Mailman IT Alert/PSA List

Mailman IT occasionally issues alerts and public service announcements related to IT policies, resources, and initiatives. Below is a list of the most recent alerts and PSAs. 

2021

An Alert From Mailman IT: Microsoft Patch for PrintNightmare Vulnerability

Please be advised that Microsoft has issued an emergency patch to protect devices running Windows 7 and WIndows 10 from the PrintNightmare vulnerability.

Action Required:  Remote Workers

If you are currently working off campus, you will need to make sure your computer has the latest Microsoft updates with the PrintNightmare patch. If you are not sure how to check for updates, simply follow this video: How to Force Windows Updates/Check Updates

NOTE: Don't forget the last, critical step, which is to reboot your computer once the update has installed! 

Action for On-Campus Employees

If you are currently working on campus with a School-owned device, the updates will be pushed over the network to your device. Just make sure to let the updates run, and again, don't forget to reboot your computer once the update has installed! 

If you have any questions or concerns, please reach out MSPH IT at msph-tickets@cumc.columbia.edu

2019

An Alert From Mailman IT: HIPAA Training Sanctions Now in Force

Please be advised that this week CUIMC began actively sanctioning anyone who has not completed CUIMC's required annual HIPAA training; the training deadline was May 31st.  Sanctions, at a minimum,  include losing access to email, RASCAL, and the libraries. Access will not be restored until the training module's official "certificate of completion" has been provided to CUIMC IT by the user. 

I think I may be delinquent. How do I check?
If you are unsure if you have completed the training or not, please go to the Enterprise Learning Management System, log in with your UNI and password, and click on “My Learning Plan”. Any training assigned to you will be listed, along with its completion status.

If the system shows that you are delinquent,  we strongly encourage you to take it immediately. Once blocked, restoration of your email service can take days, and really hamper your work.

What do I do if I suspect my systems access is already blocked?
If you are unable to access RASCAL and/or your email, and you missed the HIPAA training deadline, you are likely already blocked. Your only recourse is to log in to the training portal immediately and check your training status. If it shows as unfinished or not started, complete the training immediately. Once you have your certificate of completion, please call 5Help for assistance in getting your system access restored.

How do I make sure I remember to do my training next year?
The Office of HIPAA Compliance typically sends everyone the link to the training in January, so please look for it. The email will come from "columbia@sabacloud.com", the University's training platform. You can take the training at any time after you receive the link, but no later than the deadline communicated in the email. This HIPAA training takes about 45 minutes.
 
Does the training requirement even apply to me?
CUIMC policy requires that everyone working or studying at the Medical Center complete the annual online HIPAA training course. New members of the community have 30 days from their date of hire to complete the training while existing members must have their annual training completed in the Spring. This year's deadline was May 31st.

I'm still unsure. Where can I learn more? 
The training is administered by CUIMC's Office of HIPAA Compliance. Please visit their Website's training page for more information.

Elizabeth Tashiro (Pronouns: she, her, hers)
Chief Technology Officer and Associate Dean
Columbia University Mailman School of Public Health

2018

June

Dear all,

I wanted to alert you to the roll-out of a new security tool designed to protect us from malicious email. Below, please find the announcement from CUMC Information Security, along with an in-depth description of what the software does and what you can expect as an email recipient. In short, when you click on an email link, the software scans it to ensure that it is “friendly.” If so, you will be directed seamlessly to the intended site. If the software detects malicious intent, you will be redirected to a page announcing that the site is blocked and why. Attachments are similarly scanned for threats and directed to the existing Spam Digest if required. 

As noted below, in many cases, you won’t notice anything different. However in some cases, you may notice that a link URL now begins with https://urldefense.proofpoint.com. That just means the software is at work and will be safe to click on.

You can reach out to CUMC Information Security via 5Help with questions or concerns, or if you prefer, contact Mailman IT and we will work to get an answer for you.

May

All, I am providing you with a tweaked version of CU’s GDPR update that I received yesterday afternoon, to ensure that you have the resources and information you need related to compliance:

As you are aware, the European Union’s General Data Protection Regulation (GDPR) is enforced beginning today, May 25th, 2018. The GDPR is intended to help protect the privacy of EU residents (any individual who is physically located in an EU member state and can include both EU and non-EU citizens) and provide legal standing to keep their personal data safe. GDPR puts the responsibility for data security on entities that process personal information, with severe penalties for failing to meet standards.

Columbia has provided the compliance resources below:

The CU Website Cookie Notification and Cookie Statement on CU web sites, to inform users of cookie usage practices and to seek consent. Mailman School Web sites are expected to do the same, and link to the CU’s Cookie Statement. Example attached.

The Columbia University Privacy Notice to inform users that the University is committed to protecting the privacy of individuals. Mailman is instructed to direct our users to this main Privacy Notice.

A GDPR Web Page where EU residents may initiate requests for their rights to data, which include the Request for Information, Request for Erasure, and Request for Rectification. For other GDPR questions or comments, they can send an email to gdpr-requests@columbia.edu. Again, Mailman users who are EU residents with questions about their data should access this GDPR Web page and email.

Data Processing Agreement (DPA) Update: GDPR also requires a Third Party Vendor "Processor” (an entity that processes personal data only on behalf of and on the instructions of the service providers or “Controller”) to follow GDPR data protection requirements and honor EU resident data subject rights. To address these requirements, OGC, along with Hogan Lovells, has developed a CU Data Processing Agreement “DPA.” Third-party vendors are required to sign a DPA. This revised version along with the CU internal procedures on how to handle DPAs (involving Central Procurement and OGC) will be distributed to CITGs today. If you have questions about your own vendor DPA’s, please reach out to Mailman IT’s Elizabeth Tashiro at es2222@cumc.columbia.edu for next steps.
GDPR can also impact list management practices. Mailman faculty and staff with questions about mailings lists should reach out to: Anne Foulke at af2231@cumc.columbia.edu or John LaDuca at jl4501@cumc.columbia.edu in Mailman Communications. They are in touch with CU Communications and will be able to provide updates and resources as available.

March

All,

Now that CUMC’s Mercury Wifi has hit its 1-year anniversary, many of you are getting email notices stating “Your Mercury Registration is About to Expire.” The notice looks a lot like spam. However, it is legit. You have to reregister your devices annually to use this particular Wifi network. Here is a link to an FAQ section on Mercury Wifi with more details: http://www.cumc.columbia.edu/it/howto/wireless/faqs.html#register. I’ve also included a picture of the registration notice itself for your reference. Hope it helps to clear up some of the confusion!

January

All,

I am passing along this link I received from CUIT (Downtown IT) related to protecting your devices from the Spectre and Meltdown vulnerabilities. I thought it was worth forwarding as they did a very good job of explaining what the issues are, how they are handling, and providing resources that you can use to protect your own equipment. Rest assured, MSPH IT is taking similar steps to CUIT and other tech teams at the University to ensure that your school-owned devices are properly secured.  However, I realize that figuring out what to do about your own devices can be a daunting task when issues like these arise.

https://cuit.columbia.edu/spectre-meltdown

Hope it helps!

All,

In preparation for the Spectre and Meltdown vulnerability patch rollout, it is a good idea to do a file backup. Key files obviously, and ideally a full backup. In addition, we’re requesting that you reboot your computer once the backup is complete.

Thank you.

2017

December

Subject: Mailman IT Alert: Upcoming ListServ down time

All,

Just passing along a heads-up to anyone who uses CUMC’s ListServ software to send mass emails. Please see its announcement about the recurring ListServ maintenance plan and downtime.

Happy Holidays!

Elizabeth

September

Subject: Mailman IT Alert: Ransomware Attack

All,
CUMC is in the midst of a ransomware attack and Security is working diligently to minimize its impact. Endpoints are being scanned, and when required, are being blocked from the network. Additionally, some central IT services such as file shares, Web servers, collaboration tools may experience service disruptions. Dwayne and team are working hard to make sure that our endpoints are as protected as possible. We are being notified if Mailman computers are compromised – if this occurs, Dwayne and team will reach out with next steps.

As always, thanks for your cooperation as we work against this threat.

Mailman IT

 

Subject: Mailman IT Alert: Phishing Attack!

All,

Please be advised that there are several phishing attacks underway on campus. Most claiming that someone has sent you something, with a subject line that says (Sent by xyz name). Please report any phishing to spam-abuse@cumc.columbia.edu, and remember:

Don’t open emails from unknown sources. Beware of emails that arrive out of the blue or seem odd, even from those you know. Treat with caution any email with an attachment especially one that is unexpected. Avoid clicking on embedded links unless you have verified it’s from a legit source

Safe computing,
Mailman IT

July

Subject: Mailman IT Alert: Reminder & Tips -- This Weekend's Office 365 Email Migration

All,

Just sending a reminder along that our migration to Microsoft 365 email begins late Sunday night (July 23/24). Please be aware of these few things:

  • Vacationers: If you are away during the migration, please turn-off any out-of-office message you set up. CUMC IT informs us that the auto reply feature can complicate the migration process. So better safe than sorry! You can reactivate your auto response Monday morning, post migration if you are still away.
  • Shared Mailbox Owners: CUMC IT is doing its best to migrate all MSPH-related shared mailboxes on Sunday, so that you can access them seamlessly Monday morning.  However, in the event your shared mailbox is missed in the migration, it will not be accessible to you until August 15th when the campus migration is complete.  If you have an URGENT need to access a shared mailbox before then, please open a ticket with  msph-tickets@cumc.columiba.edu. We will work with CUMC IT to have your shared mailbox access restored asap.
  • Everyone:

Based on how the pilot migration went, this should go very smoothly. However, all techs will be on hand Monday at 8 am to provide support if you cannot access your mail. Please just open a ticket with msph-tickets@cumc.columiba.edu and someone will be assigned to work with you.

Best,
Mailman IT

 

Subject: Mailman IT Alert: Office 365 Email Migration

As you may know, CUMC is replacing its Exchange email solution with email from MS Office 365. Our migration will be happening toward the end of this month (July), and based on the few pilot users done so far, it should be fairly seamless. That said, there are a few things you’ll want to be aware of:

The migration requires that the UPN on all your email-enabled devices be updated prior to the migration (you can update it now, without any negative impact on your mail.). To update your UPN, please find the type of device you have and follow these instructions below. Please note: In some cases the instructions start with “Remove Your CUMC Email…” however, these instructions also provide a link to reconfigure your email so that it works with MS Office 365. You just have to remove the existing account first.

CUMC is only rolling out Office 365 email at this time. Applications such as One Drive and Skype are not part of this migration.
Email back-up has changed. Office 365 provides email recovery of deleted items still in trash for 30 days only. Items that have been permanently deleted may be recoverable for up to 14 days. Tape backup and archiving of PSTs has been completely eliminated.
Email account quotas have been increased. You will still get a message if your mailbox is becoming full when you are within 3 GB of the quota.
Please open a ticket with msph-tickets@cumc.olumbia.edu should you have trouble with changing your UPN,  Office 365 email or the migration.

Happy Summer!

June

Subject: Mailman IT Alert: New Ransomware attack

All,

There is another worldwide ransomware attack occurring as I type:

http://thehackernews.com/2017/06/petya-ransomware-attack.html

This one is a little different, as it is not only using the network to spread, but also email via an infected word document.  As always, you can help protect yourself by doing the following:

  1. If you use a work laptop and have not plugged into the CUMC network recently, you should, as our work laptops get the updates automatically via the CUMC network and this will ensure that your laptop is up-to-date. Likewise, you will want to make sure your personal devices are up-to-date.
  2. Make sure you have let all OS updates run without interruption and restarted
  3. Stay vigilant. Follow best practices for avoiding email phishing and malware:
    1. Don’t open emails from unknown sources.
    2. Beware of emails that arrive out of the blue, even from those you know.
    3. Treat with caution any email with an attachment, especially one that is unexpected.
    4. Avoid clicking on embedded links unless you have verified it’s from a legit source
  4. Report any suspicious emails to: spam-abuse@cumc.columbia.edu

Thank you. Happy, safe computing!

 

Subject: Mailman IT Alert: Office 365

All, CUMC sent an email around Monday related to the roll-out of our new Office 365 email solution. It Is being rolled out in waves, one batch of users at a time. As pools of users are identified for the email migration, Mailman techs will be making the rounds to update your account settings and make sure everything is working fine.

You can disregard the steps included with CUMC's email.

We will be reaching out over the summer to get things going. If you would like to volunteer to pilot this in its early phases, please email Dwayne Dixon at dad2167@cumc.columbia.edu.

Please let us know if you have any questions or concerns!

May

Subject: Mailman IT Alert: Large Ransomware Attack

All,

Many of you have probably heard that the largest ransomware attack ever was sweeping across Europe earlier today and was headed around the world. It is targeting a vulnerability in Windows PC s. PC s at School are protected with antivirus software, and the team has worked hard to make sure patches are up-to-date. However, I am sending this along to those of you who may be running Windows on a home PC in case you are unaware of how to protected your personal digital assets.  

As a precaution you should go ahead and make sure you have allowed all Windows updates to run on your machine. In addition, make sure your antivirus definitions are completely up-to-date. If you do not have anti-virus on your home computer, you should certainly install it. I can’t personally recommend any, but there are many options out there — for example, Kapersky and McAfee both have free trials, and basic Avast is completely free.  I encourage you to take advantage of something if your computer is not already protected!

http://money.cnn.com/2017/05/12/technology/ransomware-attack-nsa-microsoft/index.html

Stay safe out there!

 

Subject: Mailman IT Alert: Seriously Sophisticated Phishing

All,

It has come to my attention that there have been some targeted phishing attacks specifically directed at CUMC finance staff. In one case, the hackers actually researched the CUMC hierarchy, spoofed a staff email address, and sent email to the person’s superiors trying to get information.  This is pretty hardcore. Although in this case the target was finance staff, it could easily have been another group.

 So, I am sending this email reminder to stay vigilant. If you receive an email that seems a little odd or requests something unusual, even from someone you know, don’t act on it immediately. Instead, pick up the phone and call the person to confirm its legitimacy. In addition, a lot of computer attacks actually start with a phone call. Someone may call and request company information — staff names, org charts, login credentials, etc, and then use that information in a computer attack. You should NEVER share your login credentials over the phone or otherwise, and always verify the identity of the caller before sharing anything else.

On a side note, there was also a Google Docs phishing scheme circulating the Web yesterday. Google has taken action to stop its spread, but you can learn more here

Thanks as always for your attention to security! It’s rough out there.

March

Subject: Mailman IT PSA: Online Security Myths & Facts

All,

Thought this article, as well as the resources it links to, did a good job of presenting online security issues in a very digestible way, so passing it along. The embedded video about hacking was pretty interesting, too.

http://money.cnn.com/2017/03/22/technology/cybersecurity-misconceptions-pew/index.html

Happy weekend!

 

Subject: Mailman IT PSA: Possible Apple iCloud Compromise

All,

As you may have heard,  a “Turkish Crime Family” has issued a ransom demand related to what it claims are hacked Apple iCloud accounts. Apple has denied any account compromise. However, as a safety precaution, if you are an Apple account holder, you may wish to change your password by April 7th to be on the safe side.  

To do so:

  1. Go to: https://appleid.apple.com/#!&page=signin
  2. Login to your Apple account (iTunes, iPhone backup, Apps)
  3. Scroll down to the Security section. You’ll see the Change Password link.
  4. Change your password. While you are there, you should also set up a Rescue Email as well as Two-Factor Authentication, which provides an added level of security.

Here is one article if you’d like to learn more.

 

Subject: Mailman IT Alert: Malware Protection Pilot

Colleagues, 

CUMC’s Information Security Team is piloting some new security software and they have asked Mailman if we would be able to coordinate some users to participate. The pilot software, Tanium, promises a new level of malware detection and remediation. As you have either been repeatedly targeted by malware or work with sensitive data, you are a prime pilot participant.

Before kicking this off, I want to give you an overview of what the pilot entails and what, if any, impacts you could expect from participating.

How it works: The Tanium software is installed on your desktop/laptop to basically monitor the health of your device in real time. It does this by essentially taking a series of snapshots of your computer’s standard activity (not your activity) and configuration, and then monitoring both for any behavior or changes out of the norm.  Anomalies are then investigated, and remediated if required.

Benefits: Because Tanium provides real-time reporting, malware can be detected before it has a chance to damage its host machine or spread to other devices. In addition, because threats are detected so early, malware removal is much less intrusive than a full computer “do-over”, which is the way infections are usually handled. This saves you time and in many cases, data.

Established limits: Tanium is a very powerful tool, so we have a commitment from InfoSec to respect and protect users’ privacy:

  • No files will be viewed, edited or removed without explicit user permission.
  • No remediation action will be taken without first notifying Mailman IT, and thru us, our users, unless there is an emergency. In this case, users will be notified asap.
  • The Tanium software will be removed immediately upon user request.
  • The Pilot will run for about 40 days, after which the client will be removed from you computer.

Dwayne and company will be reaching out in the coming days to discuss your participation in the pilot and install the client. The team itself has been running the software, and we are happy to report that it has had no impact on computer performance, so that should not be a concern! We are really excited about this opportunity to better protect our users proactively, instead of after the fact, which is always so disruptive. We hope you agree!

Best and thanks, as always!
Elizabeth

 

Subject: Mailman IT Alert: Active Phishing

All,

I am receiving reports of several phishing attempts currently underway. The ones I have seen so far have the subject lines:

  • Microsoft Exchange
  • Meeting Scheduled
  • Notice of Transfer

As always, please delete these emails without opening attachments or visiting any links. If you accidentally opened an attachment or provided info to a Web site, please open a ticket with us so that we can assess your computer. 

As always, exercise extreme caution when reading your email — do not open suspicious emails from people you do not know or odd emails that appear out of the blue from people you do know — their email may be compromised. If the emails were legit and people really need to reach you, they will try you again when you do not respond, so you are unlikely to miss anything important by being cautious.

Thanks for your vigilance.

 

Subject: Mailman IT Alert: New Mercury Wifi Follow-up​

Just a brief follow-up to CUMC’s announcement about Mercury Wifi, Athen’s replacement. 

  1. You are strongly encouraged to move to Mercury as soon as possible, as Athens is end-of-life and could be taken offline at any time.
  2. If you run into any difficulties accessing the Mercury network, please open a ticket with us at msph-tickets@cumc.columbia.edu so that we can help!

All the best,
Mailman IT

February

Subject: Mailman IT Alert: "Delivery Failed" Phishing Scam

All, please be advised that there is a phishing scam circulating, subject line: Delivery Notice: Delivery Failed. As always, please do not access the attachment in the email — your best bet is to delete it without opening it.

If you did access the email and are concerned, please open a ticket with us so that we can assess your device!

All the best,
Elizabeth

 

Subject: Mailman IT Alert: "IT Department" Phishing Email

Dear Colleagues, 

Hearing reports of a phishing email going around, subject line: “IT Department.” While I know that by now, we’re savvy enough to recognize such an obvious phishing attempt… I am sending this alert just in case it catches somebody at a weak or distracted moment — it happens to the best of us. 

As always, if you responded to the phishing attempt, please change your CUMC and CU login credentials immediately. Also, let us know so that we may evaluate your computer for any possible compromise. Please also be advised that this has been reported to the spam-abuse email.

 

Subject: Mailman IT Alert: Online Duo Authentication training TODAY via WebEx

Dear all,

CUIT is hosting a WebEx presentation to review the ins-and-outs of enrolling in Duo Authentication today. If you feel this would be helpful, I encourage you to tune in. The training is online from 1:30 – 2 p.m. You can find the full participation details here.

 

Subject:  Mailman IT Alert: Phishing E-mail "Final Warning"

All,

Some IT groups on campus are reporting a phishing email attack, subject line “Final Warning.” Apparently it states that your e-mail password is expiring and provides a link to reset it. This is a scam! Do not click on the link in the e-mail. In fact, you’d be smart to simply delete it without opening it at all. 

As in the case of all such e-mails, if you do see it in your mailbox, please forward it to spam-abuse@cumc.columbia.edu.

 

Subject: Mailman IT Alert: Explaining HIPAA Training Deadlines

All, there has been some confusion related to CUMC’s online HIPAA training obligations and deadlines. Bear with me while I do my best to clear some of it up.

Everyone (full-time, part-time, adjunct, faculty, staff, student, etc.) who participates in the work of CUMC, is required to complete the online training annually.
For existing members of the CUMC community, access to the training Website is usually opened sometime in January, with a required completion deadline in April. For 2017, the training portal is currently open; the completion deadline is April 20, 2017.
People just joining CUMC are treated differently — the April deadline does not apply:

New people receive a training email as soon as they activate their uni. They are required to complete the training within 30 days. That training fulfills their annual training requirement thru December 31st of that year, after which they will be on the regular training schedule.
Note: Those who take the training in December fulfill the training requirement for the current year as well as the following year.

Anyone who does not complete the training by their deadline immediately loses access to Rascal. If you continue to remain out of compliance with the training requirement, your Exchange e-mail is also disabled.

Hope this helped! If you have additional questions, your best bet is to reach out directly to the Privacy Office, although you are always welcome to follow up with me.

 

Subject: Mailman IT PSA: NPR's Privacy Paradox Project

All,

I wanted to bring a resource to your attention. WNYC is launching a new project called “The Privacy Paradox”. To quote its Website, it is for those of us who “…love the convenience of living online. But you want more control over where your personal information goes and who can see it.” This initiative combines a podcast, newsletter and even a “privacy quiz” designed to help you make more informed choices about who you allow to access your digital information. 

If you are interested, you can check it out at here.

January

Subject: Mailman IT Alert: Chrome Browser Vulnerability

We’ve been notified by CUMC Information Security that the WebEx extension for Chrome browser has a security vulnerability.  Although Chrome usually updates automatically, we are asking Chrome users to take the extra step to make sure their browser extensions are up-to-date, just to be on the safe side.  Please use the attached rudimentary movie clips (one for Windows and one for MAC) that demonstrate how to manually update the extensions.

If you have not used WebEx and don’t have the plugin, we still recommend that you update whatever Chrome extensions you do use. Keeping all your software up-to-date is a great habit to get into, so why not take this opportunity?!

Questions? Concerns? Let us know!

 

Subject: Mailman IT Alert: Lee Bollinger Email Scam

Passing along a message from CUIT:

You are receiving this message because there may have been a email phishing attempt on your account.  At the bottom of this message is a copy of the email you may have received. If you did not receive this email then no further action is required by you at this time. However, if you did receive it please be advised as follows:

  • This phishing email contained a PDF attachment that asked the recipient to "click here to access", which then led to a fraudulent imitation Google Drive login page.
  • It is important that you change your password IMMEDIATELY.  This will assist in protecting your account and access to any sensitive information (e.g., bank account information, social security number). This information is collected very quickly and your account is very likely at risk.

To change your password please take the following steps:

  1. From a web browser, go to the Columbia home page and click on"Email" at the top of the page
  2. From there, click "Manage My UNI"
  3. Click on the "Change Your Password" link
  4. You will be asked to log in again to verify your identity and then

Please follow the instructions to reset your password. Unfortunately these types of scams are becoming more and more common. CUIT has several practices in place that allows us to block these attempts on a daily basis however we do apologize for missing this one and thank you in advance for re-securing your account. If you have any questions or concerns, please do not hesitate to contact the CUIT Service Desk at askcuit@columbia.edu or 212-854-1919.

 

Subject: Mailman IT Alert: Clarifying CUMC IT's Multi-Factor Authentication Roll-Out

Hi all,

I am resending information about  the roll-out of Multi-factor Authentication at CUMC, as I have received some questions about it and want to clarify. I hope this helps!

What is multi-factor authentication? 
It is basically a system whereby users are required to provide their password plus additional evidence to prove their identity in order to access online resources. In Columbia’s case, the “additional evidence” is gathered via your cell phone or landline phone with a software called “Duo."

How will it impact me?
Initially, you will only be asked to use multi-factor authentication when logging into the University’s My Columbia Self Service Web Portal or ARC, although it may be added to additional systems in the future.

Do I have to do anything in advance to be ready for Duo multi-factor authentication?
No. You will simply be prompted to enroll in Duo the first time you try to access the My Columbia Self Service Portal or ARC.

What if I previously enrolled with Duo to access Crown or another hospital systems?
Please see attached for instructions. 

Are there any resources available to walk me through this or provide more information?
Yes, CUIT has created a very robust website to answer your questions. 

If I have problems, who do I call?
Your best bet for this University-wide initiative is to reach out to 5Help.

When will this go into effect?  
January 25 for all employees, February 8 for all support staff.

 

Subject: Mailman IT Alert: CUMC's Required Online Annual HIPAA Training 2017

All,

Just making sure everyone saw this and understands what this training entails. It is in the form of an online course, found here. EVERYONE (faculty, staff, and students) is required to complete it by April 20, 2017 or have their email and RASCAL access disabled as well as receive repeated, (potentially annoying) reminders from my office.  Protect yourself. Please take the training by April 20th. 

Full details are available here from the Privacy Office.

2016

November 22, 2016

Subject: Mailman IT Public Service Announcement: Protecting Your Digital Life

This article was forwarded to me, so I thought to pass it along. It is a simple, very user-friendly guide to “Protecting Your Digital Life in 7 Easy Steps.” You’ll be happy to know that Mailman IT already does the ones we can control, and I encourage you to take the additional steps to adopt all of them, both at work and at home. 

Please note that this is a New York Times article, but you do not need a subscription to read it. They allow the general public to access several articles (I believe 10) for free each month. 

Safe Computing and Happy Thanksgiving!
 

October 17, 2016

Subject: Mailman IT Alert: Some Lingering Internet Access Issues

All,

Please be advised that CORE is reporting that All Users on the network are experiencing issues connecting to some external .gov and .edu sites such as Pubmed and NIH after the Internet migration this weekend. Core is working to resolve it asap. Thanks for your patience!

To report any additional issues related to the network, please contact the Help Desk  @ 212-305-4357  or 5help@cumc.columbia.edu.

 

October 14, 2016

Subject: Mailman IT Alert: Planned Network Outage Tonight

Please be advised that CUMC is making changes to its Internet services tonight (Oct. 14), between 10 pm and 4 am. 

  • What this means: There will be interruptions in connectivity to CUMC resources including VPN, Cisco Any Connect, P drive, etc. 
  • How will this impact me? If you normally access access your computer, P drive, Websites/portals that are hosted on the CUMC campus from your home, you will be unable to do so during this window of time; please plan accordingly.

Note: If you are still unable to access CUMC resources Saturday after 6 am, please reach out to Mailman IT On Call at: (347) 714-1728 so that we can notify CUMC Core Resources of ongoing issues.


October 10, 2016

Subject: Mailman IT Alert: iPhone & iPad Users!

We just received word from CORE that the Athen’s configuration file for iPhones and iPads expired on Saturday! This means that you will be unable to access Athens wireless until the file on your device has been updated.

Not sure why no one was alerted to the issue before it occurred so that it could be addressed without inconveniencing our users — we are looking into it. Meanwhile, if you use Athens with your iDevices please open a ticket with  msph-tickets@cumc.columbia.edu to schedule an appointment with us to get the certificate updated.

We will process these requests as quickly as we are able.  This certificate profile does not include the VPN. CORE reports that it will be available “shortly”.
 

September 23, 2016

Subject: Mailman IT Alert: Mass Mailing Changes

All,

Just wanted to give you a heads up, as I suspect your teams probably do frequent mass e-mailings. Not sure you use CUMC Exchange mail for them, but just in case…

CUMC IT has instituted “e-mail throttling,” which basically regulates the amount of mail a single account/user can send in a given period of time.  In this case, all users are now limited to sending to 300 recipients per hour maximum. For example: I’m sending an IT announcement to a list with 305 recipients. 300 e-mails will go out immediately. The last 5 recipients will not receive their e-mail until an hour has elapsed. What this means is that if you are sending to a really large list, the e-mails will go out over the course of several hours, not instantaneously as we’ve come to expect. 

There is a long complicated list of reasons that CUMC IT decided to do this, but basically it was instituted to keep Columbia from being labeled a “spammer” (collectively we send A LOT of e-mail) and blocked by peer institutions and other organizations that are using sophisticated spam filters. 

Hopefully, the impact of this change will be minimal but did want to let you know what was going on. If you could pass the word along to the appropriate staff within your groups, that would be great.


September 22, 2016

Subject: Mailman IT PSA: Yahoo Hacked

All,

It is being reported that at least 500 million Yahoo accounts were compromised sometime in 2014. It first came to light when account credentials started showing up for sale on the dark Web. The good news is that so far, bank and credit card data appears not to have been stolen. However, if you have a tendency to use the same password or similar passwords for different accounts, this is irrelevant — your stolen Yahoo password(s) could be used by hackers to access those other accounts.

There are no specifics as to which Yahoo services or companies are impacted, so your best bet is to be conservative and change your passwords for any Yahoo service or subsidiary to which you subscribe. These include, but are not limited to Yahoo Mail, Yahoo Messenger, Yahoo Games, and companies without Yahoo branding — Tumblr, Flckr, and Rivals.com. For a full list of Yahoo products, you can start here: Yahoo

I warn you, it is rather daunting. 

To learn more about the breach itself, you can follow this link: CNN Money 
 

September 16, 2016

Subject: Mailman IT Public Service: Amazon Phishing

All, I am hearing reports of a VERY sophisticated phishing scam related to Amazon accounts. Please be advised that the e-mail “Your Amazon password has been changed” is a scam. Please delete it.

If you did accidentally follow the links in the e-mail, please go here, where Amazon has a page dedicated to protecting your system. You can also report the scam.
 

September 14, 2016

Subject: Mailman IT Alert -- FW: Network maintenance at Mailman School of Public Health scheduled for Wednesday September 14th from 7PM to 9PM

Please be advised that per the service announcement below, there will be a brief network outage tonight at 722. 
 

August 18, 2016

Subject: Mailman IT Alert: P Drive Outage Planned for Friday Night

All,

Please be advised that CUMC IT is doing file storage maintenance tomorrow (Friday) from 6:30 pm to midnight. Your P drive files will be inaccessible during this time, so if you plan to work, please make sure you copy any files you may need onto your local machine before 6 pm.
 

May 24, 2016

Subject: Mailman IT: Public Service Announcement 

While I do not normally do this, the ramifications of the LinkedIn breach are becoming serious enough where I believe it warrants everyone’s attention. This social media site is one of the largest for business networking, and I know for a fact that many Mailman faculty and staff use the site.

The LinkedIn site was hacked several years ago. While the company initially downplayed the amount of data stolen, it now looks like EVERY username and password was leaked. This is a serious issue, because many people use the same passwords for all the sites they use, so if the thieves have your LinkedIn password, they may also have your banking password, etc.

The user credentials from this breach are now showing up for sale on online hacker sites (which is where compromised credentials end up). More here. So, while you should have changed your LinkedIn login when the breach was first reported, if you did not, please protect yourself now and do not delay. 
 

May 18, 2016

Subject: Mailman IT Alert: New CUMC Procedure and Possible Fines for Data Systems

All,

Please be advised that a new data system procedure will be implemented at CUMC on July 1st. I have enclosed the e-mail that Mark McDougle sent for your reference, way below.  However, I also wanted to give you a brief overview of the policy and how data system assessment works, so that you can better understand the process and what to expect. I apologize for the long e-mail, but it will hopefully help everyone to better understand the workflow.

The New Procedure

Starting July 1st, any department/center/office with a data system that has a "delinquent remediation" will be assessed a $3,000 late fee (in addition to the $2,000 annual registration fee) each quarter, until the remediation plan is submitted and accepted by Information Security. 

What is a "delinquent remediation" and how did we get here?

A delinquent remediation can occur when a PI or system owner registers a data system (as required) that contains sensitive data, but fails to address security issues in a timely manner as required by Information Security. The specific process is as follows:

  1. PI or data system custodian completes a questionnaire to register their application using CUMC IT’s RSAM database (registration for all data systems is required, as you know). More.
  2. Information Security reviews the questionnaire and classifies the system based on sensitivity of the data stored within
  3. Any system storing sensitive data undergoes a full security assessment; a “Remediation Report” is generated. This report outlines any security vulnerabilities unearthed during the assessment.
  4. The Remediation Report is typically distributed to School Leadership (Dean, Anthony Pramberger, Dept. Chair) as well as the appropriate DA and system owner. (I may also be cc’d.)
  5. Upon issuance of the report, it is the responsibility of the PI or primary system custodian to:
    1. Review it
    2. Follow the remediation process outlined within the document
    3. Ultimately secure the system
    4. Report back to Information Security (using RSAM online workflow) that the remediation is complete — by the deadline imposed.
  6. Any data system that has not been remediated by the deadline is considered a “delinquent system,” and soon to be subject to quarterly fines until the system has been appropriately secured.

Next Steps

Information Security is sending out alerts for each delinquent remediation that we have. Once I receive an alert, I will reach out to the PI or primary system custodian (cc: the dept chair and DA), to review process, discuss status, answer any questions, and provide remediation resources when available to get the system compliant as soon as possible.  In addition, if a system has been incorrectly labeled as “In Remediation” or is about to be decommissioned, I can work on your behalf with Information Security to get the entry re-classed.  Obviously, the hope is that the system owners can get every system inline with the new procedure by July 1st, so that no dept/center/office is fined.

Please let me know if you have questions or concerns.
 

March 17, 2016

Subject: Mailman IT Alert: Malicious E-mail

All, please be advised that a new “campaign" of infected e-mail is making the rounds. 

You’ll want to immediately delete any unexpected/unknown emails you receive with invoice attachments. Those seem to be the culprit at the moment. If you received a suspect e-mail and opened the attachment, please open a ticket with 5help so that your computer can be scanned for issues.

CUMC Information Security is also quarantining suspect e-mails at the network level before they reach us. Hopefully between the two efforts, nothing will get hit its mark!

Thank you.
 

February 22, 2016

Subject: Mailman IT Alert: 'Tis the season for Ransomware!

Dear all,

Please be aware that we appear to be entering a very active malware season, and are on high alert. Hollywood Presbyterian Medical Center was recently attacked, and the ransomware compromised CT scans, document access, lab work, e-mail and pharmacy functions. The institution was virtually shut down for a week before they apparently paid the hackers a ransom to unlock their systems. Clearly, this is a situation we want to avoid at all costs. The good news is we do and can all actively protect our work and our school by exercising "Extreme Caution" with e-mail and applications.

  • Always check the sender's e-mail address. Any official Columbia communication will always come from a @columbia.edu or @cumc.columbia.edu address. Unfortunately, not all e-mails from Columbia senders are legit, but the address check is a good starting point. View all e-mails with attachments  as potential traps. Warning signs include:
  • An e-mail with an attachment from a surprising source
  • An unexpected e-mail, such as one from someone who is on leave
  • Pay attention to spelling, grammar and phrasing; phishing e-mails often begin overseas and may have errors that counter the sender's claim that they are from the  CU IT Office (for example). 
  • Avoid downloading apps to your devices from untrusted/unknown sources
  • Make sure you’ve allowed your OS patches and anti virus and malware updates to run and everything is current
  • It is always a good idea if you have access to an encrypted storage device to back-up critical files, just in case!

Thanks in advance for your continued vigilance and thanks to CUMC Computer Security who work so hard behind the scenes to keep us all working! 

 

Subject: Mailman IT PSA: Online Security Myths & Facts

All,

Thought this article, as well as the resources it links to, did a good job of presenting online security issues in a very digestible way, so passing it along. The embedded video about hacking was pretty interesting, too.

http://money.cnn.com/2017/03/22/technology/cybersecurity-misconceptions-pew/index.html

Happy weekend!