Skip to main content Skip to footer

All News/Archive: Recent News

All News/Archive - Newsroom

April 29, 2014

Internet Explorer Vulnerability

By Mike Holliday

The Department of Homeland Security (DHS), along with US-CERT (Computer Emergency Readiness Team), have issued an advisory for users of Internet Explorer (IE) to discontinue use of IE until it is patched by Microsoft. The vulnerability is active and is being used to exploit and compromise systems.  Data and personal information are at high risk.

CERT has recommended users switch to another browser (Firefox/Chrome) until Microsoft has issued a fix.  As noted in a previous news article, users of Windows XP are even more vulnerable to this exploit.

Until further notice, SVSU ITS recommends all users switch and use Firefox or Chrome. 

Download Firefox from: www.mozilla.org

Download Chrome from: www.google.com/intl/en/chrome/browser

To learn how change your default browser in Windows 7, watch this tutorial we put together: www.youtube.com/watch?v=VeKGU9UrS7c

-----------------------------------

For more details about this CERT alert:  www.kb.cert.org/vuls/id/222929

From Microsoft, their technical details and workaround are posted in the following article:

technet.microsoft.com/en-US/library/security/2963983

April 11, 2014

Protect Yourself Against Heartbleed

Posted 4/11/2014

By Holly LaRose-Roenicke

As many of you may have heard, a flaw has been discovered in a common Internet security method. Although no specific security breaches have been identified, the flaw could allow malicious users to steal personal information. The flaw is associated with specific versions of OpenSSL, which is software that is widely used to secure web server traffic. The flaw is known as the "Heartbleed" vulnerability.

Many common websites using OpenSSL have been identified as vulnerable, including Yahoo!, Flickr, NASA and Facebook, among others. A fix for this flaw, which was announced this week, is available, and Internet service providers and website managers around the world are working to implement the patch.

What You Need to Do

ITS is strongly urging all SVSU students, staff and faculty to change your network password. To change your password, please go to my.svsu.edu and click on "changing your password" below the login box and follow the prompts to change your current password. 

Other Websites

  • For non-SVSU web services that contain sensitive data,  refrain from logging in for a few days while those are servers are patched or until you are certain they are not at risk. Or check a list of 100 most common websites and whether they have been fixed.
  • Confirm that websites you use have checked their systems and fixed them if needed. Once a website has patched the Heartbleed vulnerability, you should change your password for that site as swiftly as possible.
    • The password security firm LastPass has set up a Heartbleed Checker, which allows you to enter the URL of any website to check its vulnerability to the bug and whether the site has issued a patch.
  • If the site or service hasn't patched the flaw yet, contact the company and ask when it expects to push out a fix to deal with Heartbleed.
  • If they have not patched the flaw, avoid logging in to their service until they do. Once they confirm they have fixed the problem, then change your password.

To get detailed information on this bug, you can visit the http://heartbleed.com/ website.

The safety and security of the Saginaw Valley community is paramount – please use the above resources to ensure your personal information is protected.

April 1, 2014

Building a Better Password

Originally Updated 2/1/2012 © 2012 ePlace Solutions, Inc.

By Jennifer Paradise

Frustrated with trying to conjure up a password that no one could guess and that you’re not supposed to write down?  You’re not alone.

This training bulletin is designed to help.  In addition to offering the current “best practice” advice on passwords, some helpful tips are included.

Password Best Practices: 

  • Make your password at least eight characters long, but the longer the better.
  • Try to avoid repeating characters more than twice.
  • Make sure it has at least one letter, and one number.
  • Use a mix of small and capital letters. 
  • Use at least two of these characters somewhere in your password: ~!@#$%^&*()-_+={}[]\|;:/?.,<>.

How could anyone remember a password that complies with all of these best practices?   Here are some tips:

Think of some activity or place that you enjoy or find interesting, but avoid subjects that you discuss in social media, birthplaces, etc.  For example, you might say that Brazil, South America is interesting.  Start by making the password a manageable length, like BrazilSoAm.  Next, employ some of these ideas, or come up with your own variations:

  • The letter “a” looks like “@”, so swap it.  Now the password is Br@zilSo@m
  • The letter “i” looks a little like an exclamation point “!”, so swap it.  Now the password is Br@z!lSo@m.
  • The letter “L” looks a little like the number “1”, so swap it.  Now the password is Br@z!1So@m.
  • You might think that “Brazil, South America” could be separated to be easier to read, so add your favorite separator.  Now the password is Br@z!1>So>@m.

Some other ideas to get you thinking:  The letter “B” looks a little like “(3” or “/3”.  An “S” could be replaced with “$”.

March 21, 2014

Windows 7 Upgrade Project

By John LaPrad

Effective April 8th 2014 Microsoft has announced that they are discontinuing support for Windows XP. Because of this, SVSU will be upgrading all Windows XP computers (about 400) to Windows 7 and converting the computers from Novell to Windows Active Directory. This upgrade project will take place over the next 2 months.

Each computer user will be interviewed to determine what files, printers, and applications they have. All personal files will be backed-up and re-loaded on the computer after the upgrade. A full copy of the original computer will be maintained for two weeks to provide a safety net in case any files were missed during the upgrade process.

ITS has contracted with the company SPI to help make the migration happen as quickly as possible. The SVSU ITS Technical Services team will work closely with SPI to make sure the upgrade goes smoothly, and ITS Support Center will be available to answer questions.

If you have any questions about the upgrade or upgrade process, please call the ITS Project Manager, John LaPrad at 989-964-7134.

Thank you in advance for your understanding and cooperation during this process.

March 18, 2014

Microsoft Announces Windows XP End of Support

By Mike Holliday

Microsoft has announced the end of their support for Windows XP on April 8th.  For those that still use it, you should be aware that your system will no longer receive:

  • Security patches to help protect against viruses and malware
  • Software and content updates
  • Technical assistant from Microsoft.

If you choose to keep using Windows XP after April 8th, your system and data are at a greater risk of attack or data theft/loss. Your system will not be compatible with newer software, as well.

Internet Explorer version development for Windows XP ceased a long time ago, and future updates/patches for those older versions will cease. It has been recommended to use other browsers for Windows XP, to help mitigate risk.  Please note: due to the lack of future support for Windows XP, software developers (including browsers) will likely abandon further development and patches for their XP products.

Your best course of action, to protect your system and maintain performance, is to upgrade to a newer operating system. For university-owned equipment, there is an action plan coming forth and you should look for that communication coming soon. 

This advisory is really intended for the campus community and their personal home computer systems.

March 13, 2014

Campus Phishing Alert

By Joe Wojtkiewicz

We have another round of phishing/spam attempts circulating. This time they spoof the Sender information and make it appear as if sent from support@svsu.edu and "Web-mail Administrator".  It is an attempt to collect your account username and password to compromise your account to send out additional spam. 

ITS will not ask you to verify or update your account using links.  When in doubt, give the I.T. Support Center a call - or click on your SPAM button to report the message and remove it from your inbox.

 

Here is an example of the most recent attempt:

Phishing Example

March 6, 2014

Something Smells "Phishy" -- How to Spot Bogus Emails

© 2012 ePlace Solutions, Inc.

By Jennifer Paradise

You have probably heard about "phishing" by now. You have also probably been told to look for clues in emails that indicate that someone may be trying to get personal information from you. What should you look for in an email? Here are a few tips to keep you and your information safe from would-be thieves. 

Something Smells Phishy (464KB)

Image pointing out some characteristics of

March 3, 2014

What's "Social Engineering?" How does it affect me?

Originally updated 9/26/2012 © 2012 ePlace Solutions, Inc.

By Jennifer Paradise

Criminals use manipulative techniques known as "social engineering" to deceive their victims into revealing sensitive information.  Such scams play on emotions like fear and the human tendency to want to help or trust others. A common approach uses fraudulent "phishing" e-mails, as in fishing for information. The scamming e-mail is often designed to look as though it comes from an individual or organization the recipient will recognize, or has an existing relationship with. The message attempts to fool the recipient into revealing sensitive information. The mechanisms used may entice the recipient to (a) click on a link leading to a fraudulent website (although it may appear legitimate), (b) reply to a specific offer or request in the e-mail, or (c) download an infected attachment.

Defending against social engineering attacks is difficult because cyber thieves are creative and constantly coming up with new approaches, but the following guidance can help avoid becoming a social engineering victim.

Think before you click. Be cautious with any message you don't expect or that doesn't make sense. If you get a message from the New York police about a speeding ticket but you have not been driving in NY recently, it's bogus. Delete immediately. Even if you had been driving in NY, ask yourself whether it makes sense that the NY police have your e-mail address. Probably not.

Be wary of offers of something for nothing. These are most likely scams. Won the lottery without entering? A free gift card from a store you don't patronize? Likely bogus.

Check validity with a web search. If you suspect the offer/threat could be real, don't click. Search instead. Many sites list known hoaxes. Reading through these can put your mind at ease.

Carefully scrutinize the destination of links in e-mails and text messages. Hover your mouse/finger over the link to see where it really goes. Clever phishers sometimes include valid links among the malicious links in the e-mail in a further attempt to disguise their intent.

Do not respond to unsolicited requests for sensitive information, whether by e-mail, phone, or text message. If an unsolicited caller starts asking for personal information, it's time to end the call.

Do not submit personal information via website pop-up screens. Legitimate organizations do not ask for personal information via pop-ups.

If you think a request might be valid but can't verify the identity of the requester, then contact the organization making the request yourself so you can be sure of whom you are talking to.

February 28, 2014

ITS Announces a New Service Tracking System

Submit and track IT support tickets at http://mysupport.svsu.edu

By Mike Holliday

As users of the SVSU ITS Service Management System for IT requests, you now have the ability to submit new IT requests, to see status updates, and to track the progress of your requests online at: mysupport.svsu.edu

Additionally, ITS is launching the Service Request Management Customer Satisfaction Survey, which will allow users to provide valuable feedback specific to their requests.  We plan to use your responses to better understand and serve the campus.

A quick overview document (with screenshots) can be found here??.

By visiting www.svsu.edu/its‌ you will find a link to mySupport Online under the Contact Us section.

February 10, 2014

SVSU Board Appoints New President

By J.J. Boehm

The Saginaw Valley State University Board of Control appointed Donald Bachand as the school’s next president. Bachand was selected from a group of four finalists who interviewed on campus January 28-31. He becomes the fourth president of SVSU, replacing Eric Gilbertson, who is retiring after more than 24 years of service.

“As the Board evaluated the candidates, it became clear to us that Don best demonstrated the attributes we were seeking in the new president,” said Board chair Jeff Martin. “He is a dynamic leader and an excellent listener, and he sets high standards and expectations for faculty and staff.

“We wanted someone who could maintain enrollment in the face of declining high school graduates, help students succeed academically, and improve graduation rates. We are confident that Don is ready for these challenges.”

Bachand has served as SVSU’s vice president for academic affairs since 2006 and added the responsibilities of provost in 2010. Prior to that he served nearly 10 years as dean of the College of Arts and Behavioral Sciences. Bachand first joined SVSU in 1978 as an assistant professor of criminal justice.

“I accept this position with enthusiasm, but mindful of the challenges that lie ahead,” Bachand said. “I have spent most of my life at this university and care deeply about its future. I will work hard to maintain the work ethic, collegiality and ‘first name’ basis of SVSU; those characteristics are integral to who we are and are what set us apart.”

In his role as provost, Bachand has evaluated SVSU’s degree programs and has seen the high success rates graduates have on state licensing exams and acceptance into graduate and professional schools. He said too many people across Michigan and beyond are unfamiliar with the quality of SVSU’s faculty and its overall academic rigor; one of his first priorities will be to change that.

“We have an obligation to our students and alumni to improve understanding in the broader community of how good we are academically and how good our faculty are as teachers and scholars,” he said.

During his time on the faculty, Bachand received the Landee Award for Teaching Excellence, SVSU’s highest honor for classroom teaching. He also served as an officer in the SVSU Faculty Association, giving him the valuable experience of having negotiated a contract from both the labor and management perspectives.

Martin said that experience factored into the Board’s decision.

“We wanted someone who could strengthen already strong relationships within the institution,” he said, “because in today’s increasingly competitive market, everyone – faculty, staff, students, donors, alumni, everyone – needs to be working together to provide our students with a first class college education.”

Governmental affairs and private fund-raising are two aspects of the presidency where Bachand has some experience but said he will need to grow. He has been honored for his commitment to diversity, receiving SVSU’s Roosevelt Ruffin Diversity Award in 2012 for his support of community outreach programs and his leadership in implementing programs designed to increase diversity among the faculty.

A native of Detroit, Bachand began his career by serving 10 years in the Detroit Police Department. He spent several years on patrol before becoming among the youngest in department history to receive a promotion to sergeant; he was assigned to the chief of police’s strategic planning division. While on the force, Bachand completed a bachelor’s degree at Mercy College and a master’s degree at the University of Detroit. After joining SVSU, he went on to complete a Ph.D. at the University of Michigan.

A long-time resident of Midland, Bachand has been actively involved in a number of organizations across the Great Lakes Bay Region and plans to build those bonds as president.

“I know how important SVSU is to the entire region,” he said. “We prepare many of the professionals that are being hired by employers large and small. We also serve as a cultural and intellectual resource, not just in terms of what takes place on our campus, but also in the many ways in which our faculty and staff are engaged with the community.”

Martin said the Board received numerous comments from the faculty, staff and students who attended open forums with the finalists, and those were taken into consideration.

“We are very grateful for their valued input,” he said. “It helped the Board reach this decision and we look forward to having their continued support in the years ahead.”

Bachand will take office almost immediately. His first day as president will be Monday, Feb. 17.

“I know this place, and I’m ready to hit the ground running,” he said.

Bachand will receive an annual salary of $250,000, as well as a University-owned home and vehicle. He also receives the same health care and retirement benefits as other SVSU employees.

Go to page: