OIT News – April 2012

OIT News
Monthly news briefs, information and announcements
Office of Information Technology, NC State University
Issue 54, April 2012
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Follow OIT on Twitter @NCStateOIT
For up-to-the minute reports on OIT systems, see SysNews
For help with computing problems, contact the NC State Help Desk
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

01: Human Resources System 9.1 upgrade targeted for Oct. 1

02: Avoid the spam filter: Tips for successful bulk mailing
03: Security access certification for Human Resources and Financial systems due May 14
04: New IT Governance committee meetings underway
05: ICT Accessibility Regulation FAQs available
06: University IT Accessibility Services releases Google Apps guidelines
07: Access Gartner Group services on new website
08: OIT permanently blocks access to remote desktop service port tcp/338
09: SAS 9.3 and JMP 10 are now available for download

10: Google Apps @ NC State training offered
11: SAR training scheduled for May 1
12: OIT investigates Flashback botnet on campus computers

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
01: Human Resources System 9.1 upgrade targeted for Oct. 1
In just a few months, university employees will see a new, improved Human Resources System. On Oct. 1, Human Resources and OIT Enterprise Application Systems (EAS) will upgrade the current system to version 9.1, which will maintain vendor support from Oracle and guarantee the university receipt of important tax and regulatory updates.

HR System version 9.1 will offer a new workflow-driven employee hiring process to help the new employee and administrators navigate and complete the required steps. The MyPack Portal will also offer some new self-service features, including the addition of multiple account options for direct deposit of paychecks, and paycheck statement printing enhancements. More details on changes will be provided in future updates.

The new 9.1 production environment will be available on Monday, Oct. 1. The HR 8.9 production environment will not be available for several days preceding the go-live; however, campus will have access to the reporting environment. For additional information, visit the Human Resources Information Management website.

Back to top

02: Avoid the spam filter: Tips for successful bulk mailing
Do you distribute newsletters, announcements or surveys via email to a large campus population? Unbeknownst to you, and possibly to your intended audience, your messages may be getting caught in a spam filter like Postini.

Join Twanda Baker, Andrew Barnes and Tim Lowman of the Office of Information Technology to learn how to avoid the common pitfalls of sending bulk email and become more efficient at getting your email to its destination. Informational sessions on successful bulk mailing will be held on Thursday, April 26 from 1:30 p.m. to 2:45 p.m. and on Friday, May 18 from 9 a.m. to 10:15 a.m. Both sessions will be held in Room 106 of the Avent Ferry Technology Center. To register, visit Classmate.

Back to top 

03: Security access certification for Human Resources and Financial systems due May 14
The OIT Security and Compliance unit is requesting campus deans and vice chancellors review and certify their staffs’ access to the Human Resources and Financial systems by Monday, May 14.

The University Data Management Procedures require that each dean and vice chancellor review semi-annually (usually in April and October) their staff’s security access to university computer systems and that their staff’s security profiles be certified on an annual basis.

To review staff’s security access to the Human Resources and the Financial systems, access the Web Security Reports directly or use the MyPack Portal. In the Portal, select the For Faculty and Staff tab, Security Access – SAR and then Security Reports. The Security Reports now show both active and inactive employees who are currently assigned to a specific department and have access to the system. A second report, the Web Security Exception Report (available to division level approvers only), displays individuals who have security access to department data but are no longer in the department due to a transfer or termination.

The certification form should be completed and returned to OIT Security and Compliance by Monday, May 14. If you have any questions or concerns, please contact the NC State Help Desk at help@ncsu.edu or 515-HELP (4357).

Back to top

04: New IT Governance committee meetings underway
The Information Technology Strategic Advisory Committee (ITSAC) held its first meeting on March 26. A business-focused committee of the new IT Governance at NC State structure, the ITSAC advises the vice chancellor of information technology and chief information officer on matters of policy, funding and business applications.

The ITSAC contains members representing the following areas: Human Resources, Financial Activities and Accounting, University Treasurer, Provost’s Office/Enrollment Management, Graduate, Research, Libraries, University Advancement, Deans’ Council, Associate Deans for Academic Affairs, Associate Deans for Research, Business Operations, Campus IT Directors, Audit, and the Office of General Council. The names of these representatives can be found on the ITSAC Team page.

The introductory meeting provided background information on the committee’s origin and a review of the Information Technology Governance structure at NC State. ITSAC members also discussed the committee’s charge, its current membership, and topics to cover in upcoming meetings. Meetings will be held on a monthly basis, and agendas and approved minutes will be posted on the ITSAC Meetings page. More information about the committee’s focus, scope, membership and structure can be found on its Charter page.

The Campus IT Directors Committee, the Enterprise Applications Subcommittee and the Security and Compliance Subcommittee have also met. More information about each committee or subcommittee’s meetings can be found on their respective operational pages.

Back to top

05: ICT  Accessibility Regulation FAQs available
The IT Accessibility Committee, in conjunction with the Office of Information Technology and the Office of General Counsel, has released a set of frequently asked questions for the revised Information and Communication Technology (ICT) Accessibility Regulation. These FAQs give guidance in understanding accessibility laws and policies, accessible content, procurement practices, and emerging technologies. Questions about the FAQs should be directed to Greg Kraus, university IT accessibility coordinator, at greg_kraus@ncsu.edu.

Back to top

06: University IT Accessibility Services releases Google Apps guidelines
To ensure all campus users can fully participate in university educational services, programs and activities, University IT Accessibility Services has made available accessibility guidelines for the use of Google Apps @ NC State suite of collaboration tools. These guidelines provide helpful tips on how to share content within a diverse population. Questions about accessibility and the use of Google Apps should be directed to Greg Kraus, university IT accessibility coordinator, at greg_kraus@ncsu.edu.

Back to top

07: Access Gartner Group services on new website
Do you want easy access to the latest technology information? With a Unity ID and password, you can access IT-related research, news analysis and trends from Gartner Inc.’s new Web location. You can also use this advisory firm to find research for assignments, discover an area of interest, or even get ideas on careers. Simply log in to Gartner with your Unity ID and password and then click on the Gartner Research link. The new Web link to Gartner is also provided under For Faculty & Staff – Computing in the MyPack Portal. The server hosting the former website was recently retired.

Back to top

 

08: OIT permanently blocks access to remote desktop service port tcp/3389
To prevent unauthorized access to campus computers, OIT Security and Compliance has permanently blocked remote desktop access to service port tcp/3389. A short-term block was put into effect recently to address a critical vulnerability in Microsoft Remote Desktop Service that allowed a hacker remote administrator access to an unpatched machine.

The permanent block will protect campus users from compromised accounts and lockouts resulting from the brute force password attacks that occurred recently on campus.

Campus users who need to use the remote desktop service from off-campus should connect via NC State’s Virtual Private Networking (VPN) service. The university’s Virtual Computer Lab (VCL) environment is exempted from this block due to compensating controls that have been implemented. For more information, see the initial SysNews post or the OIT News Release.

Back to top

09: SAS 9.3 and JMP 10 are now available for download
OIT is pleased to announce that SAS 9.3 and JMP 10 are now available for download.
Campus users can download SAS 9.3 for Windows and Linux in both 32 and 64 bit formats. JMP 10 is available for download for Windows and Macintosh. To download the newest versions of SAS and JMP and to acquire licensing, please visit the Software@NC State website.

Back to top

10: Google Apps @ NC State training offered
OIT is conducting the following Google Apps @ NC State training sessions this month:

  • “Beyond the Basics: Google Calendar” will be offered on Thursday, April 26 from 9 a.m. to 11 a.m. in Room 110 of the Avent Ferry Technology Center. This hands-on workshop will focus on more intermediate features of Google Calendar, including appointment slots, event attachments, maps and directions, calendar features, labs features, quick add, search options, mobile notifications, and more. For more information and to register, visit Classmate.
  • “Create and Collaborate with Google Docs” will be offered on Thursday, April 26 from 10 a.m. to 11:30 a.m. in Room 112 of the Avent Ferry Technology Center. Learn how to create, import or build a collection of Google Docs (Web-based documents). During this demonstration, you’ll also learn how to use Docs in a collaborative environment – simultaneously editing the same file/doc with your colleagues and friends – as well as get tips on how to secure your docs by implementing the proper file sharing permissions. For more information and to register, visit Classmate.

Customized training on Google Apps at NC State is also available to groups of faculty and staff. Please submit training requests via the OIT Custom Training Form.

Back to top

11: SAR training scheduled for May 1
Monthly Security Access Request (SAR) training for campus requestors and approvers of access to secured university data will be held on Tuesday, May 1 from 9:30 a.m. to noon in ITTC Lab 2 of D.H. Hill Library. Please visit Classmate to view available classes and to sign up for training.

Back to top

12: OIT investigates Flashback botnet on campus computers
When Russian antivirus company Dr. Web announced recently that it had found a botnet with more than 600,000 Apple computers in it, OIT Security and Compliance began tracking campus computers that were connecting to the Flashback botnet. A botnet is a collection of compromised computers controlled from a single source to send spam, execute denial of service attacks and commit click fraud. This botnet is not the largest ever, but is the biggest ever comprising of mostly Apple computers.

OIT Security and Compliance has determined that more than 460 Mac users on campus have visited malicious Web pages that spread the Flashback Trojan and that at least 200 user machines have been infected. The numbers could have been higher, but it seems the malware doesn’t install if the user has Skype or MS Office installed. It will, however, install if the user enters an administrator password when prompted by the Trojan. The Flashback Trojan is also spreading to Apple computers via a Java exploit. To prevent infection, Mac users should install the Java patches from Apple using the Software Update option under the Apple menu of the Mac computer.

OIT Information Security Services will continue to track the Flashback botnet activity on campus and will notify affected campus users.  If you would like to check your Mac for the Flashback Trojan, run the FlashbackCheckerApp, which can both detect and remove the Flashback Trojan.

Back to top

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about OIT News:
OIT News is an electronic news bulletin published monthly
Office of Information Technology
Box 7109
North Carolina State University, Raleigh, North Carolina 27695-7109
http://go.ncsu.edu/oit
 

To subscribe or cancel your subscription online, go to http://go.ncsu.edu/subscribe-oitnews

To subscribe by email, send the following message to mj2@lists.ncsu.edu:

subscribe oitnews

To unsubscribe by email, send the following message to mj2@lists.ncsu.edu:

unsubscribe oitnews

(These messages should be sent to mj2@lists.ncsu.edu, not to the OIT News list itself.)


For help with computing at NC State, visit the
NC State Help Desk website, phone 515-HELP (4357), or visit Room 101, West Dunn Building.

Send your comments or suggestions about OIT News to Rhonda Greene, OIT Information and News Services, at rhonda_greene@ncsu.edu.