Published today, how do I forward my VoIP phone if I am already working remotely?
News
Addressing HonorLock Privacy and Security Concerns
In light of moving classes online, a number of students have expressed their concerns about HonorLock’s terms of service and privacy policy. Honorlock is a tool that UF has enabled that records an exam session while allowing students to test at their convenience.
We’ve reached out to the Office of Distance Learning with your concerns and they have responded with the below statement. Any other questions should be directed to the Office of Distance Learning.
Dear Students,
My office understands and certainly appreciates the concerns you have expressed with regard to privacy and information security. Please be assured UF’s solution provider and partner in ensuring academic integrity – Honorlock – has passed a privacy and security evaluation by UF Risk Management and is held to all applicable FERPA (Family Educational Rights and Privacy Act) and GDPR (General Data Protection Regulation) requirements. I invite you to find these assurances detailed in the attached Honorlock Student Privacy and Honorlock GDPR documents and encourage you to share this information with anyone else who has similar concerns.
Additionally, here are some common privacy-related questions we have received from UF students in the past, along with responses from Honorlock:
- Student concern: Honorlock does not stop monitoring your screen activity once your proctoring session is over and this makes me feel uneasy.
Honorlock practice: As for recording/capturing, information after the exam is submitted, Honorlock is not capturing any data after the exam is submitted, only when the exam is in process. The student can also remove the extension right after the exam is submitted if they feel more comfortable.
- Student concern: The extension also has the power to censor your search results and even your right click function, regardless of whether or not you are taking a test.
Honorlock practice: We are not censoring the student’s search engine results; we are simply pushing back exam content by placing our websites on the first page of the search engines and by filing DMCA takedown requests to remove leaked exam content. These functions are not performed by the Chrome Extension and do not capture any data from the student.
- Student concern: Online reviews also mention that the extension even has the power to control other devices on the same internet connection.
Honorlock practice: Honorlock has no access to other devices in the network; it simply interacts with the student’s browser and the only page it interacts with is Canvas.
Again, I can assure you as a function UF’s service agreement with Honorlock, they are beholden to FERPA, 20 U.S.C. Section 1232g of Federal Code related to the kind of privacy issues you have brought to our attention.
Please let me know if I may provide any more clarification or if you have more questions. Feel free to give me a phone call to discuss this, if you wish. We are here to support and assist you while ensuring the academic integrity of the University is upheld.
Again, your concerns are important to us and we appreciate your understanding in this matter.
Brian
Adobe Changes to Single-Sign-On (SSO)
Adobe announced a week or two ago free licensing to students because of the impacts that COVID-19 is having on schools and universities. UFIT has been working to bring that to campus. On Friday, March 20th, it was enabled. Student’s are able to use UF’s federated identity (the GatorLink) for authentication to adobe.com. This allows adobe.com to verify eligibility.
This change is now also impacting UF people that are participating in the UF enterprise-wide licenses for Adobe Acrobat or Creative Cloud. When starting an Adobe application you may see a Time has run out! popup saying that your subscription has expired.
Emails by Adobe were sent Monday, March 23rd, about migrating content from a personal ID (the Adobe ID’s we were previously using that are associated with the UF Enterprise license) to a federated ID. Software Licensing Services is also sending emails to all individuals with a UF purchased license with instructions.
These instructions are available at https://software.ufl.edu/adobe-changes and are basically:
- Close the popup if it happens
- Logout of the existing Adobe ID
- Login with your federated, single-sign-on ID (your Gatorlink@ufl.edu address).
Since most Enterprise users do not have data saved in the Adobe Cloud, migration of content from the ‘personal’ account to the ‘federated’ account as described in the email from Adobe is not really needed. However, if in doubt, choose to migrate your content.
To avoid issues, it is our recommendation to only do this if you are having issues with your Adobe product’s registration. Adobe’s internal processes do move slowly and it seems to be impacting users at different times.
Having Problems with MFA when logging into the VPN?
Some people are having issues trying to answer their multi-factor authentication check when signing into the UF VPN. This results in the signin timing out and not properly connecting. If that’s happening to you, we have the solution. Check the newest KB article:
Cellular Internet Access
As we have transitioned to working at home, one of the challenges that keeps getting reported is lack of Internet access (especially in rural areas). Here are two possibilities to help bridge the gap:
Cellular WiFi Hotspots.
Both AT&T and Verizon have cellular hotspot contracts with UF. The price is approximately $40/month (Verizon provides the necessary hardware for free and AT&T charges ~$150). Unfortunately, both providers are currently back-ordered.
Contact info:
| Company | UF Sales Rep | Phone | |
|---|---|---|---|
| AT&T | Joe Pazzelli | jp5031@att.com | (407) 403-2334 |
| Verizon | John Ivey | john.ivey@verizonwireless.com | (904) 891-5884 |
More information on these contracts can be found on the UF Procurement website at https://procurement.ufl.edu/contracts/cell-phones-and-wireless-communication-devices/
Cellular Tethering
Cellular tethering involves turning your existing smartphone into a WiFi hotspot. Currently many major carriers (AT&T, Sprint, T-Mobile, and Verizon) are already suspending data caps on cell phone usage for the next 60 days. You may be able to addon to your contract cellular tethering or hotspot capabilities. However, due to the large differences in cell phones and carriers you will need to work with your respective cellular provider to take advantage of this function.
IT Support in this Work-At-Home World
In accordance with the guidance from the University President and our Dean, all Engineering IT Support Offices are transitioning to remote support. IT workers will begin work-at-home starting Thursday, March 19th. You can continue to receive support from your IT office by submitting tickets through your unit’s website or support email address as documented at https://www.it.eng.ufl.edu/contacts.
Support tickets are the preferred method to insure requests are properly tracked during this time.
If you don’t know where to submit a ticket you can use the Engineering IT Support website’s “Enter a Ticket” page (https://www.it.eng.ufl.edu/support/enter-a-ticket/) and we will route your request to the most appropriate location.
We have also increased documentation within the Engineering IT Support’s knowledgebase and have created our own “Working Remotely” page to help inform the College about useful tools, information, and tips/tricks for working remotely. If you have a question or see something missing, please let us know and we can add it here to share across the Herbert Wertheim College of Engineering. These pages will be updated continuously through this period so check back periodically for new information.
Please bear with us during this incredibly disruptive and unprecedented time as we adjust to continue to help you accomplish the mission of the University. I thank you in advance for your patience and understanding and look forward to when we can get back to assisting you in our normal, day-to-day methods.
-Shawn Lander, HWCOE IT Director
External Email Banner
As of today, some of your email might look a little different. UFIT has implemented a banner to all emails originating from off-campus. The banner, which will be prepended to the body of the email, reminds people to be suspicious before following any link, or opening any attachment, they receive in email.
Although this banner will only be attached to emails originating from off-campus mail services, please remember that you should always use caution before opening any link or attachment you receive in email, no matter where it came from. The vast majority of phishing emails we receive at this time are from compromised UF accounts. As a result, they will not have this banner applied.
The banner serves as an extra layer of awareness for faculty, students, and staff to be vigilant when opening external emails and attachments. It will not be added to email originating from UF, Shands, and Shands-Jax email systems. UFIT is also preemptively whitelisting incoming email from organizations with established business relationships supporting the academic, research, and health/outreach mission of the university. Additional exemptions for official business email will be considered. Anyone with questions about the external email banner or the instructions for requesting an exemption may contact their unit IT or the UF Computing Help Desk.
References:
https://news.it.ufl.edu/infrastructure/additional-safeguard-external-email-banner-for-uf-email (UFIT News article expired and was removed October 2022)
https://it.clas.ufl.edu/article/external-email-banners/
Protecting Against Zoom Exploit Hijacking Webcams on MacOS
A current flaw in the Zoom app for Mac allows a website to open the webcam without user permission. Until this gets fully resolved, the instructions below remain the best solution. Disabling of the web server component of the Zoom app, as well as a small piece of tape or paper obstructing your device’s webcam are also suitable. This post is to educate our users on how they can prevent a current Zoom exploit from taking over their webcam on their Mac. Instructions for an interim solution are as follows:
Login to the Zoom app and click the blue Gear in the upper, right-hand corner. Then, click on “Video” on the left, and then tick the box for “Turn off my video when joining a meeting”.
If you have any questions, don’t hesitate to reach out to your normal IT Staff.
References
Protecting Your Data
Welcome back, or, for those new to the College, welcome aboard! As you start this new academic year you’ll be receiving a myriad of new emails from the University, College, and Department containing new or updated information. Intermingled with the official email will be official-looking email trying to trick you into revealing private information. These scam messages, commonly known as phishing, are extremely common due UF’s massive amount of data. Help safeguard this data by being aware and recognizing a phish rather than being tricked by it:
- Spot the Phish – Even though phishing attacks appear to come from a familiar person, group, or business, they can be spotted because they typically contain an implied threat (loosing access to an account or being liable for a bill). There are many other ways to identify these attacks discussed in “Phishing… Again!” (https://www.it.eng.ufl.edu/2017/02/phishing-again/) or at the “Identity Theft and Scams” page (https://security.ufl.edu/learn-information-security/protect-yourself/email/id-theft-scams/phishing-email/) maintained by the UF’s Information Security & Compliance Office. Additionally, UFIT offers a fun, interactive training about defending yourself in today’s digital world called CYBERSECURITY@UF (https://training.it.ufl.edu/training/items/cyber-security–uf-.html (no longer available)).
- Protect Yourself – Two-factor authentication, 2FA, strengthens access security by requiring two login methods, something you known (your password) and something you have (a security token), to verify your identity. UF’s 2FA system uses your cell phone, your desk phone, or a unique key fob as your security token. When 2FA is enabled, if your password is ever compromised your login is usually still safe because the bad-guy doesn’t have access to your second factor. UF’s 2FA is currently opt-in and available for self-enrollment. More information about it can be found at https://it.ufl.edu/2fa/.
- Check the IT Alerts Portal – When phishing attacks are caught at UF they are typically posted on the UF IT Alerts Portal (https://alerts.it.ufl.edu/). At the time this message was sent, the UF IT Alerts Portal had 8 email scams reported. So, checking the portal yourself can be easy confirmation that a message you received is not legitimate.
- Alert UF IT – When in doubt, forward the email to the UF IT Security Office (https://security.ufl.edu/learn-information-security/protect-yourself/email/reporting-email-abuse-at-uf/) (it is also a good idea to attach the message as an EML document which includes full message headers). The UF IT Security Office can respond quicker and in more effective ways if you are able to provide full headers, but reports without them are still valuable. If you accidently fall victim to a phishing attack, immediately reset your Gatorlink password and call the UF Help Desk (352-392-HELP (4357)) for further instructions.
This year UF IT Security has provided a summary of available security resources at https://security.ufl.edu/resources. Additionally, you can always reach out to your local IT support office with any questions or comments.
References
High Volume of Phishing Attacks at UF: https://news.it.ufl.edu/security/high-volume-of-phishing-attacks-at-uf/ (UFIT News article expired and was removed October 2022)
Protecting Yourself – Email: https://security.ufl.edu/learn-information-security/protect-yourself/email/
Two-Factor Authentication: https://it.ufl.edu/2fa/
Cyber Security@UF Training: https://training.it.ufl.edu/training/items/cyber-security–uf-.html (link is no longer valid)
Cyber Safeguards for Restricted Data: https://training.it.ufl.edu/training/items/cyber-safeguards-for-restricted-data.html
IT Alerts Dashboard: https://alerts.it.ufl.edu/
Phishing… Again!: https://www.it.eng.ufl.edu/2017/02/phishing-again/
Additional Safeguards for UF Email: TAP: https://www.it.eng.ufl.edu/2017/09/additional-safeguards-for-uf-email-tap/
TAP URL Decoder (provided by IFAS): https://itsa.ifas.ufl.edu/email/proofpoint.shtml