Category Archives: Security

Encore Presentation of Security Briefing to be held April 23, 2010 for Landmark Building

In an effort to educate the community on responsibilities, policies, procedures and technology in place at HSPH, the Information Technology department will host a security briefing for the community on April 23, 2010 from 12-1 pm in Conference Room 2, Landmark 3rd Floor.  This is an encore of the March 16, 2010 session that was held in Kresge G1.

An on-demand video is available is also available from the March 16, 2010 event.

View On Demand Video:
View: HSPH
Information Security Update

Download:
PowerPoint
Slides

TIP: to fastforward and/or enlarge the video, right click on the presentation and select “Play in Real Player.” 

Computer Reboot Loop Issue

At approximately 10 am, an error message popped up on hundreds of HSPH computers warning users that they had a virus and their computer would shut down in 1 minute. Their computer was then stuck in a reboot cycle.

This was not actually a computer virus outbreak, but rather a faulty data update from our security vendor McAfee.  This issue was global and not isolated to HSPH.  There are reports of other universities, government agencies, and businesses experiencing similar issues (see below for news articles).

Timeline:

  • Issues surfaced at approximately 10 am after computers at HSPH started to receive the automatic update from McAfee (DAT 5958).
  • HSPH IT staff worked closely with McAfee for several hours including hosting a Webex session from McAfee to an “infected” machine at HSPH. 
  • McAfee released an updated data file at approximately 1 pm.
  • HSPH IT staff tested both a pushed deployment fix using Novell and a manual fix for other users.
  • At 2 pm, HSPH Helpdesk sent email to community with instructions for Novell users to update the data file.
  • At 2:30 pm, HSPH Helpdesk staff started going floor to floor to update computers in need of manual updates.

Other Notes:

  • Computer laboratory machines and classroom machines were not impacted.  Neither students working in computer laboratories nor courses were affected.
  • Mac computers were not impacted.
  • Not all users at HSPH were impacted.

Update procedure if on Novell network:

  1. REBOOT your computer
  2. LOGIN to Novell
  3. Wait for the computer to RESTART itself (approximately 1-2 minutes)
  4. Your computer should then be updated with the new data file and you can login.

Update procedure if you do not login into Novell:

  • Contact the Helpdesk at 432-HELP, helpdesk@hsph.harvard.edu.  It will most likely require a technician visit to manually install the new datafiles.

Related articles:

Firefox Upgrade

The User Services Group recommends that any user running Firefox 3.6 upgrade to Firefox 3.6.2 to fix a security vulnerability.  Mozilla will be pushing out a notice to upgrade “within 24 to 48 hours.”  The upgrade is very quick taking a minute or two. 
Upgrade procedure:

  • Open Firefox
  • From the HELP menu, select CHECK FOR UPDATES
  • From pop-up window, select UPDATE FIREFOX
  • The patch will download and then require a restart of Firefox

If you need any assistance with the upgrade, please contact the Helpdesk at 432-HELP.
Additional information:

Facebook Scams leads to Computer Infection

The information below was sent to us from McAfee Anti-Virus:

“There appears to be quite a large Facebook password reset scam/spamming going on worldwide. McAfee Labs is aware of the issue and have excellent coverage through Artemis. There are several different versions floating around with names like:

  • Facebook_Password_245.zip
  • Facebook_Password_346.zip
  • Etc…..

Inside the zip file is an executable named Facebook_Password_.exe. This is a trojan and is not to be clicked! McAfee Labs has a worldwide view and handle on this issue.

McAfee is working hard to keep your Facebook experience safe and to reinforce that they should be running Artemis.

Best regards,
McAfee”

Please use caution when clicking on any posts or links sent to you by an unknown person on any social networking site. Contact the IT Helpdesk at 617-432-4357 or helpdesk@hsph.harvard.edu.

Video from SPH Security Briefing on March 16, 2010

A recent Boston Globe article reported “One million Massachusetts residents–or 1 in 6 people–have had their credit card numbers, medical records, or other personal information leaked or stolen over the past two years.” 

In an effort to educate the community on responsibilities, policies, procedures and technology in place at HSPH, the Information Technology department hosted a security briefing for the community on March 16, 2010.

View On Demand Video:
View: HSPH Information Security Update
Download:
PowerPoint Slides

TIP: to fastforward and/or enlarge the video, right click on the presentation and select “Play in Real Player.” 

security-presentation.gif

Presenters:

  • Taso Markatos, Chief for Information Technology and 
  • Andrew Ross, HSPH Security Manager.

Agenda:

  • Discussion of Security Case Studies
  • Types of Confidential Information
  • High Risk Confidential Information (HRCI)
  • Why We Are Focusing on This Issue
  • Obtaining and Storing HRCI
  • Exchanging Confidential Files
  • Encrypting Laptops
  • Recent Security Developments
  • What We Are Asking of You

Secure File Transfer, Accellion at HSPH

The HSPH Information Technology Department is pleased to announce a secure way to transfer files which meets Harvard’s security mandates.  We have set up an Accellion appliance for community use.

accellion_filetransfer.gif

To request an account(s) for you or your group, please have your Department Administrator provide a list of users to the HSPH Helpdesk at 432-HELP or helpdesk@hsph.harvard.edu.  Users in the Office of Human Resources and Office of Financial Services have already been added to the system.

Accellion Quickstart Guide:

  • Accelion URL: http://accellion.sph.harvard.edu
  • Your login is your email address (i.e., jdoe@hsph.harvard.edu)
  • Your password is
    the same as your Novell/GroupWise password.
  • Each user is allowed 2 GBs space on the
    device.
  • Each file will remain for 7 days.
  • If you are exchanging files that contain high risk confidential information, please remember that retrieved files may not be stored locally on a laptop, desktop machine, or other local storage device.  They must be saved to personal or shared network drives (P:/ and S:/ drives).
  • Files which are saved to the
    Accellion server cannot be accessed or recovered by the IT department.
  • There is an excellent user guide available after you log into the secure file transfer website.

Screenshots:
accellion1.JPG
accellion2.jpg
Additional information:

If you would like to any discuss security topics further, please feel free to contact Andy Ross, security manager, aross@hsph.harvard.edu, 432-1751.

Upgrade to Internet Explorer 7

It is time to retire Internet Explorer 6 (IE6).

Many people in the community are still using IE6.  Due to compatibility requirements of new MyHSPH portal software that the school will be launching later this spring, we recommend that all users upgrade to Internet Explorer 7.0 (IE7) as soon as possible. Other popular websites such as Google and Youtube are also phasing out IE6 support this month. 

Upgrading is easy and only takes 10-15 minutes.

If you need further assistance, please contact the Helpdesk at 432-HELP and we can walk you through it.

We are working on a means to efficiently push out an upgrade to the community.  However, due to the time required to do the install, we are currently recommending manual upgrades at your leisure.

NOTE: Although Internet Explorer 8  (IE8) is also available, IE7 is currently still the supported web browser for Central Administrative Systems
(Oracle Financial, HUBS, CREW, PeopleSoft, CAADS, GMAS, etc.).

Related reading:

Keep your SMART phone, Blackberry, or iPhone Safe!

SMARTphones, iPhones, and Blackberrys are in use everywhere on the HSPH campus.  As the functionality of these devices increases, it is important to be aware of potential security concerns with these devices. These security issues can have an impact on your computing at HSPH.

cnet.jpgCNET wrote an excellent article last week highlighting the areas of concern with recommendations. 

It may be found at: Using your smartphone safely (FAQ)

To help keep your phones safe, we recommend:

  • Resist the temptation to store any sensitive data on your phone for convenience sake (i.e., username/password combinations, account numbers)
  • Set a phone password.  Nearly all phones have method that requires entering a PIN after a period of inactivity
  • Keep your phone’s software up-to-date.  (i.e., iPhone and Blackberry have regular software updates that include important security patches.)

Computer Downtime Tonight: Thursday, January 14, 2010

UPDATE, January 15, 2010: All scheduled maintenance was successfuly completed.  All systems are fully operational.

On Thursday night, January 14, 2010, the network and server teams will be performing our normal monthly system maintenance to all servers and network equipment.

The downtime window will last from 7:00PM – 2:00AM.

The following services will have one or two small outages:
(You can continue to work, but may have brief pauses while services restart)

  • GroupWise Full Client and IMAP Clients
  • Novell File and Print services
  • NetStorage
  • ICF File and Print services
  • OASIS
  • ALICE
  • Powerfaids and NetPartner
  • Web Server (main www.hsph.harvard.edu site)
  • GroupWise WebAccess - NOTE - The new GroupWise WebAccess may require you to relogin, but you will not lose any work you have in a compose window. This new version has many new features, including an Auto-Save feature that is integrated with the “work-in-progress” folder.

The following services will not be affected:

  • HPCC system
  • HSPH Unix server

Laptop Encryption Update

In late-October, the Information Technology Department began an important project to provide full disk encryption for all Harvard-owned
laptops using McAfee Endpoint Encryption. 

Our work continues in the new year. 

Laptop_Security.jpgIf you didn’t do so in the fall, we ask that all laptop owners fill out the brief form located at: https://webapps.sph.harvard.edu/internal/forms/laptop-encryption/

This greatly assists us with scheduling.

If there are any questions, please contact the User Service’s Helpdesk at 432-HELP.