cindy.mcmanus

A Nightmare on Shred Street 2: Data’s Revenge

Like any Hollywood nightmare, a sequel is always in the offing, and identity theft just isn’t going away. With that in mind, the second annual “A Nightmare on Shred Street” event was held on Monday, October 23. In support of Cybersecurity Awareness Month, Information Technology Services teamed up with Lethbridge Mobile Shredding to offer free shredding of personal documents, hard drive degaussing, and e-waste recycling at the University of Lethbridge.

In just four hours, this public event helped more than 100 people protect themselves from identity fraud by shredding over 2000 gallons of paper documents, as well as several hundred magnetic and other non-paper items (credit cards, cell phones, CDs, floppy disks, etc.) containing personal information. Over 3.5 cubic metres of electronic waste was collected and sent for recycling. A degausser was on site to demagnetize and erase 49 hard drives before recycling.

Donations for the University of Lethbridge campus food bank were gratefully accepted. The event raised $375 and collected 120 food items, which is enough for about seven hampers, to help University of Lethbridge students through the end of the fall term. Seven functioning laptops were also salvaged from recycling, with permission from the donors, and will be wiped clean and donated to the Operation Underground Railroad organization, which helps children escape from trafficking and slavery.

All of this more than doubles the numbers from last year’s event! Information Technology Services acknowledges the generous support of Lethbridge Mobile Shredding, DBS Environmental, Campus Safety, Facilities, and the many individual people who came together to make it happen.

Business Intelligence: Data Warehousing, Reporting and Analytics

Authored by Vicki Lund-Tulloch, Business Intelligence Administrator, IT Services

Have you ever wanted to know…

  • Are we reporting the right information, in the best way, to government bodies to boost our comparative rankings, meet compliance requirements and secure desired funding levels?
  • Can our academic and business decision-makers easily analyze operational data, from across faculties and functional areas, to make better decisions in a budget sensitive climate?
  • Do our marketing strategies align with student feedback and leverage the demographic, psychographic and geographic trends within our student body?
  • How many annual enrolments do we require – of a full fee paying, government supported and scholarship nature – to remain profitable and secure desired levels of government funding?
  • Do we have access to the right student, research, performance and departmental data to compile effective research grants?
  • Are we building the right infrastructure to support student satisfaction, learning, retention and successful graduation?
  • Are our industry partnerships aligned with current student courses to ensure relevancy and boost successful job placement upon graduation?

Addressing these questions requires the timely and accurate student, research and operational data that Business Intelligence can provide. We’ve already begun our journey with just such a system:

bi-pic-1

Ellucian Banner Operational Data Store provides a consistent view of institutional data for everyone across campus. Data uses familiar business terms and definitions so departmental users can easily access the information they need to manage operational reporting, perform ad hoc queries, and make better decisions about their daily responsibilities.

Cognos Reports provides an enterprise level depth of features for reporting, metadata creation and data modelling. It features tools for self-serve ad-hoc, complex and dashboard reports with automated and event driven delivery.

The Importance of Business Intelligence in Modern Higher Education

2016 EDUCAUSE Top 10 IT Issue: BI and Analytics

Higher education institutions must become more data driven to capably respond to demands to become more effective and flexible and to meet both mission objectives and regulatory requirements. Business intelligence (BI) and analytics are the keys to unlocking insights that are contained in the numerous institutional data stores.

Gartner’s 2016 CIO Agenda Report

“Business Intelligence and Data Analytics are the top trending priority for global CIOs in 2016. This marks the fifth-consecutive year that BI and analytics has topped the list.

Business Intelligence and Data Analytics tools have certainly gone from being auxiliary parts of business to absolutely vital. It’s a near-certainty that BI and analytics will remain the top priority of global enterprise CIOs again in 2017, as the need to gain insights from data will continue to increase.”

Gartners 2016 CIO Agenda: A Higher Education Perspective

Business Intelligence and analytics are receiving the highest new funding of any technology in higher education:

bi-pic-2

What the University of Lethbridge is Already Doing With Our Current Business Intelligence

“Cognos allowed us to automate 75% of the manual processes involved in generating our Fact Book publication which significantly reduced the time required to generate these institutional reports.”

“Enrolment management reports built in Cognos allow for weekly reports to be scheduled and run automatically from a reliable data source, saving time and reducing potential errors in the reporting process.  This type of reporting also enabled additional faculty and program specific reports to be developed and used to better inform institutional decision-making.”

James Croil, Acting Manager, Institutional Analysis

“It has given users within Financial Services more flexibility to run reports with a variety of parameters at any time rather than waiting for someone with expertise in MS Access to query finance tables and create the reports.”

Linda Anderson, Director, Finance System Support & Development, Financial Services

“With on-demand access to prospect reports, the ODS enables our fundraising managers to monitor development activity as often as they like, from their desk, on the road, or from home – at a time that is convenient for them.  This flexibility puts them in control while also freeing up the time of the report-writers for other tasks. We recognize that BI is important to help our institution better identify philanthropic prospects and compete for philanthropic contributions.”

Anna Linville, Manager, Advancement Services, University Advancement

 How We Compare to Other Higher Education Institutions With Business Intelligence

bi-pic3 bi-pic-4

Source: The Analytics Landscape in Higher Education, 2015 EDUCAUSE and Gartner

For any questions or further information, please contact Kevin Vadnais, 403-332-4056 or kevin.vadnais@uleth.ca.

The Results Are In – SU Food Bank Challenge!

December is always a busy month but the University took the time to show its community spirit by coming together and raising always welcome donations for the Student’s Union Food Bank.

IT Services and Financial Services threw down the gauntlet again this year and challenged each other to see who could raise the most donations and the results were fantastic! A total of 874 food items and a whopping $1,239.00 in cash was raised. Shelly Tuff, USLU Health & Dental Plan Administrator, said that the USLU foodbank has been well stocked. “Thanks to IT and Financial Services for all the food and cash collected, it will help out a lot of students in need. And thanks to all who donated, we at the Student’s Union are very grateful for your generosity!”

The friendly rivalry started early in December with both departments collecting food and cash donations. IT Services had a Chili Cook Off fundraiser which was very well supported. Managers donated their time and chili and The PMO Office came out victorious with the most votes for the favorite. All those who attended enjoyed some great food and donated generously. Plans are in the works to host another cook off next year.

For cash donations, IT Services raised $934.00 followed by Financial Services with a total of $423.00. For food items IT Services collected 514 items and Financial Services collected 360.
The response was overwhelming and we would like to thank everyone from both departments for their enthusiasm, generosity and support. The victors in this friendly competition are definitely the students in need.

We’re looking forward to another spirited competition next year!

 

volunteers-sorting-cans

Tis the season….to get scammed!

Once again the holiday season is upon us. This is a time where we celebrate family and friends, reach out to those in need and try to make the world a better place one little act of kindness at a time. Unfortunately, it’s also a time where those who don’t share our vision of “Peace on Earth” abuse the generosity and trust of people around the world by lying, stealing and destroying the financial lives of innocent victims. Cyberattacks are on the rise and the Christmas holiday season provides online fraudsters with ample ammunition to target online shoppers and those expecting various communications from mail and parcel delivery services.

In an effort to protect you during the holidays, the Information Management and Security Office would like to remind you of the following guidelines to help you keep your information and your computing devices safe and scam free.

Passwords

You certainly wouldn’t hang your house keys or car keys on your mailbox outside your house. Anyone could walk by, grab the keys and help themselves to your assets. Unfortunately, we don’t treat our passwords with the same kind of respect it seems. Passwords are the key to your online identity and improper usage or storage of them makes it easy for attackers to abuse your credentials and do things that would certainly land them on the naughty list. Some guidelines to remember for keeping passwords safe include:

1. DON’T REUSE PASSWORDS ACROSS WEBSITES. Although it’s tempting since passwords are hard to remember, it is a very poor practice to only have one password for your online identity. Not all sites are created equal so there may be some wiggle room in that directive but generally you need to have distinctly separate passwords on the following sites:

a. Banking
b. Email
c. Ecommerce sites that store your credit card or banking info (PayPal, Amazon, etc).

A password management tool like KeePass or LastPass can help manage your passwords and keep them safe. Many of them are free and will create a vault for you to store these precious assets in.

2. DO NOT ENTER PASSWORDS INTO WEBSITES THAT ASK YOU TO CONFIRM YOUR IDENTITY THROUGH EMAIL. Those emails that promise more space or a deactivation of your account are fraudulent. We refer to them as phishing attacks. These websites are often hosted in questionable locations that don’t have anything to do with the organization who supposedly sent you the email. Always check the address bar of your browser or hover over a link with your mouse to make sure you are where you think you are. For example, a uleth.ca login page will never be hosted on a site that doesn’t end in .uleth.ca (https://login.uleth.ca/cas/login, or https://adfs.uleth.ca )

For a complete training course on phishing, we encourage you to enroll in our online training materials available for all students, staff and faculty. Visit the Information Security webpage  for more information. Enrollment in these courses is easy.

Email Attachments

Part of our overall security strategy at the University is to restrict certain files from coming into your inbox. Certain attachments can be used to spread viruses, malware or ransomware. For example, you cannot receive .zip, .docm, .exe or .com files. All of these could contain potential risks and so we remove them before they ever have a chance to arrive in your email. However, we cannot control your personal email accounts or websites you may visit, which may host these types of files. We encourage you to never open a suspicious file from someone you don’t know or to click on links from non-trusted webpages that encourage you to download these types of files. When downloaded and running, these types of files can silently download malicious software onto your computer which could result in the complete loss of data or usage of your machine.

During the holidays there are some common scams that occur including emails which are attempts to trick users into thinking they are receiving a package or delivery. Because of the time of year we aren’t always thinking about whether or not we are actually expecting something and sometimes click on places we shouldn’t. A few years ago we had a huge spike in these kinds of emails and so we created a webpage that describes the attack in detail and how you can avoid it. Please review that summary here.

Ransomware
A new and very effective attack that is becoming increasingly popular is ransomware. This type of attack will hold your data ransom and demand payment (usually $200 – $400 per machine) in order to restore access. There is no technical solution that can fix ransomware once it has infected your computer and unless you have backups in place, you will be forced to pay or lose your data. Paying ransom can be complicated and doesn’t actually guarantee that you will be able to recover your data so the preference is to never get infected in the first place. Ransomware is typically delivered though malicious email attachments or files downloaded from the internet. Most infections can be easily avoided if you pay attention to what you click on and never allow untrusted applications or website to run programs on your system. Ransomware affects a variety of institutions and organizations. Recently, the University of Calgary and Carleton University in Ottawa had ransomware unleashed in their environment which caused huge interruptions to their research and teaching activities. These types of attacks could have serious implications on the University of Lethbridge and we urge all users to be vigilant in their computing activities to prevent similar incidents from happening here.

What can you do?
The Information Security program at the University of Lethbridge has created a variety of training and education opportunities to help you understand how best to protect your information. All University staff, faculty and students should be engage in these online and in person training opportunities. Any questions or concerns should be sent to ITS who will be happy to assist you.

Current training courses include:

1. Security Awareness (A general overview of good IT Security practices)
2. Phishing Awareness (A focused review of Phishing attacks and how to avoid them)
3. Data Encryption (How to encrypt and protect sensitive data in the event of loss or theft)
4. Data Storage Standard (All staff and faculty should take this every 2 years to determine where and how to store various types of data)

To schedule some in person training for your department, please reach out to Kevin Vadnais, 403-332-4056 or kevin.vadnais@uleth.ca, who will arrange a time to address the topics that affect your teams the most.

Hacker typing on a laptop

2016 ULSU Food Bank Challenge!

For the past few years Financial Services and IT Services have been in a challenge to collect the most number of food items and largest amount of cash for the ULSU Food Bank. This year is no itfooddrive2016different! And once again we are opening the challenge up to ALL DEPARTMENTS on campus to join us!

Did you know that last year the ULSU Food Bank handed out almost 300 hampers and usage is up from last year? They also hand out $25 gift certificates so students can purchase some fresh food. The struggling economy has made it very difficult for some students and their families. The kindness and generosity of the campus community will make a huge difference for many.

Shelly Tuff, Food Bank Coordinator and Health Plan Administrator for students, says that breakfast foods are in high demand (oatmeal, cereal, peanut butter and jam etc). Other items that would be great to stock the shelves with are juice, canned fruit and vegetables, canned meat, pasta and pasta sauces and snacks such as granola bars, microwave popcorn, nuts, etc. The food bank has an abundance of soup and beans but welcome all donations.

There are a few options to donate if your department doesn’t want to take up the challenge. IT Services will personally pick up any donations and ensure each gets credit. Let us know if you want to participate and we can drop off a donation box in your area. As well, donations can also be dropped off in the new centrally located Solutions Center in TH218 of Turcotte Hall and in D570 in University Hall. Cash donations are very welcome and the amount is factored into the challenge.

The challenge will come to an end on December 16th and Food Bank helpers will be collecting donations on December 19th. If your department isn’t able to participate, we encourage individuals to donate items to other departments who are participating. Updates will appear in UWeekly.

For the record, the prize is bragging rights and IT Services plans on taking this
one home.

For more information regarding the food bank, please contact Shelley at 403-329-2039 or at food.bank@uleth.ca. If you are interested in participating in the challenge or having a donation box in your area, please contact Cindy at 403-382-7180 or at cindy.mcmanus@uleth.ca.

Cybersecurity Awareness Month

Cybersecurity Awareness Month (the month of October) coincides with Electronic Records Day (October 10 – sponsored by the American Council of State Archivists). Now that the Records Management Program has been combined with the Information Security and Business Intelligence programs, the Information Management and Security Office wanted to celebrate these events collectively and raise awareness about everyone’s role in Information Management.

We would like to give a special thanks to the Faculty of Management who were kind enough to loan us their popcorn machine during many of our events. The aroma of fresh popcorn helped us begin the conversation with many different people.

Information Booths
On the week of October 3 – 7, the Information Security Office set up booths in the UHall Atrium, and attempted to steal the identities of people brave enough to offer up their names to us. On average, we were able to uncover unknown personal information for approximately 75% of the individuals who spoke with us. The volume and type of data varied, from limited information to a complete package that would facilitate identity theft. It was an excellent opportunity to discuss tips and tricks with everyone that stopped by.

We kicked off Electronic Records Week (Oct 10 – 14) by releasing a number of new guides and information sheets to help faculty and staff manage their records. The topics addressed by these guides include: distinguishing between transitory and university records; managing email; electronic file and folder naming conventions; and managing information overload.

To get the word out, Records Management staff spent much of the week out and about at information booths across campus. We connected with faculty, staff, and students and offered advice for better managing both personal and university records. We used the opportunity to soft launch our Designated Records Officer (DRO) program when chatting with managers and executive directors. We were also promoting A Nightmare on Shred Street, which was held on October 31.

Life Balance Fair
On October 26, 2016, our Wellness Committee hosted the 10th Annual Life Balance Fair. This event aims to increase employee’s and students’ awareness of the importance of workplace and school health in order to optimize personal and organizational performance. We think that effective records management and information security best practices contribute to workplace health and attended as exhibitors to share this message with University staff. We continued to try to steal identities, distribute our new guides, recruit DROs, and promote A Nightmare on Shred Street.

During the month of October, we signed up about 20 people for records management training, including 15 DROs. We distributed over 50 paper copies of each of our new guides, even though we were directing faculty and staff to the electronic versions posted on our website.

A Nightmare on Shred Street
On October 31, 2016, the entire Information Technology Services department teamed up with Lethbridge Mobile Shredding to host A Nightmare on Shred Street. This event offered free shredding of personal documents (paper and non-paper), hard-drive and other storage media degaussing and e-waste recycling. While the the cold (~2°C) and driving rain put quite a damper on the event (pun intended), we collected two cubic metres of e-waste, about two dozen hard drives for degaussing and almost 15 large (96 gallon) shredding bins of personal papers. In the process we raised $170 and about two 121L garbage cans full of food donations for the campus food bank!

Next Year
If anyone has ideas on how we can make this annual celebration of Information Management and Security better for next year’s event, please reach out to our offices; we would be happy to hear your ideas. Until next year…

Information Management and Security Office Staff:
Ashley Haughton – Records and Information Manager
Vicki Lund-Tulloch – Business Intelligence Administrator
Darin McGee – Information Security Analyst
Cheryl Read – Records Technician
Kevin Vadnais – Manager, Information Management and Security Office