latest version of their browser to mitigate “FREAK”.

If you have any questions regarding this vulnerability, please contact the University’s Service Desk at ext. 8888.

Thank you,

Ellen

ITS Security would like to alert the campus community of a recently announced Critical vulnerability that affects a number of Linux operating systems.  Dubbed the “GHOST” vulnerability, a flaw in the glibc library present in many Linux operating systems could allow a remote attacker to compromise an affected system through a buffer overflow against the gethostbyname() function.  Individuals responsible for Linux workstations or servers are strongly recommended to patch and reboot to protect against this vulnerability as soon as possible.  Please refer to your distribution’s support pages for further information and impacted releases, or departments may contact their area’s LSP.

https://access.redhat.com/articles/1332213

http://www.ubuntu.com/usn/usn-2485-1/

https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability

Thank you,

Ellen

The University of Memphis got its “Year of Service” off to a great start on Tuesday, January 20.  Here is a video of the event.

Ellen

Please see the latest issue of the Center for Teaching and Learning newsletter.

Faculty, students and staff should find several items of interest regarding campus technical resources.

Enjoy!

Ellen

ITS is offering a training session on Wednesday, January 28, 2015 from 11:00 a.m. – 12:00 p.m.  We encourage faculty and staff, especially those with administrative roles, to attend this training session.

Registration for the Information Security session is via our Learning Curve website at https://bf.memphis.edu/training/index.php

Steps to register:

• Visit the site and click “ Manage your training”
• Login with your user name and password
• Under Registration on left menu, click “class schedule/registration”
• Select “View All” in the category dropdown box
• Scroll down to the Information Security session and click “Register”

Please report problems registering to the Service Desk at extension 8888.

Regards,

Ellen

In Fall 2007, Podcast Central was implemented as the University’s online hosting service for audio and video files. As we continue to grow and enhance our services, we are limiting the scope of Podcast Central. Effective December 23, 2014, access to Podcast Central will be “Read-Only”.  Depending on the size and purpose of your presentations, media content will be uploaded exclusively using one of our umMedia Services (currently Ensemble and Mediasite).  A survey has been added to the umMedia page which will help determine which program will best meet your needs.  Please submit the completed survey, and a member of the CTL staff will contact you for a consultation. Meanwhile, we ask that you purge Podcast recordings that are no longer needed as we prepare for this transition.

Thank you,

Ellen

Please note the following holiday hours:

Recently, you may have received email messages asking you to upgrade, update, or confirm your email account.  These phishing messages often ask you to respond with your username and password, or to click on a link to a non-Memphis website and input your personal credentials.  Please be aware that these messages are not legitimate and can be disregarded.

Information Technology Services (ITS) will never ask you for your username and password via email or over the phone, or ask you to verify your account to keep it from being disabled.

If you receive an email message that has a suspicious link, or asks you for account details such as your username and password, you can report the message to ITS staff via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at (901) 678-8888.  Further information regarding keeping your University account safe can be found at http://www.memphis.edu/its/security/.

Thank you,

Ellen

ITS is offering a training session on IT Security September 8, 2014, 11:00 a.m. – 12:00 p.m.  We encourage faculty and staff, especially those with administrative roles, to attend this training session.

Registration for the session is via our Learning Curve website at https://bf.memphis.edu/training/index.php.

Steps to register:

• Visit the site and click “ Manage your training”
• Login with your user name and password
• Under Registration on left menu, click “class schedule/registration”
• Select “View All” in the category dropdown box
• Scroll down to the Information Security session and click “Register”

Please report problems registering to the Service Desk at extension 8888.

Regards,

Ellen