CIS Blog

Brown Wireless Network Access

Richard A. Lawson — Tue, 18 Jun 2013 18:32:39 +0000

We are aware of a problem with Wireless Access and are working to identify and resolve the issue. Between 2:10 and 2:25 pm there were brief wireless outages at various locations throughout campus. Functionality that may be impacted by this problem includes: connection to the Brown wireless network.

Resolved: Wowza Audio and Video Streaming not accessible at this time

dmbello@brown.edu — Mon, 17 Jun 2013 20:11:36 +0000

Update: 6/17 7:55pm – RESOLVED

We are aware of a problem with Wowza Audio & Video Streaming and are working to identify and resolve the issue. This includes playback of Echo 360 captures. Functionality that may be impacted by this problem includes: access to and use of audio and video streaming.

We will be posting all updates, including the resolution of the problem, on the CIS blog at http://blogs.brown.edu/cis – please check the blog regularly for updates.

If you experience problems other than the ones mentioned above, or problems with another service, please report them to the Help Desk at (401) 863-4357. We apologize for any inconvenience this may cause.

Thank you for your patience,
Computing and Information Services

Resolved: Issue with Echo360 video streaming and campus video streaming services

dmbello@brown.edu — Mon, 17 Jun 2013 19:34:59 +0000

Update: 6/17 7:55pm – RESOLVED

We are aware of a problem with Lecture Capture – Echo 360 and are working to identify and resolve the issue. Functionality that may be impacted by this problem includes: instructor recording of lecture audio, video and/or PowerPoint or other computer program display outputs.

We will be posting all updates, including the resolution of the problem, on the CIS blog at http://blogs.brown.edu/cis – please check the blog regularly for updates.

Thank you for your patience,
Computing and Information Services

“Resource 25 Access Restored” email message

jasdeep b. — Tue, 11 Jun 2013 18:58:52 +0000

If you received an email regarding Resource 25, it was sent in error. You can disregard the email.
It is not spam and/or a phishing attempt, and will not harm your computer. Simply delete the email.

Please accept our apologies,
Computing and Information Services

Google Tip: Forms Update

sobodda@brown.edu — Tue, 11 Jun 2013 18:21:31 +0000

Google Forms recently updated to be more consistent with other Google Drive document types. Two helpful new features are auto save and real-time collaboration. The new format is fairly intuitive, but you should be aware of one major change – form responses do not get collected in a spreadsheet by default.

To indicate that you would like to collect responses in a spreadsheet, click the “Choose response destination” button at the top while editing the form.

Next, you will be prompted to name the spreadsheet in which the responses will be collected. You will also see an option to always create new spreadsheets for forms.

More information about response destinations
More information about the recent updates to Google Forms

KeyServer to a new host

Bobby Sengchanthavong — Mon, 10 Jun 2013 18:54:42 +0000

UPDATE: 6.13.20.13 : The KeyServer migration planned for Thursday (6-13-13) has been reschedule for Friday (6-14-13). See posting from Monday (6-10-13) for further details.

On Thursday 6/13/2013 we will be migrating the KeyServer to a new host which will also involve upgrading the shadow/backup servers after the primary server is complete. This migration will start at 6am and should be complete by 9am. Please do not install or update any clients during this time since the process will fail if the primary server is off-line. Shadow/Backup servers should handle any requests for license keys during this period for existing clients.

Thank you for your patience,
Computing and Information Services

Phishing Alert: Notice from IRS

pfalcon — Thu, 06 Jun 2013 15:47:42 +0000

ISG and the Help Desk have received multiple reports of a phishing email supposedly from the IRS asking you to update your information due to an upgrade of its servers. While it is obviously a phishing attempt, the incident is a good reminder to stay vigilant as emails like these arrive from a variety of senders (some from compromised Brown addresses) with different messages, but generally all with the same purpose: to convince you to give up personal information or direct you to a site where your account may be compromised.

If you received this email (example below) and have not already deleted it, please report it as phishing (in the email click on the down arrow to the right of the REPLY button and select “Report phishing”) to send that message to the GMail Team for analysis and filtering. Read more about how to spot a phish.

———- SAMPLE EMAIL ———-
From: IRS.gov*
Date: Wed, Jun 5, 2013 at 3:38 PM
Subject: ***NOTICE: Re-Validate your IRS Information NOW.
To:

This is to inform you that the IRS is upgrading its servers and we would like you to update your IRS information with the current and correct information by clicking on the link below and inputting the correct information.

To Re-Validate- < Click Here >
Make sure you fill the correct data to update your current IRS filing status.
NOTE: That Failure to comply may result in the loss of your information from the IRS Master File within the next 48 hours.

Signed,
Director, Office of Privacy,Governmental Liaison and Disclosure
Internal Revenue Service
Room 7050 OS:P
1111 Constitution Ave. NW
Washington, DC 20224

Unencrypted Connection Error

sobodda@brown.edu — Mon, 03 Jun 2013 15:44:50 +0000

When logging into some restricted Brown websites, you might see a pop-up with the following error: “Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.”

This error may appear on some Brown websites which use Shibboleth, Brown’s newer method of controlling access to a web page. As web owners across the University convert websites to Shibboleth, website visitors may see this error more often because Shibboleth requires that the web pages be secure, i.e., https:// instead of http://. Therefore, old links or bookmarks to the http:// (instead of https://) address of a website will now cause this error to appear.

If you are simply viewing a page, there is no need to worry about this error. However, if you see it on a page on which you are submitting sensitive and/or personal information, you should contact the website owner. If you are the owner of a Brown website and visitors are seeing this message on your site, you can contact the CIS Help Desk for a fix which prevents the message from appearing.

RESOLVED: CIS Service Alert: Listserv, 6/02 3:27 PM

sdillon@brown.edu — Sun, 02 Jun 2013 19:37:54 +0000

We are aware of a problem with Listserv and are working to identify and resolve the issue. Functionality that may be impacted by this problem includes: sending mail to a Listserv, managing membership of a Listserv – bulk e-mail service for community and course announcement lists is NOT affected.

We will be posting all updates, including the resolution of the problem, on the CIS blog at http://blogs.brown.edu/cis – please check the blog regularly for updates.

CISO Memo: Broadening Connections & Multiple Hats

pfalcon — Thu, 30 May 2013 12:50:37 +0000

Many people have asked me recently about how information security is evolving. More and more CISOs now have a broader, risk-based focus on information protection, and many have privacy and compliance responsibilities as well. This rapid maturation is both welcome and daunting for security pros, and as a result we look to the larger community for support, guidance and networking. I’d like to share with you some of the connections that I have through Brown.

Security professionals are very willing to engage in information sharing, all for the betterment of our profession and our institutions. I have the luxury of have three distinct security groups that I can go to for information, including our Ivy+ community, the New England Higher Ed Security Officers Forum, and a wider group from throughout the northeast known as the Northern Crossroads. More broadly, I also participate in EDUCAUSE working groups, as well as the yearly Security Professionals Conference. This conference is the go-to event for me, as it is specifically for higher education, and great in content, solution providers and networking.

There are also external groups that provide great value to me and Brown. These include industry groups such as the ISC2, ISACA and ISSA, as well as organizations such as the Cloud Security Alliance and FBI-InfraGard.

Why am I sharing this? To let you know that Brown desires to stay on top of security, privacy and compliance issues, and for me to glean this all on my own would be impossible. Higher ed is a sharing and open community, and because of this, we are all in a better state of security.

This is impacting my role here at Brown as well, which I’ve written about in past articles. For my recent viewpoint on the changing role of a CISO, see my article at TechTarget Security called “From No Seat to Multiple Hats”.

As always, I welcome your comments and feedback. Please feel free to reach out to me directly at david_sherry@brown.edu, or the group at ISG@brown.edu. Let me know how we are doing, areas of concern you may have, or questions on protecting your identity or personal computing security. And remember, sec_rity is not complete without U!