- Submit a Ticket
- New Account Request
- Remove Account Request
- Purchase Request
- Equipment Checkout
- Computer Deployment
- Door Access Request
- Lost / Stolen Access Device
- Vendor / Contractor Access
Security Tips & Training
Reputable sources of information:
There are many technology departments on campus and NDUS, it is important for staff be able to identify them as a reputable source of information.
- Administrative Services Technology: Provides technology support to the Student Affairs and Finance & Operations divisions.
- Center for Instructional & Learning Technologies (CILT): Provides user support to campus for core services such as BlackBoard, Campus Connections, password changes and other services that are available to the University.
- UND Tech Support: Provides a variety of technical support to students, faculty and staff include outage notifications and other information.
- Core Technology Services (CTS): NDUS technology department that provides enterprise applications for campuses. Dr. Lisa Feldner, NDUS Vice Chancellor of Institutional Research and Information Technology sends important security and technology related information to UND by email to the community.
- College specific technology support (such as AS Tech, Nursing Tech Support, etc) may provide information to their users.
Creating a secure password you can remember:
- Names of family members or other words that can be easy for someone to figure out in your password is not secure
- Never share your password with anyone
- Do not write your password down. If you must write it down, put it in a very secure location that others do not have access to (not on your desk)
- Use a few words and numbers combined and then change the first or last couple of number/letters for different sites you visit
- For example you may use Paper32Info as your standard password but then come up with a system to add characters to the end to identify the site such as Paper32InfoCha$e (for chase bank) or Paper32InfoWork (for your work password)
- Set a short phase such as a goal, for example Walk20daily! As you have to change your password (every 90 days) you can have new goals or increase the current goal
Please do not use the passwords in the examples.
Use of network drives:
Network drives (S & P) are provided to ensure that documents are backed up and can be restored in case of emergency/loss. The S drive is provided for shared work documents within your department and the P drive is for private work documents. Confidential information should be stored on P and work documents that others in the department need access to should be stored on S. If you have documents that only some people in your department need to access, folders can be setup to accommodate those needs.
C drive folders:
C drive folders such as "my documents" and "my desktop" are not backed up and items stored on the C drive may be lost if there is a hardware failure with the computer. We do not recommend storing work documents on the C drive.
What is IDM:
IdM stands for identity management and is one way that campus has to identify a user and attach their rights to multiple systems.
IdM accounts at UND are used for various systems, including:
- Campus Connection
- Employee Self Service
- Computer login
- SafeConnect Authentication
- Underground.und.edu website for buying and selling items
- Many web applciations run by Administrative Services Technology
- Wellness Fusion
NOTE: IdM accounts are NOT used for campus email, that password is not the same unless you change it to be the same.
To manage your password you can access it though this site http://und.edu/tech-support/claim.cfm I recommend going to this site and select "change my password" to setup authentication questions which will allow you to recover your password if you forget it, this could save you time in the future as we begin to change passwords every 90 days.
When do I shutdown my computer:
Administrative Services Technology recommends:
- If you have a box that is requesting you to restart your computer (such as from windows updates), restart your computer at the end of your shift but no later than 24 hours after the pop-up. These restarts are critical because once products such as windows updates finish, the patches are not applied until after you restart.
- Shutdown your computer daily because it is more secure, no one can access your computer maliciously if it is not turned on. Plus it saves power
- If you cannot shutdown daily you should restart weekly (at a minimum, preferable nightly).
- We will send you an email if you need to leave your computer on for any maintenance we may do overnight.
Phishing (pronounced fishing) scams are created to trick users into providing information that will allow the person that created the scam (the thief) to steal your personal information such as usernames, passwords, credit card numbers, or other sensitive information.
Phishing emails appear to come from a legitimate source such as your bank, university, or a store and the email appears to be from that source, however, links in the email will send you to a website that will ask you to enter your information such as username or password, credit card or checking account information so that they can obtain that information.
A good example of a phishing scam is from recent news. From WDAY.com an "email asked employees to click on a link and verify their information for payroll distribution, and eight employees responded...unfortunately, those employees' paychecks were then redirected to the scammer's account. They reported the incidents, which were then reported to authorities."
If you receive an email from someone (even from a source you trust) and they are asking you to log-in or provide sensitive information, never click on the link, go directly to the site that you know that you use for them on a regular basis. If you receive an email and believe it is a scam don't click the link, just delete the email. There is no danger to your information unless you clicked the link.
Having work email on devices other than your computer at your desk can be convenient but it can also carry some risks for you and for the University. Mobile devices are great, however, security is often not considered for applications and information on them. Smart phones often are not secured with a password to access them which means that if someone has physical access to your phone they have access to your email and all of the information on it. The information in your email may contain student data that is confidential and should not be accessible to others.
Another consideration for having email on your personal devices is the risk of getting a virus is greater because often those devices are used for surfing the internet more and for downloading and installing applications. Before installing email on your personal device who uses the device? who has the password? are your kids playing games? surfing the internet? do people install software and download items on it? all of these items cause risk and will make a device less secure.
Email is accessible two ways, one from installing an email client and also through a web browser. The web browser is the most secure way to access email and can be found at http://mail.office365.com/ (you can verify this link by going to the A-Z Index on the und website).
If you are installing the client, please ensure that the device is password protected and used in a secure manner. If you lose a device that has the outlook client installed on it for your work email, you should contact the support desk at 777-3954 immediately, we would need to take action to secure your account and prepare for any breach of information that may have occurred.
The next few weeks will concentrate on the risk of viruses and malware and in how to reduce your risk of getting one and protecting the sensitive information that you access on your computer.
The first step is to understand some of the common terms used.
"Malware" is a term for any software that gets installed on your machine and performs unwanted tasks, often for some third party's benefit. Malware programs can range from being simple annoyances (pop-up advertising) to causing serious computer invasion and damage (e.g., stealing passwords and data or infecting other machines on the network). Additionally, some malware programs are designed to transmit information about your Web-browsing habits to advertisers or other third party interests, unbeknownst to you.
Some categories of malware are:
- Virus - Software that can replicate itself and spread to other computers or are programmed to damage a computer by deleting files, reformatting the hard disk, or using up computer memory.
- Adware - Software that is financially supported (or financially supports another program) by displaying ads when you're connected to the Internet.
- Spyware - Software that surreptitiously gathers information and transmits it to interested parties. Types of information that is gathered includes the Websites visited, browser and system information, and your computer IP address.
- Browser hijacking software - Advertising software that modifies your browser settings (e.g., default home page, search bars, toolbars), creates desktop shortcuts, and displays intermittent advertising pop-ups. Once a browser is hijacked, the software may also redirect links to other sites that advertise, or sites that collect Web usage information.
Retrieved from: https://ist.mit.edu/security/malware
If you receive a pop-up while browsing the internet that states that your computer may be infected with a virus contact AS Technology immediately and do not click anything. If AS Technology is not available, please shutdown your computer by holding in the power button until it is off. These pop-ups are usually the virus and if you click on anything (even the x) you may become infected.
If you receive other pop-up’s, ensure that you understand what they are asking prior to clicking on any buttons.
Don’t allow programs/website to install software or add-ons to your computer, even adding software to edit photos can infect your computer.