Kansas State University

search

IT News

Category: Security

Duo, new IT security layer, has Jan. 29 enrollment deadline for faculty/staff Group 1

As President Myers announced last week, K-State is using a second layer of security called Duo for the university’s online applications and systems, in addition to eID/password sign-in.

K-State password + Duo (second-layer security) = Access

To facilitate implementation, faculty/staff have been assigned to Duo enrollment groups. Members of Group 1 will receive their enrollment email on Tuesday, Jan. 15, with an enrollment deadline Tuesday, Jan. 29.

For security reasons, group lists and enrollment timelines will not be made public. Continue reading “Duo, new IT security layer, has Jan. 29 enrollment deadline for faculty/staff Group 1”

Connecting to Windows Software Update Service (WSUS)

Make it easy to keep your computer safe with K-State’s Windows Software Update Service (WSUS), for K-State owned computers. WSUS deploys the latest Microsoft product updates to computers running Microsoft Windows. Computers connected to the WSUS server automatically receive critical/security patches. Windows 10 version updates (e.g. Creators Update 1703) will be released on a managed schedule and email communication will go out prior to each release.

K-Staters located on the Manhattan, Olathe, or Salina campus are encouraged to use WSUS on their university owned machines running Windows 10 Pro or Enterprise. See the K-State’s Windows Software Update Service (WSUS) knowledge base article for instructions on how to set up the service.

University PPM 3430 Security for Information, Computing and Network Resources requires the latest security patches available to be installed.

Contact your departmental IT support or the IT Help Desk (helpdesk@ksu.edu, phone: 532-7722) to determine what your department is doing to keep your computers up-to-date.

Dec. 13: Cybersecurity Awareness training final reminder

On Dec. 13, the final reminder will be sent to those who haven’t completed the Cybersecurity Awareness training. This annual training, required by state statute, introduces basic computer security concepts and good security practices and takes approximately 30 minutes to complete.

Each person receives a unique link for the training and the link shouldn’t be shared with others. Also, it is best to set enough time aside to complete the training in one setting. Some have run into problems when trying to return to complete a partially completed survey.

If you haven’t completed the training and you didn’t receive a reminder, check in the Junk folder and the Other folder (at the top of the inbox if using Outlook on the Web). If you still don’t see a reminder, contact the IT Help Desk (helpdesk@ksu.edu) and we will troubleshoot.

Once the training has been completed, it will be added to your training summary in HRIS.

Update your Zoom desktop client to avoid vulnerability

K-Staters need to ensure they are running the latest update of the Zoom desktop client to avoid a vulnerability that allows a remote attacker to take control of  meetings. This affects Zoom clients for MacOS, Linux, and Windows. Zoom has released an update for MacOS and Windows.

To update Zoom, open your Zoom desktop client and click Update Now when prompted.

Zoom update

See Tenable TechBlog’s article, Remotely Highjacking Zoom Clients, for more information regarding the vulnerability. If you have any questions, contact the IT Help Desk (helpdesk@ksu.edu or 785-532-7722).

Nov. 8: Cybersecurity Awareness training reminder

An email invitation for Cybersecurity Awareness training was sent to faculty and staff on Oct. 4. On Nov. 8, a reminder will be sent to those who haven’t completed the training.  This annual training, required by state statute, introduces basic computer security concepts and good security practices and takes approximately 30 minutes to complete.

 

Each person receives a unique link for the training and the link shouldn’t be shared with others. Also, it is best to set enough time aside to complete the training in one setting. Some have ran into problems when trying to return to complete a partially completed survey.

If you haven’t completed the training and you didn’t receive a reminder, check in the Junk folder and the Other folder (at the top of the inbox if using Outlook on the Web). If you still don’t see a reminder, contact the IT Help Desk (helpdesk@ksu.edu) and we will troubleshoot.

Once the training has been completed, it will be added to your training summary in HRIS.

Join ITS for a discussion on “Dark Tales of the Net” on Oct. 31, Union Big 12 room

As part of Cybersecurity Awareness Month, ITS is hosting a discussion, Dark Tales from the Net from noon-1 p.m., Oct. 31 in the K-State Student Union Big 12 room. Free food will be served while supplies last. Chad Currier will be kicking off the discussion.

Have you ever had any of your accounts compromised (eID/password stolen, social media account hacked, banking information stolen, etc.)? Have you ever had a breakup and your ex had access to all your accounts or other private information about you? If so, come and share your experiences with us or just come and listen to the experiences of others.

 

Our shared responsibility to ensure online safety at work

The lines between our work and daily lives are becoming increasingly blurred, and it is more important than ever to be certain that smart cybersecurity practices carry over between the two. Online security is a shared responsibility.

Online security is a shared responsibilty

Here are some tips that can make you safer and more secure at work and at home:

  • Keep a clean machine. Having the latest security software, web browser, apps and operating system is the best defense against viruses, malware and other online threats. Remember, mobile phones, point of sale systems and tablets need updating too!
  • Lock down your login. Enable the strongest authentication tools available for your online business accounts, such as biometrics or a unique one-time code through an app on your mobile device. This security feature is also available on personal accounts such as email, bank and social media.
  • Back It Up. Put in place a system – either in the cloud or via separate hard drive storage – that makes electronic copies of the vital business information on a regular basis. At home, make regular backups of all your important docs, files and photos.
  • Bring Your Own Device (BYOD). Now more than ever, employees are using their personal smart devices – such as PCs and smartphones – for work purposes. It’s important to consider where sensitive company, customer and/or employee data is being accessed and implement
    a policy to BYOD use.
  • When in Doubt, Throw it Out. Whether at work or in their personal lives, employees should know not to open suspicious links in email, tweets, posts, online ads, messages or attachments – even if they know the source.
  • Cybersecurity in the Workplace is Everyone’s Business. It’s not just the job of IT staff or business owner to ensure online safety at work. Creating a culture of cybersecurity includes ALL employees knowing how to protect themselves and the organization and understanding the cyber risks as the business grows or adds new
    technologies or functions.

Cybersecurity awareness training delivered to your mailbox on Oct. 4

K-State faculty and staff must complete Cybersecurity Awareness training by Dec. 31. You will receive an email with a link to the online training on Thurs., Oct. 4. If you use Outlook on the Web and you don’t see the training invitation in your Focused inbox, check your Other folder.

Cybersecurity awareness training is an important part of K-State’s strategy to protect our information systems and data. “We ALL have a responsibility to protect the information assets entrusted to us. Everyone at K-State serves a critical role in protecting K-State data”, said Chad Currier, K-State’s chief information security officer.

Everyone at K-State serves a critical role in protecting K-State data

This training, required by state statute, introduces basic computer security concepts and good security practices and takes approximately 30 minutes to complete.

Once you complete the training, your personnel record in HRIS will be updated. It will be listed under the Training Summary as Cybersecurity Awareness 2018, with the course code WIT590.

If you have questions about the security awareness training, contact the IT Help Desk at helpdesk@k-state.edu or 532-7722.

Fall 2018 Shred Day is October 24

Shred Day is scheduled 8:30-11 a.m. Wed, Oct. 24, to properly dispose of university paper records on the Manhattan and Salina campuses. Please review the university retention schedule to ensure accuracy in sending records for destruction. Further policy information governing records management includes the university’s records retention policy, PPM Chapter 3090.

Examples of documents for shredding (pending compliance with applicable retention schedules) include: Scantron forms; greenbar grade sheets; rosters printed from K-State Online, KSIS, SIS, etc.; papers with personal identity information; data with credit card information; personnel files; and more. Papers can be left in ring binders, spiral bound notebooks, file folders and hanging file folders for shredding.  All paper must be dry. Continue reading “Fall 2018 Shred Day is October 24”