IMO MEETINGFall 2015

Pace University | Information Technology Services

Fall 2015 IMO Meeting Agenda

1. ITS Updates

2. Academic Technologies: Summer Builds Update

3. IT Security: National Cyber Security Awareness Month Presentation

4. Questions and Feedback

ITS Updates

1. New IT Staff2. Newsletters

1. Exchange Email Upgrades2. IE 11 Update3. Lecture Capture Cleanup Reminder

4. New Services1. Adobe Document Cloud eSign (formerly EchoSign)2. PollEverywhere3. LabArchives4. EndNote5. Kaltura

5. PC Replacement Update6. Student Tech Fee Changes7. New and Upcoming Operating Systems

6. El Capitan7. Windows 10

ITS Updates

Academic Technologies:

Summer Builds Update

George Chacko(gchacko@pace.edu)

Summer Builds Wrap-up

Classroom Type Current

Basic Build Classroom 99% of classrooms are equipped with technology (Projector, PC and video playback)

Advanced Classroom 37 classrooms between NYC and PLV are equipped with interactive boards and integrated webcams

Video Conferencing spaces 2 pairs of fully integrated Video conference spaces.

Active learning Classrooms Currently we have 2 ALC rooms in PLV and 3 more coming this fall: 1 in PLV (willcox lecture hall) and 2 in NYC (W510 and 511)

Since 2009

Type of upgrade PLV NYC TotalBasic 25 71 96Video Conferencing

1 1 2

Advanced builds 6 5 11Web conferencing enabled rooms

7 5 12

Assisted Listening enabled rooms

8 8 16

Active learning classrooms

2 2

Rooms upgraded summer 2015

49 90 139

Summer Builds 2015

Miller 21

Miller 22

Fusion RV

Now Coming soon• Midtown rooms• Dyson hall• Lienhard hall• Scheduling panels in ALC

rooms• Reports of equipment usage

• R25 integration• Occupancy sensors• Ad-hoc room booking • Room usage metrics• More rooms!!

Contact us at:

email: acadtech@pace.edu 

phone: 914-773-3664

or contact me directly at:

email: gchacko@pace.edu

IT Security

NationalCyber Security Awareness

Month

Chris Bohlk(cbohlk@pace.edu)

Information Technology Services, ITSChristopher Bohlk, Information Security Officer

National Cyber Security Awareness Month

Cybersecurity is everyone's responsibility

How Aware Are You?

Hackers WANT YOU!!

They want your personal information such as credit card numbers, social security, passwords to email/banking accounts, etc. in order to get money or steal intellectual property.

Security Breaches

Office of Personnel Management – 22 million government worker records breached

Anthem healthcare breach – 80 million records compromised Sony Pictures Entertainment – Breached data and wiped servers Target Breach – 110 million records compromised, 40 million credit

card numbers, 70 million customer records at a cost of at least $148 million

Home Depot – At least 56 million credit card numbers were compromised.

Why Do We Care? Identity Theft – Potential fraudulent charges can be made against the

individuals whose information has been breached or stolen. New accounts can also be opened or existing accounts can be taken over by an attacker.

Consequences to the University Loss of Reputation/Trust – if a breach occurs, the ramifications to a

university’s reputation is high affecting future enrollment and alumni donations which all relate to financial implications as well.

Financial Cost – in order to respond to a security breach, the institution will have to fund a large amount of money in credit monitoring, communication, internal/external resources to remediate the situation. Potential legal fees could also apply.

REDUCE YOUR RISK

Passwords

What are some password best practices?

When in doubt, throw it out

Think before you click

http://stopthinkconnect.org/tips-and-advice/

Dear Webmail User,

Your mailbox has exceeded the allocated storage limit as set by the administrator, you may not be able to send or receive new mail until you upgrade your allocated quota.

To upgrade your quota, CLICK HERE to verify your email account.

Thank you for your anticipated cooperation.

System Administrator IT Helpdesk

Example 1: Most Common

EXAMPLE 2

Other Types of Phishing Emails

Anticipate that you may receive fake UPS, Fedex, Amazon, or other emails trying to get you to click on links or provide personal information. Simply delete these emails.

Also anticipate Holiday greetings, birthday messages, funny videos, or gossip headlines as ways which attackers will try to steal your information or send you to a malicious website. Delete all such suspicious messages.

Web Browsing

Visit trusted websites that are needed to conduct Pace University business.

What happens when visiting a malicious website? An attacker may be able to take full control of your computer, log all key strokes

including your username and password and all information you type, may be able to access all the information you are authorized to view, an attacker can impersonate you by sending messages from your account, they can access everything on your computer without you knowing

Aimless surfing to non-work related sites increases the chances that you will be compromised.

Although Antivirus software is an important tool, it is only 60%-75% effective in detecting malware.

What is PII?

Properly Handle Personally Identifiable Information (PII)

When there is a business process that requires the handling of PII, extreme care should be taken to protect the information.Examples of PII type information: Social security numbers Credit card numbers Bank account numbers Health information

Requirements for handling PII: Should only be accessed if there is a

business need to perform one’s job function through the authorized server/database

Should never be uploaded to a public web server

Pace PII should not be stored to cloud services, such as Dropbox

Data that is needed by the University should never be downloaded and stored on workstations, personal (home) computers, USB drives, mobile devices, or laptops.

Should be kept confidential and never shared with third parties or individuals not authorized to handle this data

Printed documents containing PII should be locked in a cabinet in a secure location - it must not be in plain sight or easily accessible

Data that does not need to be maintained by the University should never be stored

Questions?

Questions?

Suggestions?