The 3rd quarter of 2019 highlights ITS’ tightening of security in a variety of areas, the successful use of our Disaster Recovery site, network infrastructure improvements, and the launch of campus outreach training.
Campus Outreach Training
ITS launched campus outreach training for faculty, staff, and students to promote awareness and knowledge around technology services available to the campus. The first session focused on Microsoft Teams. Future sessions will include IT Resources, Qualtrics, Excel, and PowerPoint. These sessions will be offered periodically throughout the year and adjusted based on demand.
Campus Wireless Infrastructure Upgrade
ITS, in conjunction with the Chancellor’s Office, migrated the campus wireless infrastructure core to ArubaOS 188.8.131.52. This infrastructure upgrade supports the new generation of wireless access points, streamlines centralized configuration and management of wireless clients, and sets the stage for increased scalability.
Custom Web Applications Improvements and Enhancements
The CEL Shopping Cart was updated to include Zero Cost Course Material and integrate with cel.sfsu.edu, giving students the ability to directly add shopping cart items from cel.sfsu.edu. Minor enhancements have also been made to the Class Schedule and Parking Permit custom applications.
Disaster Recovery Site Successfully Utilized During Data Center Flood
In a combined effort with the Network and Facilities teams, the Systems team resolved issues that resulted from Campus Data Center flooding, which was shut down due to a broken water pipe in the Administration building on July 15, 2019. The Systems team was able to successfully failover several mission critical services (such as the SF State Global Login) to the Disaster Recovery site in Sacramento, which minimized campus impact. All services were successfully restored.
Information Security Audit by the Chancellor’s Office
The Information Security Audit conducted by the Chancellor’s Office started on Monday, August 19, 2019. The field work concluded on September 27, 2019.
The campus responded to a total of 172 data requests - 82 data requests from the auditors during the on-site field work portion of the audit, and 90 data requests prior to the on-site work. In addition, the campus participated in 45 in-person meetings.
Up next, the campus will receive a debriefing from the California Department of the Military on their vulnerability scanning activities, from which a draft report will be provided to the campus.
ITS appreciates the cooperation and support of all the units across campus that assisted with and participated in the audit.
Mobile App Updates
Exciting updates have been made to the mobile app, featuring a Spotlight area for current student persona, and a spotlight image section to promote events. Icons were also added for email, iLearn, and a social media menu.
OneCard System Replacement
ITS was heavily involved in Fiscal Affairs' OneCard System Replacement Project, which implemented Transact to replace NuVision for door access, meal plans, and transportation services. Alongside Fiscal Affairs, various ITS teams collaborated with campus vendors to ensure a proper setup and smooth transition to the new system. The project completed in August 2019.
The OneCard system touches various points on and off campus, including:
- Mashouf Wellness Center
- OneCard Office
- Residential Life (ResLife)
- Student Wellness Center
- The University Corporation (UCorp)
PhishMe Reporter for Android and iOS Mobile Clients
The Systems Team implemented and rolled out the PhishMe reporter for mobile clients on Android and iOS. This allows for a consistent user experience to report suspicious email on either desktop Outlook, or Outlook Mobile for Android and iOS.
SF State ID Web Page Redesign
The Service Desk redesigned the SF State ID web page to improve the user experience, and now highlights common account questions related to password resets, locked accounts, and account and password setup.
Security Controls to Reduce Spam and Phishing Attacks & Compromised Accounts
SF State, as well as other CSU campuses, has experienced an increase in the number of phishing attacks and compromised accounts during the past quarter. Information Security, in collaboration with the Systems team, developed and implemented additional security controls and reports to reduce spam and phishing attacks originating from the SF State email system.
The significant increase in spam emails was in part due to a breach of the popular Chegg.com* website where students may have re-used their SF State email addresses and passwords. This allowed hackers to use the compromised credentials on the SF State email system to log in as the student users and send spam and phishing messages from those hijacked email accounts.
A security awareness notice was sent to all staff, faculty, and students as a reminder to not re-use passwords and to re-set their password at SF State if they may have re-used their password on chegg.com or any other site.
* Chegg provides student services like homework help, online tutoring, test preparation, scholarship searches, internship matching, and college application advice, as well as both digital and physical textbook rentals.
Smart Planner 10.5 Upgrade
A new version of Smart Planner 10.5 has been installed in Campus Solutions (CS). Smart Planner 10.5 contains a new primary feature that alerts students if they select a combination of courses to enroll in that will not help advance their efforts to earn their degree. This allows students to make the necessary adjustments to their schedule before they enroll. Several cosmetic enhancements have also been applied to improve ease-of-use and fix bugs.
Two-Factor Authentication (2FA)
The ITS Database and Infrastructure teams completed the upgrade of the Oracle Database cluster to require the use of Virtual Private Network (VPN) with Two-Factor Authentication (2FA) to access the database. This upgrade improved security and restricted network access to the Oracle databases.
Updated Websites Went Live
The ITS Web team launched updated websites for Facilities, Procurement, Administration & Finance, Quality Assurance Services, and the Office of Research and Sponsored Programs (ORSP) – all but one are on the new Drupal 8 platform. Stay tuned as a revised Drupal Template will be released in Q4.
UPN/UPS Bed Space Wi-Fi Refresh Completed
The Endpoint Support team completed the University Park North (UPN) / University Park South (UPS) bed space Wi-Fi refresh, which included security box installation for the Resnet network that is now supporting 4,767 connected devices.
Every October is National Cybersecurity Awareness Month, recognized by government and industry to raise awareness about the importance of cybersecurity.
This year, the emphasis is on personal accountability and the importance of taking proactive steps to enhance cybersecurity at home and at work/on campus. The shared message is Own IT. Secure IT. Protect IT.
These resources below will help you create positive, lasting, cybersecurity habits.
Follow ITS at SF State on Twitter!
Our feed tracks technology trends in education, as well as campus technology announcements and general goings-on in Information Technology Services. Click the link and get chirping! https://twitter.com/sfsu_its
For more information on campus use of social media, go to: http://social.sfsu.edu/