- Click Wisely
- Apply Updates
- Use Strong Passwords
- Know Your Data
To All Faculty, Staff, and Students of the T.H.Chan School of Public Health:
You are now able to claim your HarvardKey credentials (the University’s replacement for the HUID/PIN system). This can be done at your own convenience, anytime between now and January, when the old HUID/PIN system is scheduled to be retired.
Once you claim your HarvardKey, it will automatically become your new login and password for accessing your Harvard O365 email (faculty & staff) and most University applications. Your current Novell account and Laptop encryption password however will remain unchanged.
A list of Chan School applications and which login credentials to use is available for reference.
Please note that if your O365 e-mail password expires BEFORE you are ready to claim your HarvardKey, you must call the Chan School Helpdesk for a password reset; the self-service password change (PRN) website is no longer active.
Before you begin, please review the instructions for claiming your HarvardKey.
HarvardKey requires use of a strong password. Quick Guidelines for creating strong passwords are available on the HarvardKey Help website.
You will need to update your password on all the mobile devices you use to access your Harvard O365 email account, using mail clients such as Microsoft Outlook (including Outlook Web Access in your browser) or Apple Mail, in order to avoid being locked out of your account. We suggest gathering all those devices together and turning them off before you begin. After you claim your HarvardKey, you should then change the O365 email password on each device. Instructions for changing passwords on IOS and Android devices are as follows:
This morning from 9:12 am, the HSPH website stopped responding due to an issue with our web application firewall. The web and server team quickly resolved the issue with our cloud vendors restoring access to the site by 9:32 am.
At 1:23 pm, there were additional related issues at our cloud hosting provider. These were resolved at approximately 6:00 pm.
We apologize for any inconvenience caused by these outages.
National Cyber Security Awareness Month (NCSAM) – celebrated every October – was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online.
Cybersecurity begins with a simple message everyone using the Internet can adopt: STOP. THINK. CONNECT. Take security and safety precautions, understand the consequences of your actions and behaviors online and enjoy the benefits of the Internet.
Keep a Clean Machine
Protect Your Personal Information
Connect with Care
Be Web Wise
Be a Good Online Citizen
Visit http://www.stopthinkconnect.org for more information.
Do you have technology questions and don’t know who to ask? Have you ever wondered who all these “IT” folks are and how they can help you? Do you like free stuff? If you answered yes to any of these questions, you’re in luck!
The HSPH Information Technology department is hosting a Tech Day on:
September 25th from 12:30 to 2 in the Kresge Cafeteria Atrium
We’ll be showing off the latest tech from tablets to video conferencing, hosting mini-talks, and raffling away prizes.
Come join us, meet the team, and have a great time.
Mini-talks (15 minute Q&A talks in Kresge 110):
Tuesday, April 29th
Many of you may have heard or read in the news of the recent vulnerability in Microsoft’s Internet Explorer. Microsoft has released a work around until a patch is designed to fix this issue. SPH IT is now pushing out this work around to SPH configured Windows 7 PCs. Once this is done the risk is mitigated until the patch is released fixing the vulnerability.
For those not using a Windows PC configured by the SPH IT department or using any Windows XP PC (which is no longer supported by Microsoft and will not be patched at all) we recommend not using Internet Explorer but use a more secure web browser, such as Firefox or Chrome, for all non-Harvard web sites.
Please contact the Helpdesk (firstname.lastname@example.org or 617.432.4357) with any questions or concerns.
Director, Information Technology
Harvard University has posted a new University-wide policy on access to electronic information.
The policy on electronic information is grounded on six important principles:
To All SPH Faculty, Staff, and Students:
Last week, a security flaw dubbed “the Heartbleed bug” was discovered in a common Internet security protocol (OpenSSL) that protects credentials, such as usernames, passwords, and credit card numbers. An explanation of this flaw can be found on the Harvard Information Security website at: http://security.harvard.edu/heartbleed. Harvard IT professionals across the University, and our own server team, web team, and Andy Ross our security manager, acted quickly to assess and patch any websites or applications that may have been vulnerable. The Harvard PIN system and other enterprise applications were not affected as a result of Heartbleed, and Harvard Information Security currently has no indication that any information has been compromised.
Although there is a low risk that your Harvard account credentials were compromised, you are at greater risk if you use the same password for your Harvard accounts as for your personal accounts, such as personal email, social media, and other websites. We strongly recommend that you change your Harvard password immediately if you have also used it for external non-Harvard accounts. Furthermore, it is important to not use the same password for Harvard and personal accounts going forward. It is always good practice to periodically change all your account passwords, and this may be a good opportunity to refresh your Harvard passwords even if you believe you are at low risk of being affected by Heartbleed.
You can find full instructions on how to change your Harvard passwords on our I/T Dept. website at: http://isites.harvard.edu/fs/docs/icb.topic731455.files/password_information_41414.pdf. If you have an SPH encrypted laptop, pay close attention to the instructions under section 2.2 and 2.3. Also, BEFORE changing your OUTLOOK Email password (see section 2.5), be sure to turn off all your portable devices (iPhone/iPad/Android/Tablet), to avoid your email getting locked out on that device.
If you have any questions or concerns about this security issue or need assistance to change your passwords, please contact the Helpdesk at 617-432-HELP or Helpdesk@hsph.harvard.edu (Mon-Fri: 8 a.m.-6 p.m.)
CIO, SPH I/T Dept.
Bank of America has contacted Harvard University to make us aware of a recent email scam that has affected the University of Michigan and two local schools. The emails will appear to come from an official University department with a link asking employees to either confirm their login information or update their payroll or Open Enrollment benefits. If employees enter their data, it is captured by the perpetrators of the fraud. Once that credential data is captured, the information may then be used to change direct deposit information.
As always, please be suspicious of any link in email. If asked to log in to PeopleSoft or another sensitive system, do not follow the link. Instead, enter the URL directly into your web browser, or connect via a trusted source such as harvie.harvard.edu.
If you suspect that you are the victim of a fraudulent email, please contact the HSPH Helpdesk for support.
In recognition that October is National CyberSecurity Awareness month, Harvard University Information Technology Security will be conducting information security briefings in the LMA area for faculty, students and staff.
Two will be at the Harvard Medical School (HMS) and one at the School of Public Health (SPH).
Below is the schedule:
October 4th 10 – 11 am at HMS TMEC 227
Topics: Cloudy with a chance of identity theft. Why a good password is very often your best defense and Is it ever not social? Protecting yourself in the age of social networking.
October 10th 12 -1 PM at SPH Kresge G1
Topics: Is it ever not social? Protecting yourself in the age of social networking. and Have device, will travel. How to be mobile and safe.
October 17th 2 – 3 pm at HMS TMEC 227
Topics: Have device, will travel. How to be mobile and safe. and Taming Lions, Tigers…..and Windows, Turn your operating system into a lean, mean, malware fighting machine.
Please come out and participate in a practical discussion on how to maintain your privacy.