Security Vulnerability: Update to the latest version of Zoom on your devices

Zoom has announced a security update for the Zoom client on all major devices (Mac, PC, iPhone, Android, etc.). The latest version (released on November 28, 2021 version 5.8.6) of the Zoom software patches a vulnerability.

We recommend that all Zoom users check for a software update anywhere Zoom is installed. Any client below 5.8.4 must be upgraded.

How To Update Zoom

Zoom provides a pop-up notification when there is a new mandatory or optional update within 24 hours of logging in.
If you already have the Zoom desktop client installed:
* Sign in to the Zoom desktop client (type Zoom in the Search bar on a PC, and Launchpad or Finder>Applications on a Mac)
* Click your profile picture
* Click Check for Updates
* Follow the prompts to complete the update

On a mobile device, check the app store for updates.

Duo Mobile App: New Update

Duo Security, the University’s two-factor authentication provider, has recently updated the user interface for the mobile app for Android and iOS. Depending on your device settings, your mobile app will automatically update or you will need to manually initiate the update.

What is different?

People who are already using Duo’s mobile app will notice a new look and feel. Other notable differences include:

  • Approve Button Moved to the Right: In the new version (4.0.0) the approve checkmark button will be on the right.
  • Hidden Passcode: the passcode will be hidden until you click “show.” This change is intended to improve information security by enabling you to make sure that your mobile device screen cannot be seen by others when the passcode appears.

New Phone?

Two Step Duo functionality will not automatically transfer to your new phone, so you need to re-enroll your new device. To re-enroll your new device (with the same phone number),  visit duo.scranton.edu.

Phishing and Spam Reminder

With the start of the new school year, we have seen an increase  malicious actors have been busy, leading to a rise in phishing and spamming attempts.  The University email system directs (by default) emails identified as spam to the junk mail folder. As such, we ask that you remain cautious when opening emails in this folder.

Here are two examples of recent phishing attempts that have occurred at the University:

Example 1:

This example starts out asking for a cell phone number, then quickly progresses to the ‘get me some gift cards’ scam.  If you are unsure, verify the request before providing any information.

Example 2:

The following phish is crafted to look legitimate, with the exception that the Technology Support Center would never send out a notice threatening deactivation of any account without additional context. This phish is an attempt to steal user login credentials. If the user hit ‘Click Here’ they would be redirected to a page to enter login credentials, which would then be used by the malicious actor to attempt to gain access to University systems.  Again, if in doubt, please verify a request before providing any information.

Cylance Endpoint Detection Rollout Update

The University of Scranton’s Division of IT is currently deploying Cylance Endpoint Detection and Response (EDR) to all University laptops and desktops. As of this writing, Cylance EDR has been deployed to 417 Windows and 23 Mac endpoints. Over 21 million files have been scanned and 61 files have been quarantined as threats. In addition, over 500 alerts have been generated regarding suspect endpoint behavior, with the majority being low severity.

Deployment to Staff endpoints began in January and will continue over the next several months. Installation of Faculty endpoints will begin after the end of the spring semester.

Cylance EDR is an AI-driven platform that strengthens, automates and streamlines overall endpoint security. Cylance’s EDR capabilities allow us to protect assets from modern cyber and malware attacks. It detects and mitigates highly advanced security threats as they emerge in real-time.

If you have any questions, please contact the Technology Support Center at 570-941-4357 or techsupport@scranton.edu

Eduroam Provides Internet Access to Students, Faculty and Staff

eduroam.jpg

The University of Scranton has joined eduroam, an international roaming service that provides all students, researchers, faculty and staff with secure, easy to use network/internet connectivity across member institutions.

Who can use the eduroam network?

Anyone from a participating higher-ed institution. This facilitates network access and productivity for visiting faculty, students and staff while away from their home institution, without any additional configuration to their computers or mobile devices. In addition, University of Scranton faculty, students and staff will be able to get the same internet connectivity when they travel to any other participating institutions.

How do I use eduroam?

  1. Connect to the “eduroam” WiFi network
  2. Once selected, click “Connect”
  3. Enter your University Email (or Royal ID number) and Password.
  4. Click “OK” (you may be asked to approve/trust a certificate)
  5. When successfully connected you will see eduroam listed in the wireless network list as “Connected, secured”

Improved Guest Wireless Internet Access

The guest wireless network ROYALGUEST was updated last May to provide campus guests with an improved 24-hour wireless internet connection while visiting our campus. Guests will now be required to create an account to access our wireless service. Step-by-step instructions can be found at scranton.edu/guestwireless.

GlobalProtect to be Deployed to Faculty and Staff Windows 10 Computers

Starting on Thursday, August 27, Information Technology will deploy GlobalProtect to all faculty and staff Windows 10 computers. GlobalProtect is the University’s Virtual Private Network (VPN) solution for access to on-campus network resources when you are off campus.

Some of the benefits include:

  • Off-Campus access to your G: and H: drives
  • Allows communication between Microsoft Windows and Office to renew licenses
  • Continues monthly Windows and Office updates, as well as anti-virus software updates
  • Some instructional software must communicate with a server on-campus to check out a license to verify your right to use

If you are logged on at the time of installation, you will receive an alert via the Quest KACE Systems Management Appliance (KBOX), similar to what is pictured below. Please exit all open applications and click Finish. Although you are not required to restart your computer after the installation is complete, we suggest that you do.

After GlobalProtect installs, it prompts for your R# credentials in the lower right corner of the screen.  Enter your username and password and click Sign In.

After you sign in, GlobalProtect notifies you of its status (see below).


Click anywhere on the screen to dismiss the notice. GlobalProtect does not provide any network services while you are connected to the campus network, wired or wireless.

If you are connected to any other network providing Internet access, GlobalProtect is providing network services and the status is reported as you see below.  Note the change in the overlay and wording.

Although it may be hidden, the icon below indicates that GlobalProtect is running and you have signed in.

In this following example, you will see that the icon is grey which indicates that GlobalProtect is running and you have not signed in.

If the icon is spinning and looks like you see below, GlobalProtect is running and trying to connect.

If you don’t sign in, you will see an alert in the lower right corner of the screen each time you log on to Windows.

GlobalProtect may also be installed unobtrusively when you are not logged on to Windows. You will see the sign in alert the next time you log on.

If you are not connected to the Internet at all and you have not signed in to GlobalProtect when you log on, you will see the following:

Connect to the Internet and click OK to confirm the Portal Address (which should be gp.scranton.edu) and sign in.

Should you be signed out for some reason, the alert to sign in appears in the middle of the screen and not in the lower right corner.

Please note the following:

  • GlobalProtect is only for use on University-owned computers. You cannot have it installed on your personally owned work from home computer.
  • Once installed and signed in, GlobalProtect works in the background. You should not have to sign in every day.
  • If you use Pulse Secure you cannot be signed in to GlobalProtect and Pulse Secure at the same time.

Securely Sharing Files with Restricted Data

Although email is a useful and necessary means of communicating, it is not necessarily the most secure method for sharing important or sensitive documents. For example, an email does not simply go from the sender to the recipient instantaneously. Most emails have to travel across multiple networks and servers before arriving in their intended audience’s inbox. These pause points expose emails to attack, usually due to unsecured networks, vulnerable servers, and the people savvy enough to hack them.

The Division of Information Technology recommends that you share specific documents or entire folders using OneDrive (and/or SharePoint). You can review and edit permissions at any time.

Click here to view entire recommendation and step-by-step instructions.

Tech Tips from IT Staff – Staying Secure

Zoom Security Updates by Ikram Muhammad, Information Security Engineer

To maximize security and minimize risks while working remotely, please follow University safety and security that can be found on the Information Technology website. Zoom regularly releases software updates including updated security features. You should see reminders from Zoom and should apply these updates on a timely basis.

Safeguard your credentials as report information by Maureen Castaldi, Manager Database Management

While working from home remember to safeguard your credentials as well as output from reports that you run from Banner Admin, ARGOS and/or Employee Applications. Output should be saved to onedrive and/or H:/G: drives. In addition, reports run from Banner Admin can be saved to the database as documented here.

Duo is required to access remote.scranton.edu by Don McCall, Technology Support Center Analyst

Just a quick reminder that Duo is required to access remote.scranton.edu, but it does work a little bit different than usual. Right after signing in, the system automatically sends the Duo request, so be sure to have your phone handy the moment you sign in. In some cases, it even bypasses the popup notification on your phone. In that case, you may want to open the Duo app directly so that you can see the incoming login request.

Securely Sharing Files with Restricted Data

Although email is a useful and necessary means of communicating, it is not necessarily the most secure method for sharing important or sensitive documents. For example, an email does not simply go from the sender to the recipient instantaneously. Most emails have to travel across multiple networks and servers before arriving in their intended audience’s inbox. These pause points expose emails to attack, usually due to unsecured networks, vulnerable servers, and the people savvy enough to hack them.

The Division of Information Technology recommends that you share specific documents or entire folders using OneDrive (and/or SharePoint). You can review and edit permissions at any time.

Click here to view entire recommendation and step-by-step instructions.

Security Spotlight: Restricted Data

Restricted data is the University’s most sensitive data and requires the highest level of safeguarding. Restricted data includes, but is not limited to, social security numbers, credit and debit card numbers, bank account numbers, driver’s license numbers, PINs and passwords.  Here are some tips for securing restricted data:

  • Know what restricted data you have in your files and computer.
  • Don’t keep restricted data you do not need.
  • Refrain from storing restricted data on your local hard drive. Store restricted data on secure locations like departmental Groups drive (G:), your (H:) drive, or One Drive/SharePoint.
  • Properly dispose of what you no longer need, such as deleting files from your computer, clearing the files in the Downloads folder and emptying your computer Recycle Bin.
  • Do not email restricted data unless it is encrypted.
  • Do not store credit card numbers under any circumstances.

Remember, if restricted data isn’t absolutely necessary, don’t use it.