Expanded PC Software Updates

Posted on July 20, 2022 by admin

ITSS will be providing a much larger catalog of software updates to campus PCs beginning in the coming weeks.

Improving and expanding software updates will reduce the risk unpatched software represents to campus systems.

ITSS will be using the Updates mechanism in the Software Center, the same system that delivers monthly system updates. It will contain many more titles, depending on what you have installed.

Because of the frequent changes to some software (Chrome, Firefox, Zoom, and others) we will be sending these updates out more frequently. In testing so far, almost all updates do not require a restart. Any updates requiring a restart will be delivered during monthly patches, when a restart is expected. A few of the updates will prompt you to close the program in order to succeed. When closing the program is required, the prompts can be deferred up to 5 times before the program is closed, and the updates install.

Duo, Security

Duo Enrollment for Employees and Students

Posted on March 25, 2021 by admin

Campus began deploying Multifactor Authentication with Duo in 2018, and today, more than 90% of employees are successfully using it to keep accounts secure and prevent loss of data. Over the next few weeks, the remaining employees and all students will be enrolled in Multifactor Authentication with Duo.

Duo Enforcement Date

April 6: All Remaining Employees

April 13–15: Current Students, last names A–K

April 20–22: Current Students, last names L–Z

Once your Duo enforcement date arrives, anyone not enrolled with Duo will be prompted to self-enroll your mobile device, and Duo authentication will be required the next time you authenticate to a Duo enforced campus system.

Security

LastPass Premium for Students

Posted on March 12, 2021 by admin

LastPass Premium is available to all CSU, Chico students. You can claim your free personal Premium LastPass Account.

LastPass is a simple, secure password manager. The easiest way to protect your information online is to have unique, strong passwords for every account, but it’s impossible to remember all of your unique credentials. LastPass provides a secure vault where you can save all your login information. You can save a site to LastPass with just a few clicks and LastPass will automatically fill in the credentials for you the next time you login to that site. LastPass can manage your account passwords on any platform or device: Windows, Mac, iOS, Android, and on the web.

Security, Software

Malwarebytes Enterprise

Posted on November 19, 2020 by admin

Malwarebytes Enterprise will replace ESET anti malware on all campus-managed Macintosh desktops. ESET will be removed from Macs by December 2020. This process will begin at 7:00 AM, Monday November 23rd.

This is a centrally managed version of Malwarebytes that will be automatically installed. No action is required on your part. The installation is different from the home version, and can’t be individually installed.

This is the first phase of a broader rollout to campus, including campus-managed PCs.

Security, Software

Flash EOL

Posted on November 17, 2020 by admin

The End Of Life (EOL) for Adobe Flash Player is December 31st 2020.

All remaining Flash Player installations on university computers will be removed by December 31. No further installations will be permitted, as per Adobe, and for the security of the campus.

If you have content that requires Flash Player to display, you must figure out an alternative method. See Adobe’s article at https://www.adobe.com/products/flashplayer/end-of-life.html for details.

Phishing, Security

Job Scam Emails

Posted on November 10, 2020 by admin

CSU, Chico students are often targeted with scams promising jobs. Students have been scammed out of money or had campus accounts compromised by job-related phishing scams. If an email or job offer sounds too good to be true it probably is. Most legitimate jobs do not require you to pay money or send personal information via email.

Do Not Respond to any job advertisement or offer that requires you to:

Give your credit card or bank account numbers or copies of personal documents.
Send payment by wire service or courier.
Deposit checks or transfer money into your bank account.
Receive or process a large check.

Don’t hesitate to check with ITSS if you are unsure about the authenticity of an email you’ve received. The Career Center can also help you determine if a job posting is a scam.

More information about information security and employment scams:

Example of a recent job scam email:

LastPass, Security

LastPass Premium

Posted on November 4, 2020 by admin

We’re excited to offer all current students the benefit of increased online security with a complimentary subscription of LastPass Premium, a simple, secure password manager.

81% of security breaches are caused by weak or reused passwords. The easiest way to protect your information online is to have unique, strong passwords for every account, but it’s impossible to remember all of your unique credentials. LastPass provides a secure vault where you can save all your login information. You can save a site to LastPass with just a few clicks and LastPass will automatically fill in the credentials for you the next time you login to that site. LastPass can manage your account passwords on any platform or device: Windows, Mac, iOS, Android, and on the web. Prior to registering for the free account, be sure to install the LastPass web browser extensions.

You will not be able to use your @mail.csuchico.edu email for the free premium account. If you already have a personal LastPass account using @mail.csuchico.edu email, you will need to change the email to a personal email before claiming the free premium account. The Premium subscription is valid while you are a current student. After that, you can pay for a premium account or the account can revert to a free account.

LastPass, Security

LastPass Password Management

Posted on October 22, 2020 by admin

81% of security breaches are caused by weak or reused passwords. The easiest way to protect your information online is to have unique, strong passwords for every account, but it’s impossible to remember all of your unique credentials. LastPass is a secure password manager that remembers your online account passwords so you don’t have to. You can save a site to LastPass with just a few clicks and LastPass will automatically fill in the credentials for you the next time you login to that site. LastPass can manage your account passwords on any platform or device: Windows, Mac, iOS, Android, and on the web.

LastPass Enterprise is now available to faculty and staff. To get started using LastPass request a LastPass enterprise account and install the LastPass browser extension using Software Center or Self Service for campus-managed computers.

Phishing, Security

Campus Spearfishing Attack

Posted on June 4, 2020 by admin

Over the past two weeks Chico State has been specifically targeted by people who have analyzed our org chart and are crafting email attacks based on that data by creating bogus @gmail accounts and then emailing spearphishing attacks “from” a manager to their staff.

If you reply to these emails they will ask you to purchase gift cards.

I will be having a busy day and I want to surprise some of the staffs with gift card. The type of card I need is steam wallet gift cards $100 denomination, I need $100 X 7 cards so that will be $700 i will be reimbursing back to you. You will purchase the cards from a nearby store to you, when you get the cards, Scratch out the back to reveal the card codes, take pictures of each cards and send it to me here. How soon

can you get that done? Its Urgent and I want you to keep the physical card safe with you cos I will get them from you later.

Once the scammer has the card codes they can take the money from the cards, even without physical access to the cards.

More information about phishing is available at https://www.csuchico.edu/isec/resources/avoid-threats/spam-phishing.shtml

Security

Internet Explorer Vulnerability

Posted on January 21, 2020 by admin

The Microsoft Internet Explorer web browser is vulnerable to attack as described at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200001. There is currently not a fix, and attacks are currently leveraging this vulnerability. We recommend not using Internet Explorer while this issue remains unaddressed.

Chrome and Firefox are available in the Software Center for campus managed PCs: https://support.csuchico.edu/TDClient/1984/Portal/KB/ArticleDet?ID=11735

Safari is installed on all Macs.

California State University, Chico – ITSS