Announcements

ITS Q4 2020 Accomplishments

ITS is proud of all the work we accomplished during Q4 of 2020 while the campus community continued to learn, teach, and work remotely.

 

STUDENT SUCCESS

  • Completed Class Schedule's Advanced Search improvements by modifying class search to support distance learning options.
  • Deployed Smart Planner Enhancements for 27 majors affecting over 16,000 students with the end goal of deploying more majors.
  • Rolled out Student Self-Service Course Withdrawals
  • Shipped 20 new AT&T hotspots for students, plus a few for faculty and staff 

SECURITY ENHANCEMENTS

  • Installed Two-Factor Authentication (2FA) Duo Bypass Code web application
  • Completed rollout of the Secure Departmental Box Folders service
  • Implemented Duo 2FA onboarding for future hires to allow secure completion of employment paperwork through DocuSign 
  • Completed migration of the Associated Students (ASI) Event Management Server from physical server to virtual to satisfy security audit findings
  • Completed Single Sign-On (SSO) integration for a dedicated student Virtual Private Network (VPN) to improve security. This separates students’ VPN from employees’ VPN so students can only remotely access campus academic resources.
  • 960 individual compromised email accounts and 343 Technology Acquisition Review (TAR) requests for Q4
  • 2,908 individual compromised email accounts and 1,702 TAR requests for the 2020 calendar year   
  • Updated the design and content of the TAR website making it easier to navigate, find information, and understand requirements
  • Updated OnBase password complexity settings to align with campus and CSU standards

INFRASTRUCTURE UPGRADES

  • Set up a Qualys virtual scanner in the ITS Datacenter to replace the physical scanner. As a result, ITS has reduced costs by allowing us to maintain the latest scanner software while no longer needing to deal with hardware replacement.
  • Updated the Qualys vulnerability management/scanning tool to allow asset owners to manage scans for their respective assets (e.g., servers, laptops, and desktop computers).
  • Completed shutdown and decommissioning of tape backup infrastructure
  • Upgraded wireless access points in the HSS, Business (BUS), Waste Management, and Facilities buildings
  • Completed University Police Department (UPD) fiber installation for the Vesta system, an emergency communication system.
  • Completed migration of Downtown Center (DTC) to Unified Communications
  • Completed Wireless Access Points (WAP) provisioning for Liberal & Creative Arts (LCA) building
  • Installed Emergency Gateways at CSU Sacramento and the SF State main campus. The emergency gateways direct 911 calls through the Avaya system. We have one in each location for redundancy.
  • Completed upgrade of SF State Global Login, providing a 30% performance improvement
  • Migrated StarRez housing software to a cloud-hosted solution
  • Improved accessibility on campus homepage, Bulletin, and University Calendar
  • Developed ServiceNow service dashboard for all ITS teams to monitor tickets
  • Deployed change to publish “Student” as a title in the Outlook Directory
  • Completed OnBase for Procurement
  • Launched Box Tools in System Center Configuration Manager (SCCM) and retired Box Sync  

CYBERSECURITY AWARENESS MONTH

  • Partnered with Career Services & Leadership Development to communicate with students about fake job emails
  • Conducted two different mobile app Spotlight cybersecurity campaigns during October
  • Distributed announcement on staying safe while shopping online /it/files/Newsletter-Dec2020-Cybersecurity-Shopping-Tips-2020.pdf
  • Conducted a presentation on ways to stay safe online at home on Oct 21,2020. The presentation is available for download on the SF State Cybersecurity Awareness website https://its.sfsu.edu/announcement/cybersecurityawarenessmonthoctober2020
  • Recognized 35 individuals from across campus as Cybersecurity Champions by presenting them with certificates and posting their names on the “Wall of Cyber Security Champions”  https://its.sfsu.edu/announcement/cybersecuritywallchampions

LIAISON EDU

  • Worked with a Liaison EDU consultant in a support capacity to provide data integration from PeopleSoft into the EMP CRM. This benefited Enrollment Management and Graduate Admission to allow them to manage their prospective and applicant populations. Liaison EDU Enrollment Marketing Platform (EMP) is the Applicant Customer Relationship Management (CRM) solution attached to CSUApply.
  • Activated your.future.sfsu.edu and go.grad.sfsu.edu domains in Liaison CRM. Both Enrollment Management and Graduate Studies use this service. The integration allows them to send SF State-branded emails without increasing email spoofing risks for @sfsu.edu emails.

STUDENT HEALTH SERVICES

  • Deployed laptops to Student Health Services (SHS) to enable telehealth activities for Registered Nurses (RNs) and Medical Assistants (MAs)
  • Configured Microsoft Bookings, an online bookings and appointment scheduling application, for Health Promotion & Wellness to support CalFresh virtual appointments with Zoom
  • Distributed 46 new laptops for SHS and Counseling & Psychological Services (CAPS)
  • Migrated ProPharm to PointNClick (PNC) as part of SHS Pharmacy cost reduction efforts by eliminating hosting costs at Connectria.

COMMUNITIES OF PRACTICE FOR IT

  • Held the Information Security Communities of Practice Meeting on Oct 16, 2020
  • Hosted two sessions of the Service Management Community of Practice for campus IT providers, HR, Bursar, DPRC, Procurement, Library, Housing, and shared our 6-month ServiceNow roadmap

WOMEN IN TECHNOLOGY

  • Hosted Professor Priyanka Joshi from the Lam Family College of Business to present on gender differences in communicative abstraction at the ITS Women in Technology Group

ITS STAFF RECOGNITION

  • Launched a new and improved ITS Recognition Program

View or change your security questions in the SF State Gateway

ITS requests the campus community review annually, if not more frequently, their security questions in the SF State Gateway and update them if they haven’t been changed for a while. Some users may need to set them up for the first time. These questions are important to keep updated as they are used when you need to reset your password or to verify your identity for self-service access to systems or data.

Log in to the SF State Gateway at http://www.sfsu.edu/login.htm

After logging, select Profile in the upper right-hand corner:

SF State Gateway Profile Option

Towards the bottom of the Profile page, select View/change your security questions:

Gateway Profile Security Settings - View/change your security questions

SF State Information Security Office Announces Jan. 28 is Data Privacy Day

Data Privacy Day is an international effort held annually on Jan. 28 to spread awareness about data privacy and educate individuals on how to secure their personal information. It also works to encourage businesses to respect privacy and be more transparent about how they collect, store and use data. This year, Data Privacy Day 2021, spotlights the value of information and how to “Own Your Privacy” and “Respect Privacy”.  Below are answers to address the most frequently asked questions about data privacy.

Who cares about privacy?

This may surprise some, but young people and young adults do. Despite conventional wisdom that young people don’t really care about privacy, surveys show that those between 13 and 35 years old do care about their privacy and the importance of maintaining control over their personal info. Here are some snapshots from an article in Vox, among the 18 – 29 year olds surveyed:

  • 74% had cleared cookies and browser histories
  • 71% had deleted or edited a post
  • 49% had adjusted their browser setting to reject cookies
  • 42% had refused to visit certain sites that wanted to use their real names

So, when it comes to caring about online privacy and taking steps to protect it, the stereotype that younger adults care less than older adults just isn’t accurate. That’s underscored by Cisco’s Consumer Privacy Survey that found 48% of those surveyed had switched away from companies because of data policies.

When it comes to your privacy, who do you trust?

Here are results from a recent survey of 1,000 respondents by McKinsey & Company. The survey asked people to rank the most trusted industries in protecting privacy and data:

  • Healthcare and Financial Services – 44%
  • Pharmaceuticals/medical – 22%
  • Retail – 18%
  • Technology – 17%
  • Public sector and government – 11%
  • Media and entertainment – 10%

Not surprising, healthcare and financial services had the highest ranking with government, media, and entertainment bringing up the rear. But overall, even trust for healthcare and financial services—the highest ranked industries— isn’t all that high. But where some might see a lack of trust, others will see opportunities. Organizations that demonstrate that they are trustworthy by handling and protecting their customer’s privacy and data carefully can stand out from their competition. It’s pretty simple, really. Nine out of ten people are more loyal to companies they trust.

Did I delete that data and is it gone for good?

So you highlight the name of a file and press the Delete key. That file is gone for good, right? Not necessarily. Most systems only remove the link to the file. It’s still there until another file is saved over the older “deleted” data.  Files that are never permanently deleted from old computers and devices are a gold mine for hackers. Using the latest data recovery technology, they can recover even the data and files you may have deleted. Here’s are some tips for making sure that “delete” really means delete.

  • Digital Data - Most organizations have policies and procedures in place for disposing of old computers and storage media. Make sure you follow them. Many PC recyclers offer data destruction services and will ensure that any disks, hard drives or other storage media has been destroyed in a way that won’t allow any data to be recovered by hackers or anyone else.
  • Smartphones - Your phone may have sensitive data even if you don’t store any data files on it. This sensitive data can include emails or text messages, pictures, voicemail, or documents left open in your browser. If it’s time to upgrade to a newer phone, don’t just get rid of your old one or drop it in a recycle bin. Some devices have a remote wipe feature in case they get lost or stolen. Use that to scrub your old phone before getting rid of it. Or you can use a data destruction service.
  • Cloud – Getting rid of data in your cloud accounts is more complicated. If, for example, you quit using an online service, data from your past usage is still stored by that provider. At a minimum, you should close your account, but you may also need to contact customer support to find out when closed accounts (and any data associated with that account) are permanently deleted.

What’s Personal Data Worth?

Short answer is a lot. Companies like Facebook, Google, Amazon and others routinely gather what they call “passive” data—not something we generate consciously—about our online habits: what we buy, websites we visit, our online searches, even the books we check out online from our local library. That’s all data— data about us—and it's valuable. To companies capturing passive personal data, it’s big business. The world produces 2.5 quintillion bytes of data each day, and 90% of all the data that has ever been produced in all of history happened in just the last two years. According to the European Commission, the value of personalized data in 2020 is nearly $1.2 trillion.

Mining personal data is a gold rush for many companies. But what does it mean for individuals? That’s harder to calculate. In 2015, Comcast paid $100 to each victim of a data breach. Victims had paid a fee to Comcast to keep their data privacy. By most accounts, this was a first because it actually valued an individual’s personal data that was hacked at $100.

So, what’s your data worth? There are examples of people auctioning their personal data on eBay and Craigslist. But maybe a better way to look at the value of personal data is to see it as the value of your personal privacy.  What would it cost you if someone hacked your accounts and stole your identity? What if they impersonated you on your social media accounts, alienating your friends and family? How much is your reputation worth? All of these are worth protecting and “valuing.” And perhaps that’s where we all can find the true value of our data.

Call to Action

Data privacy and protecting personal information is important to SF State.  One thing we encourage everyone to do is visit staysafeonline.org to check and update their privacy settings on all accounts. This is good practice to do at least once a year to make sure your privacy preferences have not drifted.  Also, feel free to review the SF State Privacy Policy to understand how important privacy is our University. 

For more information about Data Privacy Day, visit staysafeonline.org/data-privacy-day.

ITS Spring 2021 Semester Updates

ITS has been diligently working to prepare for the spring semester. While we continue to offer the IT Services that campus relies on, we have increased our attention on remote support services for students and staff working in a remote environment. ITS is fully operational and ready to support the campus IT needs as the semester begins. ITS continues to offer and enhance a wide range of campus services outlined at https://its.sfsu.edu/services, and provides a comprehensive Continuity Tools page for assistance with remote learning and remote work.

ITS values the safety and health of our campus community and is serious about safety protocols to protect our campus community. With this in mind, ITS has tools available to troubleshoot and assist users with their IT needs while avoiding contact. We encourage you to contact us with your IT questions or challenges.

For support, you can reach us Monday through Friday from 8:00 a.m. – 5:00 p.m.:

For troubleshooting or support that cannot be provided over the phone, we are available to assist in-person by appointment. Simply contact us and we will assist in scheduling a time.

Have a great Spring 2021!!

Moving Drupal 7 sites to Drupal 8 by end of 2021 for all websites

ITS is releasing new and easy to use authoring templates and tools to publish SF State department websites in Drupal 8. These templates feature a clean, updated look and feel to make it easier for visitors to learn about the university and its programs. There are three Quick Start templates for Colleges, Academic Departments, and Administrative Departments, along with a large library of pre-developed style components. If your campus website is one of these, get on the schedule to start moving your Drupal 7 site to the fresh look for sfsu.edu. Go to Website Hosting and Publishing to request a Drupal 8 development site and we'll point you to some resources and schedule a training session with your site publishers. ITS is taking reservations for the remainder of 2021 with the goal of moving all sites off of Drupal 7 and to sunset that version by December 31, 2021. 

Campus Website owners should consider the following:

  • have a good understanding of what content to bring over from the old site to the new and be willing to discard articles and pages that are no longer relevant
  • have someone on your team who will author and manage the content and layout for the website using the templates
  • the Quick Start templates maintain the university brand and assist with streamlining site development, marketing, accessibility approvals, and system security
  • simplifies the website publishing process allowing site owners to focus on content and present the best foot forward

With the above in mind, it should take your website team 2-3 weeks to move your content over to Drupal 8 using the Quick Start template.

If you have any questions, contact service@sfsu.edu.

Information Technology Services Q3 2020 Accomplishments

ITS was extremely busy in Q3 improving processes, systems, and security to ensure the campus community can continue to succeed with teaching, learning, and working from home.

 

SUPPORTING THE CAMPUS COMMUNITY DURING THE TIME OF COVID

  • Launched and maintained the Campus Access program registration form
  • Received, set up, and distributed 40 laptops for Enrollment Management
  • Rolled out Twilio to the Bursar and EOPP, bringing the number of departments to 19 and agents to 152
  • Set up Microsoft Bookings software for making Service Desk appointments to comply with social distancing requirements when staff needs to meet with users in person
  • Successfully implemented Xerox Fax to Secure Share Drive for Risk Management to facilitate fax document processing while remote

HELPING STUDENTS SUCCEED

  • Added a personalized link to the Follett bookstore based on a student’s class schedule
  • Assisted with campus move-in days, August 14-16, 2020, to support Housing’s technology needs
  • Began supporting SF State account reset codes for students and alumni, which was previously performed by 1+ FTE in the Registrar’s office
  • Completed DocuSign reconfiguration to make DocuSign available to students
  • Completed extended stay mode setup for room and model in StarRez
  • Launched new SF State mobile app feature to highlight current and incoming students’ personalized holds, alerts, and to-dos on the mobile app home page
  • Provided Adobe Creative Cloud to all active students to use Acrobat, Photoshop, and Premiere on home computers

SECURITY IMPROVEMENTS

  • Convened a working committee for the October 2020 Cyber Security Awareness campaign. SF State was designated as a champion organization by the National Cyber Security Alliance (https://staysafeonline.org/cybersecurity-awareness-month/champions/view-all/)
  • Identified and launched the compromised account process for 469 compromised accounts
  • Implemented IP-based blocking in PeopleSoft Campus Solutions (CS) in production as of September 7, 2020
  • Partnered with HR to distribute a security alert to staff and faculty to warn against retirement benefits phishing scams
  • Reviewed and approved new HR hiring forms, agreements, and processes that contain Level 1 information for onboarding to the DocuSign platform
  • Supported Student Health Services (SHS) Point n Click (PNC) Electronic Medical Records (EMR) and ProPharm Pharmacy application migration from Connectria to PNC-hosting as a partner with SHS to provide a more cost-effective solution while improving usability and maintaining security

Campus Solutions (CS) Enhancements

  • Campus Solutions photo upload from Blackboard Transact in production as of July 2, 2020
  • Education Advisory Board (EAB) Photo Upload from Blackboard Transact in production as of July 31, 2020
  • Launched streamlined Campus Solutions access request resources, providing short-term relief to the access request process
  • Streamlined Campus Solutions access request process by updating content on web site and eliminating wet signatures for approval
  • Worked with Disability Programs and Resource Center (DPRC) to identify a temporary accessible alternative to the CSU Learn Data Security and FERPA training

Additions to Campus Data Center

  • Completed migration of Housing data to departmental shares
  • Decommissioned the older servers providing DHCP/DNS/Share service for Housing and migrated services to the ITS Data Center
  • Migrated Housing, Dining, and Conference Services (HDCS) DHCP networking services to the campus Data Center to provide more robust services and eliminate the need for additional hardware

Infrastructure Improvements

  • Completed the deprovisioning more than 70,000 graduated students email accounts on July 31, 2020 to improve campus account security
  • Completed the installation of 6 powerful new Dell VMware servers
  • Completed the project to back up to Amazon Web Services (AWS) Cloud
  • Completed the upgrade of the Webtalk application used for managing building controls
  • Provisioned external Wi-Fi access points for the Manzanita Square building
  • Replaced all wireless access points (WAPs) in the Health and Social Sciences (HSS) building with new AP 515s

IT Communities of Practice

  • Hosted Information Security Community of Practice Meetings (July, August, September) and discussed follow-up activities from the information security audit, the status on information security projects, situational awareness/vulnerabilities and security education campaigns/activities
  • Hosted monthly Service Management Community of Practice and discussed business services, knowledge base, and ServiceNow roadmap with campus IT providers, Procurement, HR, and Housing

Technology Conference Presentation

  • Scott Nemes, Sr. Director of Service Management, and Mary Morshed, Information Security Officer, presented with Assistant Vice President of Academic Technology Andrew Roderick at the CSU Tech Conference about using Communities of Practice (CoP) for technology alignment

Campus Outreach Training

  • Hosted PowerPoint Outreach Training for campus

Cyber Security Wall of Champions

One of the best ways to Do Your Part, #Be Cyber Smart is to report suspicious Email. SF State has a long list of Cyber Security Champions who regularly report suspicious emails using the PhishMe Reporter in Outlook.

Take a moment to review SF State’s Cyber Security Champions who have reported over 100 suspicious emails in the past 3 years. The list is sorted by highest to lowest.

Name

Department

Rosa Barragan

Capital Project Management 

Brian Aday

COL OF BUS - Hospitality & Tourism Management

Wafa Rashdan

Auxiliary Accounting 

Reji Titus

ITS/Information Security

Charlotte Tate

COL OF SCI - Psychology

Charlene Gee

Auxiliary Accounting 

John R Wilson

ITS/Telecomm

Florence Yap

Undergrad Admissions & Recruitment

Misty Kuhn

COL OF SCI - Chemistry

Karl Schackne

Academic Technology 

Gloria Tseung

Fiscal Affairs Accounting

Simone Nelson

CA-Entertainment Initiative

Alex N Sanchez

Development Office

Kristine L Caratan

COL OF BUS - Accounting

Scott Nemes

ITS/Customer Services

Edwin Critchlow

Budget Admin & Operations 

Lori Brooks

ITS/Customer Services

Alexis Wilson

ITS/AVP's Office 

John Blair

COL OF SCI - Biology

Michael Cramer

ITS/Cloud 

Ken Piper

ITS/Systems 

Jiyoung Cha

COLL. LCA - Broadcast Communication Arts

Grace K. Mai

Human Resources

Nancy Gerber

COL OF SCI - Chemistry

Jason Seto

Undergrad Admissions & Recruitment

Nancy Trinh

Procurement 

Ericka Jackson

Human Resources

Mindy Chui

Undergrad Admissions & Recruitment

Rebecca Diaz

ITS/Web & Mobile

Joseph D Adkins

Library Administration

Jacqueline Green

Bursar's Office

Joseph Benjamin Agosto

Tiburon Center

Bao Manh Tong

Academic Operations 

Atanas Maximov

CEL Administration

Jill Anthes

Capital Project Management 

 

Cyber Security Awareness Month October 2020

October is Cyber Security Awareness month and the theme this year is:  

Do Your Part – Be Cyber Smart!  

Each week will focus on a different area to highlight the corresponding cyber security risks and tools/tips to reduce/mitigate them. The mission of the SF State Information Security Office is to provide balanced and tailored campus-wide cybersecurity, information security, and privacy risk management services.

Cyber Security Wall of Champions

CSLD Public Service Announcement on Phishing Job Scams

Weekly Content

Week 4 video
The Future of Connected Devices

Technological Innovations in a changing world video

Watch Week 4 Video - Technological Innovations are coming our way in world-changing ways, such as 5G and internet-of-things (IoT) tools. Privacy and security considerations will be important as we all navigate the new tech world.

Questions? Contact: service@sfsu.edu or 415-338-1420

Privacy Policy

Get Involved

Download screen backgrounds

Screen background - halloween

Cybersecurity Awareness Month San Francisco State University

Screen background shield

Cybersecurity Awareness Month San Francisco State University

 

ITS Fall semester updates

ITS has been diligently working to prepare for the fall semester. While we continue to offer the IT Services that campus relies on, we have increased our attention on remote support services for students and staff working in a remote environment. ITS is fully operational and ready to support the campus IT needs as the semester begins. ITS continues to offer and enhance a wide range of campus services outlined at https://its.sfsu.edu/services.

ITS values the safety and health of our campus community and is serious about safety protocols to protect our campus community. With this in mind, ITS has tools available to troubleshoot and assist users with their IT needs while avoiding contact.  We encourage you to contact us with your IT questions or challenges.

For support, you can reach us Monday through Friday from 8:00 a.m. – 5:00 p.m.:

For troubleshooting or support that cannot be provided over the phone, we are available to assist in-person by appointment. Simply contact us and we will assist in scheduling a time.

Have a great Fall 2020!!

New Student Holds, Alerts, and To Dos feature in the SF State Mobile App

On Friday, August 7, 2020, ITS launched an exciting new feature for the SF State Mobile App that highlights a student's Holds, Alerts, and To Dos on the mobile app home page. ITS’s Mobile development team worked collaboratively with students and stakeholders in Admissions, Financial Aid, Registrar’s, and Bursar’s offices to bring this new personalized capability to life.

When a student logs in to the SF State mobile app, they now immediately see if there are any outstanding holds, alerts, and to dos that need to be addressed in order to stay in good standing. Current students can view any outstanding financial- or academic-related holds which can be followed up with through the Bursar’s or Registrar’s office. Incoming students can view To Dos to see the list of documents still required by Admissions and Financial Aid offices. Students can still go to the PeopleSoft Student Center on the mobile app or via the SF State Gateway web portal to see these same items. However, by having these now appear on the SF State Mobile App student home page, it places this important information prominently front and center. Putting it up front helps with student success by pulling from their Student Center and using the language used there that students are familiar with, providing consistency with what they see.

SF State Mobile App Student Holds and Alerts

As the new school year is upon us, ITS hopes this new mobile app feature helps ease student anxiety and frustration by helping current and incoming SF State students stay on top of their Holds, Alerts, and To Dos.

Available on both iOS and Android devices, the SF State mobile app can be downloaded by visiting https://its.sfsu.edu/service/sfstatemobileapp.

INFORMATION TECHNOLOGY SERVICES Q2 2020 ACCOMPLISHMENTS

ITS was extremely busy during the second quarter of the year given nearly everyone was remote for the entire quarter. Continuing to support faculty, staff, and students as we all collaborate from home was, and remains, ITS’s #1 priority.

SUPPORTING THE CAMPUS COMMUNITY DURING COVID-19 SHELTER-IN-PLACE

  • Assisted campus partners with facilitating the transition to work from home
  • Completed upgrade of the WebControl software that manages the campus air conditioning system – critical for return to campus
  • Coordinated with the President’s Office, Emergency Operations Center (EOC), and the Web team to update the COVID-19 online form for inquiries whose answers are not already covered in the COVID-19 FAQ web page
  • Deployed 30 WiFi hotspots to students, faculty, and staff
  • Enabled MS Whiteboards application integration with MS Teams
  • Made DocuSign available to students by enabling the @mail.sfsu.edu domain and completing Single Sign-On (SSO) integration for DocuSign
  • Moved the Information Security Risk Acceptance Form to DocuSign to document short-term compliance and security risks, and require the appropriate administrator to acknowledge and accept the identified risks
  • Performed Zoom 5 upgrade to all ITS-managed computers
  • Rolled out campus-wide remote access GlobalProtect VPN solution
  • Rolled out Twilio for Automatic Call Distribution (ACD) for Admissions, Veterans Services, and the Registrar’s Office
  • Set up and distributed over 120 computers to facilitate work from home for Counseling & Psychological Services (CPS), Student Health Services (SHS), University Police Department (UPD), Budget Administration & Operations, Financial Aid, and Fiscal Affairs
  • Supported the launch of health apps to get Counseling & Psychological Services (CPS) on an electronic system and allow Student Health Services (SHS) providers to access records remotely
  • Updated MediSpan, which provides updated drug information, for Student Health Services (SHS) Pharmacy to update clinical information
  • Worked with Academic Technology (AT), Student Health Services (SHS), and Point n Click to enable Zoom Health for telemedicine for SHS and Counseling & Psychological Services (CPS)
  • Worked with Capital Planning, Design, & Construction (CPDC) to develop and process reservations for the Campus Access Program to manage staff requests to retrieve work and personal items from their offices. Launched and maintained the Campus Access Program registration form.

SECURITY IMPROVEMENTS

  • Collaborated with the Administration & Finance (A&F) Quality Assurance team and Procurement to approve DocuSign for use with Level 1 data
  • Employees will now receive an email notification of completion for Data Security and FERPA training. More info: https://its.sfsu.edu/service/informationsecuritytraining
  • Identified and launched the compromised account process for 928 individual email accounts
  • Information Security Audit Update: submitted a report regarding the Chancellor’s Office Information Security Audit to Audits and Advisory Services (AAS) with evidence to close 68% of the audit observations before the due date of July 10, 2020
  • Launched guide for DocuSign to OnBase document processing for students/parents to upload Level 1 documents
  • Partnered with Human Resources (HR) to distribute a security alert to staff and faculty to warn against retirement benefits phishing scams. Several employees were contacted by the scammers before the alert

CAMPUS SOLUTIONS (CS) ENHANCEMENTS

  • Completed the Student Refund Request module for PeopleSoft Campus Solutions (CS)
  • Developed Direct Deposit Email Notification module for CS
  • Migrated Custom Graduate Student Advising module for CS

IT COMMUNITIES OF PRACTICE

  • Held monthly Security Operations Working Group meeting. Topics discussed were: security projects progress report, vulnerability management and Zoom security improvements, updates regarding the information security audit remediation activities, and situational awareness.
  • Hosted 2 Service Management Community of Practice sessions focused on service management roadmap, knowledge base and service catalog across distributed IT units, Procurement, Library, HR and Bursar.

IMPROVEMENTS IN SEARCHING THE CAMPUS WEBSITE

  • Added titles and suffixes (degrees) to the People Directory web search
  • Launched GatorSearch with Google custom search to improve our web search functionality
  • Launched the staff web directory
  • Worked with the PeopleSoft/Human Resources (HR) team to add Professor Emeritus faculty to the People Directory search

EMAIL ENHANCEMENTS

  • Completed the migration of Exchange distribution lists to Office 365
  • Completed the Phase 1 refresh of the SF State Online Directory & Microsoft Outlook Directory via PeopleSoft
  • Email security reporting improvements include a new Cloud Security anomaly detection report and adding Geo Location (country of origin) data to the Bulk Email report
  • Enabled “Box for Outlook” add-in for seamless large email attachments
  • Enabled “Zoom for Outlook” add-in for easier scheduling of Zoom meetings, and enabled Zoom with Office 365 integration to allow managing Zoom-enabled rooms through Outlook
  • Implemented automated feed of User Directory into Outlook to improve search
  • Set up the @alumni.sfsu.edu email domain for members of the SF State Alumni Association. Developed a process with Advancement to request and publish the new email benefits for Alumni Association members. Started provisioning forward-only @alumni.sfsu.edu email addresses for SF State Alumni Association members.

INFRASTRUCTURE & DISASTER PREPAREDNESS IMPROVEMENTS

  • Completed all elevator phone migrations to independent phone lines
  • Completed bandwidth upgrade to 20G at the Downtown Center (DTC) facility
  • Completed physical server backup migration from the legacy backup software to Veeam Enterprise, saving renewal costs

SF STATE GATEWAY ENHANCEMENTS

  • Added personalized link to the Follett bookstore based on a student’s class schedule

MOBILE APP UPDATES

  • Launched new Campus Dining Options in the mobile application
  • New mobile app banner for SF State’s Basic Needs Initiative

CAMPUS OUTREACH TRAINING

  • Hosted multiple campus outreach training sessions: 3 for Intermediate Excel, 3 for Beyond Beginner PowerPoint, 2 for IT Resources, 1 for Qualtrics, and 1 for MS Teams

WOMEN IN TECHNOLOGY

  • Held monthly Women in Technology (WIT) group meetings, where groups discussed topics related to: reaching out of your comfort zone, taking risks, and resiliency. Participants also shared training opportunities and professional development resources earlier in the month. Another session of WIT discussed topics related to effective communications and self-empowerment. 14 participants attended.

INFORMATION TECHNOLOGY SERVICES Q1 2020 ACCOMPLISHMENTS

The 1st quarter of 2020 started as any other, but come March the landscape changed quickly and dramatically. ITS quickly responded to support shelter in place and work from home during the COVID-19 pandemic. We are busy as always improving IT services for the campus community.

Supporting Remote Work

  • Coordinated with campus stakeholders to publish new web content related to COVID-19 operations
  • Broadcast campus Information Security Alert emails on phishing/SPAM awareness and Zoom meeting security
  • Developed and released ServiceNow module for Emergency Operations Center (EOC) to track COVID-19 requests and released a hardware request form for AT
  • Obtained and distributed laptops, MiFi’s, webcams, and headsets for campus departments to enable remote work
  • Increased outreach on tools/practices for working remotely: https://its.sfsu.edu/guides/itsecurityguidanceremoteaccess
  • Launched the IT Continuity Tools resource page at https://its.sfsu.edu/guides/continuitytools
  • Monitored reports to proactively respond to security events associated with increased remote access activity
  • Rolled out an alert banner to Drupal websites (~300 sites), with the EOC and Strategic Marketing & Communications (SM&C) and set up the alert banner to display on the Gateway portal after login
  • Launched remote call centers using Twilio for Campus Operator, ITS Service Desk and Enrollment Management to be able to provide phone support remotely
  • Worked with many campus teams to assist with securing business processes for remote access

Security Improvements

  • Extended password expiration policy from 160 to 365 days for Two-Factor Authentication users
  • Held the monthly campus-wide Information Security Operations Working Group Communities of Practice meeting: phishing attack awareness, info security and audit project updates.
  • Identified and launched the compromised account process for 818 individual email accounts
  • Analyzed 36 Technology Acquisition Review (TAR) requests
  • Monitored alerts and established response processes for the new Security Information and Event System (SIEM).
  • Successfully rolled out Two-Factor Authentication (2FA) to all staff users. This improves SF State’s IT security posture, aligns with CSU policy, and will help reduce the number of compromised SF State accounts.

Campus Outreach Training

  • ITS trained 122 campus employees from January – March 2020
  • Attendees represented 25 departments, including Downtown Center and Tiburon campuses
  • Hosted 1 IT Resources Session, 1 PowerPoint Session, 2 Intermediate Excel Sessions, 2 Microsoft Teams Sessions, and 2 Qualtrics Sessions

Service Improvements and End User Support

  • Completed cutover to Production OnBase 18
  • Increased managed computers to 1100 under central management
  • Increased maximum size of emails to 25MB and enabled Box plugin for Outlook
  • Launched the Security Service Catalog, resulting in having updated service catalogs for 2 of 8 ITS areas
  • Migrated the SFSU Online Directory and the MS Outlook Directory to production
  • Provided 2FA token distribution, training, and support for rollout to staff'
  • Provided computers and support for spring semester move-in and housing re-keying
  • Managed Adobe upgrade for staff computers
  • Upgraded ServiceNow to New York version
  • Hosted Service Management Communities of Practice for IT departments, Bursar, HR, and Procurement to define and process the service management roadmap, including knowledge management and service portfolio

Web and Mobile App

  • Added the homepage alerts top banner onto all campus websites
  • Launched the new and improved People Directory search
  • Launched the StarRez Portal X site for new campus housing at 2 Varela

Disaster Preparedness

  • Completed and enabled backup to the cloud using Amazon Web Services.

Infrastructure Improvement

  • Received $35,000 from the Chancellor’s Office for intra-campus bandwidth upgrade.

Women in Technology

  • Kicked off a Women in Technology forum hosted by Mary Morshed/ITS. ITS hosted the first monthly Women in Technology (WIT) mentoring meeting with 17 staff members participating from ITS, College of Liberal and Creative Arts, Institute for Geographic Information Science, Biology Department, Academic Technology, Human Resources, and College of Extended Learning.

Moving Drupal 7 sites to Drupal 8 by end of 2020 for all websites

ITS is releasing new and easy to use authoring templates and tools to publish SF State department websites in Drupal 8. These templates feature a clean, updated look and feel to make it easier for visitors to learn about the university and its programs. There are three Quick Start templates for Colleges, Academic Departments, and Administrative Departments, along with a large library of pre-developed style components. If your campus website is one of these, get on the schedule to start moving your Drupal 7 site to the fresh look for sfsu.edu. Go to Website Hosting and Publishing to request a Drupal 8 development site and we'll point you to some resources and schedule a training session with your site publishers. ITS is taking reservations for the remainder of 2020 with the goal of moving all sites off of Drupal 7 and to sunset that version by December 31, 2020. 

Campus Website owners should consider the following:

  • have a good understanding of what content to bring over from the old site to the new and be willing to discard articles and pages that are no longer relevant
  • have someone on your team who will author and manage the content and layout for the website using the templates
  • the Quick Start templates maintain the university brand and assist with streamlining site development, marketing, accessibility approvals, and system security
  • simplifies the website publishing process allowing site owners to focus on content and present the best foot forward

With the above in mind, it should take your website team 2-3 weeks to move your content over to Drupal 8 using the Quick Start template.

If you have any questions, contact service@sfsu.edu

Enable your remote work using campus continuity tools

Whether you telecommute regularly or simply need to be able to work from home on occasion, there are tools to ensure that you can continue to perform your job with ease. Online meetings can be held, files can be accessed and stored online via Box, share your computer screen with colleagues, make audio calls via your computer, and more!

For more information on campus continuity tools, go to: https://its.sfsu.edu/guides/continuitytools

Information Technology Services (ITS) Q4 2019 Highlights

The 4th quarter of 2019 highlighted ITS improvements in many areas, including security and disaster preparedness, the SF State mobile app, network infrastructure, and student-focused applications.

Campus Outreach Training

  • ITS hosted two Microsoft Teams outreach training sessions and one Qualtrics outreach training session as it kicked off outreach training for campus. Look for more Teams and Qualtrics sessions in 2020, and the launch of sessions on IT Resources, Excel, and PowerPoint.

Disaster Preparedness

  • Automated the deletion of phone numbers from Campus Solutions (CS) and Human Resources (HR) to reflect Telecom database changes. This ensures that business phone information provided for emergency contact or published in the public directory are accurate, which will reduce wrong numbers, misassigned numbers, and/or phone numbers that have been deactivated.
  • Replicated the last service to the Disaster Recovery (DR) site. The DR project is now completed.

End User Support Statistics

Network Infrastructure Improvements

  • Upgraded bandwidth to the Gym from 1Gbps to 2Gbps to eliminate network bandwidth bottleneck.
  • Upgraded the campus core from 20G uplinks to 40G uplinks in response to increased bandwidth utilization.

Security Improvements

  • SF State is one of several CSU campuses to improve the security of Level 1 data in Campus Solutions (CS) using Appsian to provide added security for PeopleSoft users and data owners. The data masking hides sensitive data such as Social Security Number (SSN) and Date of Birth (DOB), which are considered Level 1 data.
  • Provisioned all campus staff classified as Information Technology Consultant (ITC) to require Two-Factor Authentication (2FA) on 12/05/2019.
  • Required encryption (HTTPS) for all access to the main www.sfsu.edu web server.
  • Performed email cleanup to deactivate approximately 40,000 unaffiliated student accounts.
  • Identified and processed 1325 compromised individual email accounts; 760 of these were in part due to a breach of Chegg.com, a popular student services website.
  • October was Cyber Security Awareness month. ITS held a Cyber Security Information Session on Tuesday, October 15, 2019, teaching easy-to-use techniques to improve cyber hygiene, and tricks to keep devices and data safe online. We regularly conduct our security awareness campaign, the results of which can be found at https://its.sfsu.edu/content/securityawarenesscampaignsummary.

SF State Mobile App Enhancements

  • Added Gender Neutral restroom locators in the SF State Mobile app.
  • Rolled out 3 wellness features on the mobile application for “My Academics” and “Housing”:

                • My Academics: “Not Feeling Prepared” – tips to stay organized

                • Housing: “Roommate Problems” – communication exercises

                 • Housing: “Budgeting” – creating a budget

Student-Focused Improvements

  • ITS launched a new and improved custom Short-Term Loan (STL) application with myriad benefits. Developed in collaboration with students, this update benefits students by enabling the application process to be handled almost entirely online. See all the details at https://its.sfsu.edu/announcement/newshorttermloanstlapplicationoffersmanybenefitsdecember52019.
  • In production as of October 11, 2019, ITS completed building a new version of the CSULB's First-Time Freshman (FTF) Admissions Evaluation Page for use at SF State; as a result, SF State applications processed per evaluator has increased. This has a positive impact on more timely notification and admission of applicants, which helps to improve first year admission candidates matriculating to SF State. Timely admission offers increased admission acceptance percentages which adds to first year yield.
  • Created a new PeopleSoft page to track completed Community Service Learning (CSL) hours. This provides a service to better manage CSL hours that are associated with certain courses offered at SF State. The tracked data will ultimately appear on the student transcript as a note under the associated courses. This is important to the educator and students to ensure the proper units are tracked and displayed on the transcripts, which is an official university record.

Updated Websites Went Live

New Short-Term Loan (STL) Application Offers Many Benefits (December 5, 2019)

On December 5, 2019 a new and improved custom Short-Term Loan (STL) application for students was released. Developed in collaboration with students, this update benefits students by enabling the application process to be handled almost entirely online.

The benefits for students:

  • The application process will be handled almost entirely online, with the exception of signing the promissory note and picking up the check.
  • 24/7 availability to apply and request deferments.
  • After submitting a STL application via the app, students receive an automatic pre-qualification or denial because the software calculates what is entered and retrieves Financial Aid information from Campus Solutions (CS) to determine eligibility.
  • Deferments are processed automatically and can save students interest and late fees that would otherwise have been incurred in the old application.
  • Students can edit their information or delete employer(s) if they have more recent employment.
  • Students will receive a five-day reminder that their payment is due for all three installments.
  • The STL application is mobile friendly.
  • The top of the application page graphically shows student application progress / status.
  • When students reapply, their information is saved so they don’t have to re-enter information that was previously provided.
  • With daily file processing, students can see payment status to avoid interest and late fees.
  • Status tracking features provide transparency in applying.

The benefits for Accounts Payable-Fiscal Services staff:

An enormous amount of time and money saved in the following:

Not having to:

  • approve/deny each application due to the new pre-approval process
  • contact the Bursar’s Office staff for interest, late fees, deferments, and holds
  • do manual calculations of interest and assess late fees
  • look up a student’s Financial Aid information in Campus Solutions (CS) to determine qualification
  • notify students of approvals and denials
  • print out and review paper applications
  • process deferment requests
  • review and respond to emails on the status of applications

Increased efficiencies by being able to:

  • easily customize messages displayed on the application and email templates within the app
  • have a copy of daily STL files sent to CS and automatically saved to Box, with notifications sent to Accounts Payable-Fiscal Services and Bursar’s Office staff in a new email distribution list created. This creates an archive for tracking and auditing.
  • message the student from within the application
  • save internal comments on a loan application record within the application
  • save paper for all the forms
  • send messages to students through the application, which will automatically be sent to the sfsustl@sfsu.edu account for tracking and auditing
  • reduce the need for students to call about short-term loans

The benefits for the Bursar's Office staff:

  • The Short-Term Loan (STL) application will automatically send files via Secure FTP (SFTP) several times throughout the day to the Campus Solutions (CS) server for processing by the new job set created, replacing the former manual process of having to manually grab and process files in CS.
  • The Bursar’s Office also plans to use the model for STL job set and processing to process other files received, such as files from the Student Health Center. This will streamline fee processing for their office.

The benefits for the ITS web development team:

  • Allows for mobile-friendly interfaces for end users
  • Created reusable application program interfaces (API) for future web development
  • Developed a new automation process that integrates with CS, as well as using Box API for the archiving process logging that can be reused in future projects
  • Developed entirely with React, an open source JavaScript library for building user interfaces

Screenshots from the new Short-Term Loan Application

Short Term Loan Income Information

Review-Short Term Loan

 

Information Technology Services (ITS) Q3 2019 Highlights

The 3rd quarter of 2019 highlights ITS’ tightening of security in a variety of areas, the successful use of our Disaster Recovery site, network infrastructure improvements, and the launch of campus outreach training.

Campus Outreach Training

ITS launched campus outreach training for faculty, staff, and students to promote awareness and knowledge around technology services available to the campus. The first session focused on Microsoft Teams. Future sessions will include IT Resources, Qualtrics, Excel, and PowerPoint. These sessions will be offered periodically throughout the year and adjusted based on demand.

Campus Wireless Infrastructure Upgrade

ITS, in conjunction with the Chancellor’s Office, migrated the campus wireless infrastructure core to ArubaOS 8.3.0.6. This infrastructure upgrade supports the new generation of wireless access points, streamlines centralized configuration and management of wireless clients, and sets the stage for increased scalability.

Custom Web Applications Improvements and Enhancements

The CEL Shopping Cart was updated to include Zero Cost Course Material and integrate with cel.sfsu.edu, giving students the ability to directly add shopping cart items from cel.sfsu.edu. Minor enhancements have also been made to the Class Schedule and Parking Permit custom applications.

Disaster Recovery Site Successfully Utilized During Data Center Flood

In a combined effort with the Network and Facilities teams, the Systems team resolved issues that resulted from Campus Data Center flooding, which was shut down due to a broken water pipe in the Administration building on July 15, 2019. The Systems team was able to successfully failover several mission critical services (such as the SF State Global Login) to the Disaster Recovery site in Sacramento, which minimized campus impact. All services were successfully restored.

Information Security Audit by the Chancellor’s Office

The Information Security Audit conducted by the Chancellor’s Office started on Monday, August 19, 2019. The field work concluded on September 27, 2019.

The campus responded to a total of 172 data requests - 82 data requests from the auditors during the on-site field work portion of the audit, and 90 data requests prior to the on-site work. In addition, the campus participated in 45 in-person meetings.

Up next, the campus will receive a debriefing from the California Department of the Military on their vulnerability scanning activities, from which a draft report will be provided to the campus. 

ITS appreciates the cooperation and support of all the units across campus that assisted with and participated in the audit.

Mobile App Updates

Exciting updates have been made to the mobile app, featuring a Spotlight area for current student persona, and a spotlight image section to promote events. Icons were also added for email, iLearn, and a social media menu.

OneCard System Replacement

ITS was heavily involved in Fiscal Affairs' OneCard System Replacement Project, which implemented Transact to replace NuVision for door access, meal plans, and transportation services. Alongside Fiscal Affairs, various ITS teams collaborated with campus vendors to ensure a proper setup and smooth transition to the new system. The project completed in August 2019.

The OneCard system touches various points on and off campus, including:

  • BART
  • Housing
  • ITS
  • Mashouf Wellness Center
  • Muni
  • OneCard Office
  • Residential Life (ResLife)
  • Sodexo
  • Student Wellness Center
  • The University Corporation (UCorp)

PhishMe Reporter for Android and iOS Mobile Clients

The Systems Team implemented and rolled out the PhishMe reporter for mobile clients on Android and iOS. This allows for a consistent user experience to report suspicious email on either desktop Outlook, or Outlook Mobile for Android and iOS.

SF State ID Web Page Redesign

The Service Desk redesigned the SF State ID web page to improve the user experience, and now highlights common account questions related to password resets, locked accounts, and account and password setup.

Security Controls to Reduce Spam and Phishing Attacks & Compromised Accounts

SF State, as well as other CSU campuses, has experienced an increase in the number of phishing attacks and compromised accounts during the past quarter. Information Security, in collaboration with the Systems team, developed and implemented additional security controls and reports to reduce spam and phishing attacks originating from the SF State email system.

The significant increase in spam emails was in part due to a breach of the popular Chegg.com* website where students may have re-used their SF State email addresses and passwords. This allowed hackers to use the compromised credentials on the SF State email system to log in as the student users and send spam and phishing messages from those hijacked email accounts.

A security awareness notice was sent to all staff, faculty, and students as a reminder to not re-use passwords and to re-set their password at SF State if they may have re-used their password on chegg.com or any other site.

* Chegg provides student services like homework help, online tutoring, test preparation, scholarship searches, internship matching, and college application advice, as well as both digital and physical textbook rentals.

Smart Planner 10.5 Upgrade

A new version of Smart Planner 10.5 has been installed in Campus Solutions (CS). Smart Planner 10.5 contains a new primary feature that alerts students if they select a combination of courses to enroll in that will not help advance their efforts to earn their degree. This allows students to make the necessary adjustments to their schedule before they enroll. Several cosmetic enhancements have also been applied to improve ease-of-use and fix bugs.

Two-Factor Authentication (2FA)

The ITS Database and Infrastructure teams completed the upgrade of the Oracle Database cluster to require the use of Virtual Private Network (VPN) with Two-Factor Authentication (2FA) to access the database. This upgrade improved security and restricted network access to the Oracle databases.

Updated Websites Went Live

The ITS Web team launched updated websites for Facilities, Procurement, Administration & Finance, Quality Assurance Services, and the Office of Research and Sponsored Programs (ORSP) – all but one are on the new Drupal 8 platform. Stay tuned as a revised Drupal Template will be released in Q4.

UPN/UPS Bed Space Wi-Fi Refresh Completed

The Endpoint Support team completed the University Park North (UPN) / University Park South (UPS) bed space Wi-Fi refresh, which included security box installation for the Resnet network that is now supporting 4,767 connected devices.

2019 Cyber Security Awareness Month

2019 Cyber Security Awareness Presentation (PDF)

To view PDF files, please download Adobe Reader

Every October is National Cybersecurity Awareness Month, recognized by government and industry to raise awareness about the importance of cybersecurity.   

This year, the emphasis is on personal accountability and the importance of taking proactive steps to enhance cybersecurity at home and at work/on campus. The shared message is Own IT.  Secure IT. Protect IT.

These resources below will help you create positive, lasting, cybersecurity habits.

Own IT

Secure IT

Protect IT

 

 

 

Traveling Tips (PDF)

Strong Password (PDF)

Social Media Bots (PDF)

Online Privacy (PDF)

Multi-Factor Authentication (PDF)

Be Secure (PDF)

Social Media (PDF)

Work Secure (PDF)

Theft and Scams (PDF)

Internet of Things (PDF)

Phishing (PDF)

Your Digital Home (PDF)

 

Information Technology Services (ITS) Q2 2019 Highlights

Exciting enhancement and project releases highlight 2019 Q2 ITS progress. These upgrades and initiatives increased security in multiple areas, prepared us for a disaster, and increased efficiencies. Faculty, staff, and students all benefit from these ITS accomplishments.

Annual Refresh

Every year ITS partners with Administration & Finance (A&F), Student Affairs & Enrollment Management (SAEM), Advancement, and UCorp in order to identify and replace outdated equipment and ensure that our computers are compatible with the latest technology and security. ITS facilitated the order processing for over 220 computers in this year’s refresh, and the ITS Endpoint Management team has begun distributing this equipment. As part of this year’s refresh, ITS will also be introducing the latest build of Windows 10, as well as the 2019 version of the Adobe software suite.

Departmental Share Drive Upgrade & Scale Out

Departmental share drives allow users to store files on a convenient mapped drive so they can easily collaborate with their department colleagues. Files on the departmental shares are backed up daily, with self-service restoration so that users can recover what they need quickly. ITS recently upgraded the departmental share drives to improve security, performance, and capacity. The transparent replacement of the entire underlying hardware system ensures continued reliability.

Disaster Recovery Site

ITS built a disaster recovery (DR) site at CSU Sacramento to ensure that our most critical services are up and running in the event of a disaster. A DR site is a facility which is physically separate from SF State where campus can continue to provide IT services if the primary on-campus data center is unavailable. Core services like the SF State website, email, and the SF State Global Login (required for email access) can resume service in a matter of minutes in such an event. In July 2019 we leveraged these and other available services at the DR site after a pipe burst and flooded the on-campus data center.

Metabim Rollout

Facilities Services rolled out Metabim, its new work order system, and needed to implement a compatible mobile device solution. ITS recommended cellular-enabled iPad Mini 5s as the work order system requires a network connection. In areas where there is no SF State WiFi coverage, the device can defer to a cellular connection. ITS manages the devices using a Mobile Device Management (MDM) system called JAMF, which allows ITS to centrally manage updates to this iPad fleet.

These mobile devices were chosen to provide convenience for Facilities Staff when accessing the system, which is a very important part of their day-to-day tasks. The iPad Minis allow staff to be able to receive work orders and complete their work wherever they are on campus.

OnBase Upgrade

The ITS OnBase team, in collaboration with our Infrastructure and Database teams, upgraded the database and file storage systems for OnBase. We also completed the migration to OnBase 16 and retired our OnBase 13 environment. In addition, we increased the Confidential Data security in OnBase by upgrading the encryption and implementing Two-Factor Authentication (2FA) for all users. This was a large project involving many teams across ITS, most of all the ITS Service Desk teams and compatibility testers across campus, all of whom were integral to the success of the upgrade.

PeopleTools 8.56 Upgrade 

SF State performed a mandatory upgrade of PeopleTools to version 8.56 for Campus Solutions from May 24-27, 2019. This technology powers all PeopleSoft platforms that the University utilizes: Campus Solutions (CS), Human Resources (HR), and Common Management System (CMS). This upgrade was necessary since Oracle ended Critical Patch Support for version 8.55.

The CSU Chancellor's Office postponed the upgrade for the Common Financial System (CFS) due to resource constraints. Common Management System will therefore remain on PeopleTools 8.55 this year.

In 2020, all three PeopleSoft platforms, CS/HR/CMS, will be upgraded to PeopleTools 8.57.

Refreshed Websites for Procurement and Basic Needs

The Drupal 8 Web Content Management platform has been updated to enable new features which allow site builders to customize their sites without any coding knowledge. Drupal 8 offers significant improvements to the authoring experience, allowing site owners to update and maintain their sites with ease. In Q2, ITS launched two refreshed websites using Drupal 8 – Procurement and Basic Needs! These are amongst the first sites to use Drupal 8 as a part of our pilot program on campus. Our pilot includes developing and categorizing a robust set of ready-to-use configurable web page templates across the different types of campus units, creating training materials, and holding design advisory meetings. ITS will update campus about the Drupal 8 rollout as it progresses.

SF State Mobile App New Features

At the end of April 2019, ITS rolled out two new features available to students on the SF State Mobile Application. Students can now easily view their Degree Progress Report (DPR), which shows details on the General Education (GE) and the fulfillment of major requirements, including in progress work. In addition, students can view their current and future Enrollment Dates to register for classes. Enrollment Dates are available under Register in the Current Student view.

Two-Factor Authentication (2FA) for CFS

As a result of a 2016 security audit, Information Technology Services introduced Two-Factor Authentication (2FA) on May 15, 2019 for users logging into the Common Financial System (CFS) web application. 2FA technology provides a secondary authentication factor in addition to a user’s credentials (user name and password). This method of authenticating reduces the risk of a data breach by mitigating the likelihood of compromised user credentials. Users new to 2FA can self-provision 2FA by following the instructions found at https://its.sfsu.edu/guides/2fa.

SF State Global Login Change (Tuesday, April 2, 2019 at 10:00 p.m.)

Overview

The SF State Global Login page is getting an exciting makeover on Tuesday, April 2, 2019 at 10:00 p.m.! To improve security and promote campus pride, the new login page will display an image of the campus in the background, as seen below:

Screenshot of the SF State Global Login screen
Image of the newly-redesigned Global Login page for web

screenshot of the SF State Global Login
Image of the newly-redesigned Global Login page for mobile

The main purpose of this redesign is to improve security. We also wanted to improve the login experience by providing an uncluttered login screen. The newly-designed page was created by former Information Technology Services (ITS) student assistant and SFSU alumnus Bret Antonio Rodriguez and current ITS UX student assistant Emma Lynn Loveless.

What can you expect

Users may experience an interruption in the SF State Global Login page for a 10-minute period during the switch out at 10:00 p.m. on Tuesday, April 2, 2019. During that time, users will not be able to access services which require the SF State Global Login.

Support

If you experience issues or need assistance, please contact the ITS Service Desk at service@sfsu.edu or 415-338-1420.

Reminder to report phishing – here’s how!

This is a reminder that the “Report Phishing” Button in Outlook has been fixed and should be used to report suspicious email messages. In addition, the instructions for using the button in both Outlook and Outlook Web Access (OWA) have been updated and can be found here:

https://its.sfsu.edu/guides/phishingtrainingprogram

 

If you are not using the Outlook application to view your email, such as with your mobile device, you can always forward the suspicious emails to abuse@sfsu.edu and the Information Security team can still investigate the message. Thank you for being vigilant and helping protect SFSU’s information and systems.

 

ServiceNow is Live!

ServiceNow is Live!

ITS has migrated from the Footprints ticketing system to ServiceNow, a robust, industry-leading, cloud-based IT and customer service management application. ServiceNow will increase productivity, improve the service experience and speed up response time for end-user requests. Enhanced reporting features will be introduced, and ServiceNow will provide a platform for service providers to expand their service management capabilities.

You can still request help or service by contacting your service providers through the channels you previously relied on, for ITS: emailing service@sfsu.edu, calling 415-338-1420, or submitting a ticket online. Over the next few months, ITS will continue to add content, service providers, and services to the ServiceNow Portal.

 

Information Technology Services (ITS) Recent 2018 Releases for Custom and Campus Solution (CS) Apps

ITS is excited to share highlights from our Enterprise Application Development teams’ 2018 recent releases. With these advancements, ITS has streamlined processes, improved efficiencies, increased functionality, and made the overall IT experience a great one for students, faculty, and staff.

Parking Permits

Parking permits are available through the Parking & Transportation website. The previous purchasing process was more involved than it needed to be. In August, we launched the newly-architected Parking Permit Registration online application with a simplified design that is easier to navigate. It provides a more streamlined workflow for users, resulting in faster processing for first-time permit applications, along with some useful new features such as the Parking Map so user can view parking locations on campus, the ability to fully submit a request for parking online without having to email the Parking Department, Lot 19 automatic approvals for faculty and staff, and employees with payroll deduction can now switch between annual and semester permit types. These updates have substantially improved parking permit processes for students, staff, and faculty.

PeopleSoft Campus Solutions (CS)

September brought three new PeopleSoft Campus Solutions (CS) enhancements: 

1.     Enhanced Admission Status now allows undergraduate and graduate applicants to see the status of their applications and their outstanding application action items. The Admissions Office is already reporting a significant reduction in phone and email traffic during the spring 2019 application cycle.

2.     GE Status Mass Update is a new process that enables admission staff to update the General Education (GE) statuses of students in batch. This was previously done on a student-by-student basis and has cut down on application processing time.

3.     Electronic Graduate Application is the new, easy to use, online SF State Graduation Application containing features that improve a candidate’s user experience applying for graduation, with features such as:

  • Integrates seamlessly with Campus Solutions (CS)
  • Pre-populates a student’s completed SF State major and minor courses for selection criteria
  • Navigates easily and conveniently to student's Unofficial Transcript and Degree Progress Report
  • Generates a hard copy of the graduation application that students can take to their department and Registrar’s office for approval
  • Sends a soft copy of the application to the student’s SF State email address

SF State Mobile App Single Sign On (SSO)

November brought Single Sign On (SSO) to the mobile app. This upgrade is one of the most highly requested features from students and should make using the mobile app a more streamlined and efficient experience. After you log in to any Gateway application or Campus Solutions, you are good to go without needing to log in again!

Chegg Data Breach

SF State Students,

We have been made aware that the Chegg.com service that many students utilize has reported a data breach. This notification is to give you an opportunity, if you are using this service, to understand your rights and what steps you need to follow to secure your information from potential loss or misuse. Please take a moment and review the information below and if there are any questions or concerns, they can be addressed to the SF State Information Security team at security@sfsu.edu.

Thank you.

Tuan Anh Do
Senior Director, Infrastructure Services & Interim Information Security Officer
SF STATE | Information Technology Services

Notice of Data Breach

Hello,

We recently discovered that some data from your Chegg.com account, or one of its family of student services, may have been acquired by an unauthorized party, and I wanted to reach out to you directly to inform you of what happened and what we are doing to protect your information. While our investigation into this matter continues, we are letting you know now because we value our relationship with you and we take the security of your information seriously.

What Happened?

On September 19, 2018, we learned that, on or around April 29, 2018, an unauthorized party gained access to one of our databases that hosts user data. An investigation, supported by a third-party forensics firm, was commenced. We have determined that some of your account information may have been obtained, which is why you are receiving this notice.

What Information Was Involved?

Our understanding is that the data that may have been obtained could include your name, email address, shipping address, Chegg username, and hashed Chegg password. Our current understanding is that no financial information such as credit card numbers, bank account information, or social security numbers was obtained.

What We Are Doing

We will prompt you to change your Chegg.com password upon login. If your password has been changed on or after September 26th, 2018, you will not be prompted to change it again.

What You Can Do

In addition, it is always good practice to use different passwords for different online accounts. To the extent that you used the same password on any websites or apps that you used on your Chegg account, we recommend changing those passwords as well.

For More Information

We understand you may have questions. Find more information at this link or contact us at 1-855-581-9880.

Thank You,

Signature of Dan Rosensweig

Dan Rosensweig,
CEO of Chegg, Inc.

Important Online Security and Identity Theft Protection Information

Password Security

We recommend that you change your password for the relevant websites and apps you use with that password immediately after any security incident. We also recommend that you routinely change your passwords regardless of any incident, and only use long and complex passwords that contain at least ten characters and have a combination of types of characters such as commas, percent signs, and parentheses, as well as upper-case and lower-case letters and numbers. You should never use the same password for more than one device, site, or app, write your passwords down, or share passwords with others. We recommend using a password manager to help keep track of your passwords so that you have a unique, strong password for every secure website that you use.

You may obtain a free copy of your credit report online at www.annualcreditreport.com, by calling toll-free 1-877-322-8228, or by mailing an Annual Credit Report Request Form (available at www.annualcreditreport.com) to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA, 30348-5281. You may also purchase a copy of your credit report by contacting one or more of the three national credit reporting agencies listed below.

Equifax
P.O. Box 740241
Atlanta, GA 30374-0241
800-685-1111
www.equifax.com
Experian
P.O. Box 9532
Allen, TX 75013
888-397-3742
www.experian.com
TransUnion
P.O. Box 6790
Fullerton, CA 92834-6790
800-916-8800
www.transunion.com

Online Account Security

You should remain vigilant with respect to reviewing your account statements and credit reports from one or more of the national credit reporting companies above, and promptly report any suspicious activity or suspected identity theft to us and to the proper law enforcement authorities, including local law enforcement, your state's attorney general, and/or the Federal Trade Commission ("FTC"). You may contact the FTC or your state's regulatory authority to obtain information about avoiding and protection against identity theft: Federal Trade Commission, Consumer Response Center 600 Pennsylvania Avenue, NW, Washington, DC 20580, 1-877-IDTHEFT (438-4338), www.ftc.gov/idtheft. Residents of Maryland, North Carolina and Rhode Island may also obtain information about preventing and avoiding identity theft by contacting: Maryland Office of the Attorney General, Consumer Protection Division, 200 St. Paul Place, Baltimore, MD 21202, 1-888-743-0023, www.oag.state.md.us; North Carolina Office of the Attorney General, Consumer Protection Division, 9001 Mail Service Center, Raleigh, NC 27699-9001, 1-919-716-6400, www.ncdoj.gov; and Rhode Island Office of the Attorney General, Consumer Protection Unit, 150 South Main Street, Providence, RI 02903, 1-401-274-4400, www.riag.ri.gov.

Fraud Alerts

There are two types of fraud alerts you can place on your credit report to put your creditors on notice that you may be a victim of fraud: an initial alert and an extended alert. You may ask that an initial fraud alert be placed on your credit report, which stays on your report for at least one year, if you suspect you have been, or are about to be, a victim of identity theft. You may have an extended alert placed on your credit report, which stayson for seven years, if you have already been a victim of identity theft with the appropriate documentary proof. You can place a fraud alert on your credit report by contacting any of the three national credit reporting agencies at the toll-free numbers listed below:

Equifax
877-478-7625
Experian
888-397-3742
TransUnion
800-680-7289

Credit Freezes

You may have the right to put a credit freeze (or security freeze) on your credit file, so that no new credit can be opened in your name without the use of a PIN number that is issued to you when you initiate a freeze. If you place a credit freeze, potential creditors and other third parties will not be able to get access to your credit report unless you temporarily lift the freeze. Therefore, using a credit freeze may delay your ability to obtain credit. Credit freeze laws vary from state to state, but there is no cost anywhere in the country for freezing or unfreezing your credit file. You must separately place a credit freeze on your credit file at each credit reporting company. Please contact the three major credit reporting companies as specified above for more information.

3990 Freedom Circle, Santa Clara, California 95054

 

October is National Cybersecurity Awareness Month

StaySafeOnline has published the following weekly themes and topics for the month:

Week 1: Oct. 1­–5: Make Your Home a Haven for Online Safety

Every day, parents and caregivers teach kids basic safety practices ‒ like looking both ways before crossing the street and holding an adult’s hand in a crowded place. Easy-to-learn life lessons for online safety and privacy begin with parents leading the way. Learning good cybersecurity practices can also help set a strong foundation for a career in the industry. With family members using the internet to engage in social media, adjust the home thermostat or shop for the latest connected toy, it is vital to make certain that the entire household ‒ including children – learn to use the internet safely and responsibly and that networks and mobile devices are secure. Week 1 will underscore basic cybersecurity essentials the entire family can deploy to protect their homes against cyber threats.

Week 2: Oct. 8–12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity

A key risk to our economy and security continues to be the shortage of cybersecurity professionals to safeguard our ever-expanding cyber ecosystem. Raising the next generation of interested and capable cybersecurity professionals is a starting point to building stronger defenses. There are limitless opportunities to educate students of all ages – from high school into higher education and beyond – on the field of cybersecurity as they consider their options. In addition, veterans and individuals who are looking for a new career or re-entering the workforce, should explore the multitude of well-paying and rewarding jobs available. Week 2 will address ways to motivate parents, teachers and counselors to learn more about the field and how to best inspire students and others to seek highly fulfilling cybersecurity careers.

Week 3: Oct. 15–19: It’s Everyone’s Job to Ensure Online Safety at Work

When you are on the job – whether it’s at a corporate office, local restaurant, healthcare provider, academic institution or government agency ‒ your organization’s online safety and security are a responsibility we all share. And, as the lines between our work and daily lives become increasingly blurred, it is more important than ever to be certain that smart cybersecurity carries over between the two. Week 3 will focus on cybersecurity workforce education, training and awareness while emphasizing risk management, resistance and resilience. NCSA’s CyberSecure My Business will shed light on how small and medium-sized businesses can protect themselves, their employees and their customers against the most prevalent threats.

Week 4: Oct. 22–26: Safeguarding the Nation’s Critical Infrastructure   

Our day-to-day life depends on the country’s 16 sectors of critical infrastructure, which supply food, water, financial services, public health, communications and power along with other networks and systems. A disruption to this system, which is operated via the internet, can have significant and even catastrophic consequences for our nation. Week 4 will emphasize the importance of securing our critical infrastructure and highlight the roles the public can play in keeping it safe. In addition, it will lead the transition into November’s Critical Infrastructure Security and Resilience Month, which is spearheaded by the U.S. Department of Homeland Security.

Stay tuned to the ITS Twitter account (@SFSU_ITS) for more information on Cybersecurity Awareness Month!