Security

Update Bradford Persistent Agent

Posted August 2, 2017

Tags: , ,



Effective Date: August 3, 2017

On August 3, we are updating to the latest version of the Bradford Persistent Agent, which is our network access control client.

Key Benefits and Features

  • Enhances connection to the campus network as students arrive on campus for the semester and connect their devices
  • Improves security and reliability of Bradford

Impact on College Community

On August 3, we will update to the latest version of the Bradford Persistent Agent. If you already have Bradford installed on your device, it will automatically update to the latest version.

If you have any questions or concerns, please email us at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).

VPN Software Update

Posted July 31, 2017

Tags: , ,



Effective Date: August 2, 2017

GlobalProtect establishes a secure connection to the Wheaton College resources from off-campus. If you work from off-campus, learn more about how to use VPN to securely connect from off-campus here.

The College's virtual private network (VPN) software, GlobalProtect, will be updated on August 2.

If you already use GlobalProtect to establish a VPN connection, you will be prompted to update this software the next time you connect.

Key Benefits and Features

This GlobalProtect (VPN) software update provides:

  • Bug fixes that resolve issues for both Windows and macOS computers
  • Improved security
  • Feature enhancements

Impact on College Community

If you use GlobalProtect to establish a VPN connection to the campus network, you will be prompted to update this software the next time you connect after August 2. The update will install automatically after you select "Yes." After this update, you will be able to connect using VPN as before. 

If you have any questions, please contact us at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP). 

Security Certificate Update for Campus Authentication Systems

Posted July 26, 2017

Tags: ,



Effective Date: July 27 – August 8, 2017

Starting Thursday, July 27 at 12 PM, we will update the security certificates for our campus’s three LDAP authentication systems.

Rationale: Why Security Certificates Matter

Security certificates ensure that you are communicating with the intended service provider. They prevent someone from maliciously pretending to be your bank, social networking site, or campus wireless network. They're issued by a trusted third party or certificate authority.

Security certificates have to be re-issued every three years or they expire. In this way, they work like a driver's license or other official ID. In order to get an official ID, you have to prove your identity to a trusted authority. After that, you have to renew your license or ID every few years so you have an up-to-date way to prove to others that you are who you say you are. Security certificates work the same way.

Impact on College Community

From July 27 at 12 PM through August 8 at 12:15 PM we will update the security certificate for our campus authentication systems. We do not expect any outages from the updates.

If you have any questions or concerns, please contact us at 630.752.4357 (HELP) or by email at ait.service.desk@wheaton.edu.

Traveling Abroad with Technology?

Posted July 24, 2017

Tags:



Effective Date: July 24, 2017

Travel, both local and international, introduces unique cybersecurity concerns. Travelers are often vulnerable to theft, malicious software, and covert surveillance over insecure networks. In addition, international travel can involve privacy and data import/export laws different from those in the United States.

The following tips can help keep your devices and data safe while traveling abroad.

Before you go:

Ask yourself, "Do I really need this device?"

What are you planning to do while traveling? Are your personal and/or Wheaton College-owned devices necessary to accomplish this? Unless you absolutely need the device, leave it behind. It is better to be slightly inconvenienced than take the risk of losing your device or dealing with a malware infection.

Travel loaner laptop

Utilize an Academic and Institutional Technology (AIT) travel laptop instead of your primary computer. AIT has a small number of temporary travel laptops that can be used for core functions such as Outlook, Microsoft Office, and web browsing. Contact us to discuss this option.

Be familiar with the laws of the countries you're visiting

  • In some countries, customs agents or police officers can confiscate your device. They may require you to unlock or provide passwords for those devices. While your device is confiscated, it may be perfectly legal for those agents to search through your data and install or enable surveillance software.
  • In some cases, encrypted devices are permanently confiscated and some types of technology are not allowed at all. Research thoroughly before departing.
  • While in a foreign country, assume you are always under surveillance.

Back up your data before you leave…

If you must take your College-owned computer abroad, contact us to discuss backing up your data. If your device is infected or lost, you will be able to recover your data .

Ensure your computer has VPN installed.

Use a virtual private network (VPN) to access Wheaton College systems or data. This provides secure access to college data.

Change your password before and after your trip

Changing passwords to accounts you will use both before and after your trip will enhance the protection of those accounts.

Ensure your device has a password or pass code/pin to unlock the screen.

This is standard for all phones and tablets that access the Wheaton College email system, as well as all computers set up by AIT.

Ensure your device is encrypted.

Whole disk encryption is used to protect data on your device if it is lost or stolen. AIT is working to ensure all college owned computers have whole disk encryption. If you would like to be sure your computer is encrypted, please contact the AIT Service Desk.

  • Please note that if you are traveling to a country that participates in the Wassenaar Arrangement, you will be able to maintain your full disk encryption. If you are traveling to a country that has not signed on (currently Cuba, Iran, North Korea, Sudan, and Syria) you will likely not be able to travel with an encrypted computer. Contact us to discuss a temporary loaner. 

Once you arrive

Do not save important files on your device. If your device is lost or stolen, that data will be gone forever. Or worse, it may be in the hands of someone who could use it maliciously. Save Wheaton College data to ThunderCloud Storage (powered by Box), which stores data in a secure encrypted format. For personal data, use your preferred cloud storage provider (Google Drive, Dropbox, etc.).

Don't let cybersecurity take a vacation

Continue good cybersecurity practices no matter where you are. Keep in mind:

  • Hotel and conference wireless networks are generally insecure. Be careful what data you transmit over insecure networks.
  • Assume your data on any insecure network can be monitored, and act accordingly.
  • Never let anyone else borrow or use your device. 
  • Use a virtual private network (VPN) to access College systems or data.
  • Keep your devices physically secure. Do not put them in checked baggage or leave them in hotel rooms.
  • Be wary of devices, such as thumb drives, that you receive as gifts, as they could contain malware. Do not borrow any devices, such as thumb drives, for use on your computer.
  • Do not install any software updates or patches while you are away from a known, secure network. Update your computer before you travel. 
  • Disable broadcast services, including Bluetooth and Wi-Fi when they are not needed. These services have the potential to be used to launch attacks or introduce malware to your device.
  • Put a piece of tape over any integrated laptop cameras or disable them in settings.
  • Lock your screen or power off your device when you will be away from it.
  • Do not plug USB powered devices into public charging stations. Such stations can transfer malware to your device or download data from it. 

Coming home

When you return from traveling, contact the AIT Service Desk if you took a College-owned computer abroad. We will scan it for any malware or surveillance software.

We also recommend changing your passwords when you return, especially the passwords for any service you accessed while traveling.

Additional Resources

Resources from the FBI

Safety and Security for the Business Traveler:

Safety for Students Traveling Abroad:

Resources from the State Department

If you have any questions or concerns, please contact Academic and Institutional Technology at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).

Setting a Complex Voicemail PIN to Improve Security

Posted June 6, 2017

Tags: ,



Effective Date: July 6, 2017

We're improving voicemail security by making sure that your voicemail PIN is complex enough to prevent unauthorized access.

After July 6, you will be required to set a new PIN the next time you sign in to your voicemail if your old PIN was not sufficiently complex.

Instructions

When you dial your voicemail on your phone after July 6, you will hear a prompt that says, "Your PIN has expired. You must reset your PIN. Enter a new PIN followed by #."

Enter a complex PIN. If your previous PIN was complex, you may reuse that PIN.

A complex PIN fits the following requirements:

  • Is 6-64 numbers long
  • Three or more numbers cannot be duplicated in succession (111222, 222222, etc.)
  • Three or more numbers cannot be sequential (123956, 321869, etc.)
  • Cannot include your phone extension

You can also set your new PIN by signing in with your NetID and password at voicemail.wheaton.edu.

You can learn more about your voicemail settings and call management options here. If you would like to receive your voicemails as an email attachment, you can request it by contacting us at ait.service.desk@wheaton.edu.

If you have any questions, please contact us at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).

Media Center