Introductions: Since this was the first meeting of the 2016-2017 academic year, ITAC members and guests were asked to introduce themselves.
Approval of Minutes: The minutes from the August 25th meeting were approved as written.
II. Agenda Items
4:05 – 4:25 – IT Security Threat Trends, Richard Biever, Phillip Batton, Cara Bonnett (10 minute presentation, 10 minute discussion)
What it is: The threats posed by cybercriminals evolve into new and more alarming forms while IT security organizations work to implement preventive action. 2016 information security threat trends include everything from zero-day vulnerabilities, data breaches, spear-phishing campaigns, and website vulnerabilities, to ransomware.
Why it’s relevant: As our lives involve more and more transactions and work that occur online, cybercrime has become a part of our daily lives. Richard’s team will discuss three of the threat trends and how Duke is implementing preventive measures.
Threat Landscape: The prevalence of ransomware, software designed to block access to a computer through encryption until a sum of money is paid, has been increasing across industries, platforms and devices. Devices running Windows, Mac and Android operating systems have been compromised. Even Smart TVs have been targeted.
The prevalence of phishing attacks, attempts at social engineering recipients into either installing malicious software meant to steal private data or providing sensitive information in what appears to be a normal/secure means, has also been increasing. The industry is reporting an 800% increase in the amount of phishing attempts just in the past year, with over 90% of those attempts containing ransomware. Although Duke has not seen the same prevalence of ransomware in phishing attempts as the industry is reporting, it has seen an uptick. In response to changing attacks, Duke adjusts the settings and protections in the email gateways to mitigate new threats.
Question: If a department wants to move their email behind the email gateways for protection, would it be difficult.
Answer: The process is fairly straightforward. It would require a DNS change along with a communication to faculty and staff to explain the changes they might see like rewritten URLs.
The following recommendations will help reduce your risk of becoming a victim of malicious attacks:
- Install patches in a timely manner.
- Use Symantec with: Insight (file reputation) and SONAR (application behavior).
- Don’t open unexpected attachments.
- Avoid enabling macros when opening documents, unless you trust the source.
- Create frequent backups.
- Remove Flash, Silverlight and Java when using an internet browser. Only use Java for applications that require it and disable it when it is not in use.
- Run an ad blocker like ublock origin when using an internet browser.
Password Security and Recommendations: Passwords are a prime target for attack. Password mega breaches have now reached over 1 billion. The following recommendations will help keep your passwords safe and your accounts secure:
- Check LeakedSource regularly (https://www.leakedsource.com/(link is external) . Users can search the website’s database of more than 2 billion accounts that have been identified as compromised.
- Check Breach or Clear regularly (http://breachorclear.jesterscourt.cc(link is external)). Users can search the websites database of more than 1 billion compromised accounts.
- Subscribe to Have I been Pwned (https://haveibeenpwned.com/(link is external)). Users can search by email address or username to identify accounts that have been compromised in a data breach. Users can also sign up to receive a notification if their account is identified in the future.
- Don’t reuse passwords.
- Get a password manager like LastPass (https://oit.duke.edu/news/2013/2013_12_03_lastpass.php).
- User multifactor authentication everywhere you can (https://oit.duke.edu/net-security/security/multi-factor-authentication.php and https://twofactorauth.org/(link is external)).
Questions and Discussion
Question: Could we have a hands-on session to set up ad blockers and other security measures on laptops?
Question: Who do we contact when we receive a suspicious email?
Answer: You can email firstname.lastname@example.org(link sends e-mail) or call the Service Desk. IT Departments can assign a high priority ticket in ServiceNow to EIS-OIT.
Question: Can LastPass work on a phone?
Answer: Yes. The OIT Security Office can have a hands-on LastPass session and help you set this up.
Question: Is LastPass the only choice?
Answer: We recommend using a password management tool, but it doesn’t have to be LastPass. 1password is another application that is available and it works well with Mac and iOS devices.
Comment: We still need to have a session on how TAP protection works especially with url rewriting.
Question: Can the rewriting of a particular URL be bypassed?
Answer: Yes, there are scripting options to change the rewritten URL back into the original version.
4:25 – 5:00 –Technology Engagement Center Tour (OIT Media Technology, Innovation Co-Lab), Evan Levine, Steve Toback, Michael Faber, Chip Bobbert (5 minute presentation, 30 minute demonstration)
What it is: A renovation of the first floor of the TelCom building began in early 2016. The plan included features such as a recording studio, a new innovation studio and co-lab, a common space to facilitate ad-hoc collaborations, a conference room space, an editing suite, and an ideation space. The new Technology Engagement Center opened its doors on Thursday September 1, 2016. We will lead a tour of the Media Technologies and Innovation Co-Lab spaces.
Why it’s relevant: OIT’s objectives focus on service evolution, quality improvement, and innovation support of the growing needs of Duke’s research and academic initiatives. The Technology Engagement Center is one of examples of our commitment to accomplishing these objectives.
The TEC Tour: The tour of the Technology Engagement Center (The TEC) started in Conference Room 132 (Figure 1) which is a reservable space that functions as a conference room or classroom and is bookable directly in Outlook by inviting “TEC-ConferenceRoom-132”. Stephen Toback demonstrated the high tech features of the room including the large interactive multi-screen display with wifi enabled Gigu screen sharing and multiple 4k cameras and microphones for audio and web conferencing in WebEx, Skype, etc.
The tour continued to the other areas of The TEC including the Innovation Co-Lab Studio (Figure 2) - a makerspace that includes over 50 3d printers, digital modeling workstations and a separate room for fabrication equipment such as laser cutters and CNC routers and a specialized workspace for delicate fabrication jobs, Duke Research Computing, the Innovation Co-Lab - a technology creativity incubator, and the new video recording and editing suites to support the creation of online course materials.
5:00 – 5:30 – Celebration
Recognition: Outgoing member Dr. Caroline Bruzelius was presented with a plaque which was made in the Technology Engagement Center in recognition of her many years of service on ITAC.
Celebration: After the tour, members enjoyed food and spirits in The TEC’s open commons space (Figure 3), a central space for spontaneous interactions and idea sharing.