ITS Security Alert

Information Technology Services (ITS) is providing the following alert to warn against fraudulent email scam attempts targeting UofM email accounts. If you receive a suspicious email involving cash disbursement, gift card purchases, transfer of funds, or any other financial activity that appears to be from a University official, or if you are asked to provide personal information via email, carefully review the email before responding and follow up with a phone call to the appropriate office to confirm the authenticity of the request. Be especially careful of links included in emails.

Remember to treat unsolicited job opportunities, special offers, and unexpected email attachments with skepticism. Even if the message appears to come from a trusted individual, be mindful of the language or addresses used in the message and be suspicious if they don’t match what you typically receive from the individual. If you receive an email message that has a suspicious attachment or asks you to take questionable action, please report the message by sending an email to abuse@memphis.edu or calling the ITS Service Desk at 901.678.8888.

For those who have not yet done so, please complete your IT Security Awareness Training as soon as possible. The deadline for completing training is Feb. 28, 2022, and reminder emails will be issued periodically.

Cybersecurity Awareness Month

Around 90% of all data breaches involve some sort of human error. October is Cybersecurity Awareness Month and a good time to review and fortify your personal cybersecurity practices. Those same practices can and should be used at home to secure your personal digital life. Visit the IT Security Best Practices web page for tips on passwords, working remotely, securing your home Wi-Fi network and much more.

In conjunction with Cybersecurity Awareness Month, annual IT Security Training will be available Oct. 1. All full-time and part-time staff and faculty, including emeriti, with active UofM accounts must complete training by Feb. 28, 2022. We have contracted with a new training provider, KnowBe4. Training has been shortened to 30 minutes and can be completed in multiple sessions without losing your progress. All required account holders will receive a notification email with instructions on Oct. 1.

If you receive any email message that has a suspicious attachment or asks you to take a questionable action, please report the message via email at abuse@memphis.edu or by calling the ITS Service Desk at 901.678.8888.

Transition eCourseware to Canvas

The University of Memphis is transitioning our current learning management system, eCourseware, to Canvas, a more intuitive platform that will provide students, faculty and staff an improved online teaching and learning interface and enhanced student success services. Information Technology Services and Academic Affairs are collaborating on the transition to the new platform by January 1, 2022, which aligns with the expiration of our old platform agreement. Courses from spring, summer and fall semesters in calendar years 2020 and 2021 will be migrated automatically to Canvas. Course content from the old platform will be archived for academic years 2019, 2020 and 2021.

The team has worked diligently throughout the summer to implement foundational technologies required by the Canvas implementation. “Train the Trainer” sessions began the week of August 16. Faculty training for Canvas will begin on Tuesday, August 31, and will take place throughout the Fall 2021 semester. There are currently 25+ asynchronous training sessions scheduled throughout the month of September, both virtually and in-person. To sign up for the Canvas training, please visit the UofM Canvas page.

Faculty can begin learning how to teach with Canvas by viewing the Canvas Overview video. LinkedIn Learning also provides a comprehensive training course on Learning Canvas. Faculty can sign-in via SSO using your UUID and password.

Additional communications regarding the Canvas Implementation will be issued in the coming weeks. Information about the project, including status updates and governance information, may be found on the UofM Canvas page.

We appreciate your patience as we continue working to update our learning management platform.

Farewell to BlueJeans – July 30, 2021

BlueJeans has been our primary conference tool for faculty and staff since November 2015. While BlueJeans has served the University community well, it fell short in providing a cost-effective method that would include access for our 20K students.

What’s next?
To meet the need, we’ve adopted other conference and collaboration software tools like ZoomVirtual Classroom/ Assignment, and Microsoft Teams.

What do I need to do?
If you have any recordings located on BlueJeans you will have to (1) move download these recordings and upload them to other supported services (OneDrive or Ensemble Video) or (2) delete the recordings from your account by July 30, 2021. (Note: If you don’t delete your recordings by July 30, 2021, the files will no longer be available to access. )

Where’s the documentation?
We have created a website for information about how to download or delete recordings from BlueJeans.

For assistance with BlueJeans, please contact the ITS Service Desk online, by email, or by phone at 901.678.8888.

Required Password Change

Information Technology Services (ITS) previously notified the campus about a security incident. ITS is continuing to work with security forensics experts to identify and remediate compromised systems. Service levels are continuing to improve. As part of our remediation efforts and out of an abundance of caution, the following actions will be taken for all Universal User ID (UUID) passwords:

The minimum password length will be increased to 15 characters effective March 10.
All passwords must be changed March 10-31 using the iAM website. This includes all students, faculty, and staff. For more information about changing your password see our How to Change Your Password page.

Your UUID and password are used for single sign-on to access many University IT resources. Individuals will receive reminders through March 31 to change their passwords.

Welcome From ITS

Information Technology Services (ITS) extends a warm welcome to new and returning students, faculty and staff. Please review the following important information:

For technical assistance, visit umhelpdesk.memphis.edu to submit requests online, call 901.678.8888 for phone assistance, or email umtech@memphis.edu.

Information Security Program Reminder

The University of Memphis is committed to safeguarding the security and confidentiality of the information entrusted to us. Protecting our IT infrastructure and data by following policies, procedures, guidelines and approved technology is paramount and a shared responsibility. We appreciate your support toward this mission. It is important that we all continue to do our part by exercising due diligence and judgment in the use of resources and by adhering to University policies.

Policy IT6007 formalizes the University’s Information Security Program and defines protocols designed to protect institutional infrastructure and data. Employees responsibilities include:

  • Reviewing policies and guidelines at memphis.edu/its/security/policies-guidelines.php.
  • Completing the annual IT Security Awareness Training to demonstrate an understanding of basic principles designed to protect and enhance the University’s data security.
    • If you have not completed this year’s annual IT Security Awareness Training, please access the training portal and complete the training by February 28, 2021. Reminders are sent monthly.
  • Adhering to policies designed to protect the integrity of the University’s IT infrastructure and data.
    • Appropriate protections must be in place in accordance with the University’s classification of data.
    • It is critically important that individuals familiarize themselves with our data storage guidelines and ensure that data is appropriately encrypted when necessary.
      • IT Security personnel and LSPs are available to assist departments in their compliance efforts.

Information Technology Services (ITS) has implemented several technologies to support the Information Security Program and to assist employees with protecting institutional information. Specifically, technologies have been deployed to enhance security for email, networking, desktop security and authentication, in addition to supporting the IT Security Awareness Training efforts:

  1. Banners have been added to external emails to assist users with identifying emails that may require additional scrutiny, such as phishing emails and emails containing malicious links. Additionally, the University has enabled filtering for malicious emails and included URL rewriting designed to provide an added layer of security for those emails containing external links.
  2. External access to the University’s network has been restricted, and ITS collaborates with the research community and other offices when an exception is appropriate. Network content filtering was enabled to restrict malicious activity originating from the University’s campus network. Also, the University implemented a desktop security initiative to require encryption of desktop computers in administrative units handling sensitive information and deployed enhanced software to protect workstations.
  3. Duo was adopted for multi-factor authentication, which provides an extra layer of security when accessing University technology resources. Duo provides multiple ways to authenticate using a second factor (such as the mobile app), and employees are required to use Duo. Students will be required to use Duo effective January 25, 2021. While Duo does provide an extra layer of security, users must appropriately review and authorize requests for access. Users should report unsolicited Duo access requests or suspicious Duo behavior immediately to the ITS Service Desk as indicated below.

Looking forward, the University will review and implement technologies as appropriate to assist departments in adhering to the Information Security Program.

Thank you for your cooperation and support of our continued efforts to safeguard the University’s IT infrastructure and data. Individuals needing assistance to ensure compliance with the Information Security Program or with any technology issues may contact the ITS Service Desk at umtech@memphis.edu or 901.678.8888.

Additional ITS Security Measures

Information Technology Services (ITS) is implementing additional security measures to protect University resources and the user community from malicious activity such as phishing email:

  • Beginning Monday, Nov. 30, emails received from non-University accounts will have a yellow banner displayed at the top of the message. The banner will contain text indicating the email originated from outside of the University, making it easier to identify external senders especially on phones and devices where complete sender information may not be readily visible. The banner is a reminder to be extra vigilant toward messages from external senders. More information about the external email banner is available at memphis.edu/its/security/email-banners. NOTE: Emails from external University business partners may be excluded from receiving the external email banner. University offices wishing to request an exception for external business partners should contact the ITS Service Desk as indicated below.
  • Beginning Jan. 25, 2021, multi-factor authentication (Duo) will be required for all University student and employee accounts. Students are encouraged to enroll now by visiting iam.memphis.edu/duo. Duo provides a second form of verification in addition to a password when logging in. Users are encouraged to install the Duo mobile app. You can learn more about Duo at memphis.edu/duoBeginning Feb. 1, 2021, ITS will fully enforce the requirement to use Duo, and users not enrolled in Duo will be unable to log in to University resources.

Also, employees are reminded to regularly review the IT Security Policies and Guidelines page as well as the Guidelines for Storage of University Electronic Data page for appropriate storage services and locations for all classifications of University data.

For assistance, please contact the ITS Service Desk by visiting umhelpdesk.memphis.edu, emailing umtech@memphis.edu, or calling 901.678.8888.