Flash Friday recap: Remote Access and Network Drives in the CON

In the College of Nursing’s latest Flash Friday, Erik Yarberry from the CON IT department explained in easy-to-understand language how he keeps us securely connected with each other and with our data.  He answered the following questions:
~ How do VPN and the Remote Desktop really work?
~ What are the differences between our CON network drives? Which ones can I access and when?
~ Why can’t I keep things on my own desktop on Remote Desktop? Why shouldn’t I keep a bunch of files and folders on my own computer desktop?
~ How does Duo work?

If you missed his half-hour webinar, you can view the recording online.

He displayed a pair of great side-by-side diagrams illustrating the difference between our Remote Desktop and VPN.  Here they are!

Remote Desktop Server Overview

VPN Overview

Cybersecurity Part 3: Educate Yourself About Web Addresses

In our first two posts about Cybersecurity, we defined different threats and discussed what the College of Nursing IT department does, as well as what you can do, to protect our data at the College of Nursing.  This post will go over some additional information about reading website addresses that will help you to be safer when browsing the web.

Below in black/blue/red/green you can see the full web address of the RN to BSN program introduction on the CON website.  You will notice four distinct parts of the address. Below, we will go over those parts of the web address.

Http(s): The letters “http” ahead of a website signify the Hypertext Transfer Protocol, and the “S” added here indicates that the connection is encrypted (or, coded to keep unauthorized viewers from seeing the information being transferred).

Domain: The domain name is the name of the website that you are accessing. In the case above, nursing.osu.edu is the domain name of the College of Nursing.  All of the subsequent pages that you can reach from the College of Nursing’s website are “nested” into this domain.  In this particular case, nursing.osu.edu is connected to the overall osu.edu domain which you can reach by clicking the link at the very top of the page.  In much the same way that books have chapters with sub sections, the larger “osu.edu” domain connects to the smaller “nursing.osu.edu” domain which has many pages attached to it.

Extension: The extension tells us what kind of website we are accessing.  In this case, the “.edu” extension indicates that this is a higher educational institution.  Other common domain names are listed on this Wikipedia page.  It’s good to be familiar with the most used extensions, because in recent years, fake websites have popped up that may lead you to think they are legitimate. For example, the real website for the ABC News television station is abcnews.go.com.  Recently, a fake site popped up with the web address abcnews.go.co* (notice this site ends with “.co” instead of the usual “.com”) that mimicked the real website quite convincingly.

Path: The series of words with forward slashes that follow the website extension tell your computer where to look in the domain of the website– this is basically a nested series of pages. So, in the example above, the RN to BSN program introduction connects to the undergraduate program overview page which can be found on the academic program page.

Now that you know the basic elements of a web address, try paying attention to the addresses that common links take you to.  Whenever you see a domain name that seems off (like “gooogle.com” for instance), an extension you don’t recognize such as “.co”, or you don’t trust the provider of the link, DON’T CLICK!  You can find some helpful hints from these pages as well:

How to Spot a Fake Website

Reading Web Addresses

 

*For those of you who are now terrified of clicking on a bad link, we’re glad you’re paying attention! The link above to the fake ABC website will just take you to a Wikipedia page describing the site, so feel free to check it out this time.

 

 

BuckeyePass (Duo Multi-Factor Authentication) coming to the College of Nursing

Multi-factor authentication adds a second layer of security that combines something you know (like your password) with something you have (a mobile device or phone). With just a few changes, users can take advantage of the new security measures now when authenticating to the CON VPN (known sometimes as NetExtender or SonicWall). Both single-factor and multi-factor authentication methods will be available until May 5, so now is a great time to try it out and work through any issues before the old method of logging in is no longer available.

Why:

Passwords alone are no longer secure enough to protect certain kinds of data. Increased phishing attacks against higher-educational institutions, increases in identity theft crimes, and data breaches on other websites where usernames and passwords may have become exposed all contribute to the need for multi-factor authentication. Attackers will no longer be able to access sensitive information with just a stolen password.

When:

The new, multi-factor VPN is already active and available for use. The existing, single-factor VPN will remain active until May 5th, 2017. Faculty, staff, and students connecting to the VPN will need to use the address vpn.nursing.osu.edu.

The Remote Desktop Server will begin requiring Duo authentication on the same day.

How:

Most faculty and staff have already activated their Duo account, as it is required to log into Employee Self-Service. If you have not already, please click here for more information on how to register and activate. If you need assistance, please call (614) 688-HELP.

https://buckeyepass.osu.edu/

Once you have activated, you will need to set up a new connection in your NetExtender or SonicWall Mobile Connect application. For more detailed instructions, click here.

There is a general Panopto tutorial here.

Cybersecurity Part 2: External Threats

In our previous cybersecurity post, we discussed internal threats and what you can do to avoid them.  This post will focus on external threats, and how the College of Nursing IT department is working to keep our network safe.

An external threat is an attack or attempted attack by an outsider trying to gain access to a network.  There are several levels of external threats, including:

  • Basic: These usually take the form of scripts that automatically search the internet for vulnerabilities. They are not usually aimed at specific people or networks.
  • Advanced: These are attackers actively trying to access a network from the outside.
  • Advanced Persistent: These are often hackers who are state-sponsored or may even come from inside foreign governments.  They have the time, money, resources, and motivation to get into a network and they will continue trying new attacks.  Attacks of this nature are often the ones you hear about on the evening news.

We asked Erik Yarberry, network administrator for the College of Nursing, what we are doing to mitigate threats from both external and internal attacks.  Here are a few things our network is equipped with:

  • A Firewall, or a system that uses certain rules to control traffic into and out of the network.  The CON has two firewalls– one that protects all networks inside the CON (including Nursing_WiFi) from the outside, and then another one that keeps Nursing_WiFi separate from the wired network.
  • A Virtual Private Network (VPN) which encrypts internet connections to network resources that are not available to the public
  • Splunk, a program which exports all of the network’s system logs and allows network administrators to search those logs using sophisticated techniques
  • Data Loss Prevention (DLP) Software which protects all of the network’s data from exposure or being compromised.
  • Various alerts about possible “ransomware” attacks, compromised accounts, too many login attempts, etc

With all of these programs and defense mechanisms in place, our network runs every day while fending off potential attacks from the outside.  In our next and final entry for this series, we will discuss more ways that you can protect your information and keep the CON network secure.

 

CON Website Maintenance

Summary

CON web services experienced an outage between 11am Monday, December 26th until 2pm Tuesday, December 27th. The sites are now back up and can be viewed, but persistent infrastructure issues prevent content from being modified. As work continues, some sites will be taken offline for a brief period after business hours for testing. We do not currently have an estimated time for the restoration of these services, but will post live updates here as fixes are applied.

The following services are currently being worked on:

  • eLearning (Moodle) – 50% ~ approx. completion by 1/6/17 EOB.
  • Cloud Services (cloud.nursing.osu.edu) – ~ approx. completion by 1/12/17 EOB.
  • REDCap Services (redcap.nursing.osu.edu) – 0%

The following services have been fully restored:

  • Background Authentication Services, 12/28/16 3:12 AM, Allows us to start migration of users with new method of authentication and migration support.
  • Our merchant services, transactions, event registrations, form submissions, past records, etc. have been migrated and are now fully active and supported with the new usernames and authentication. 12/29/16 4:15 AM
  • Central authentication user data and roles, 12/28/16 5:34 PM
  • CON Website. 12/28/16 11:05 PM
  • AcCELL Website. 12/28/16 11:40 PM
  • Centennial Website. 12/28/16 11:40 PM
  • Health Athlete Website (HANA). 12/28/16 11:40 PM
  • Healthy Academics Website (BHAC). 12/28/16 12:10 PM
  • Master of Applied Clinical and Preclinical Research Website (MACPR). 12/28/16 12:10 PM
  • Master of Healthcare and Innovation Website (MHI). 12/28/16 12:10 PM
  • Patched merchant services interactions with CON form systems. 1/3/17 11:55 AM
  • Directory services (sharepoint and website) are operational and updating. 1/3/17 1:57 PM
  • Data migration has been finished on all CMS systems including the College of Nursing website. 1/5/17 3:15 AM
  • Data migration work is concluding on iPeer, majority of work is completed with some legacy courses and users being migrated by hand at the moment. 1/6/17 5:52 PM.
  • Data sync services have been restored between Authentication, Directory, API, Mailing, and Web Services after migration and service alteration. 1/5/17 5:31 AM.
  • An issue regarding legacy publishing and accessing older revisions (pre-2014) on the College of Nursing website has been resolved. 1/5/17 5: 10 PM.
  • An issue regarding the ability to login with certain OSU passwords has been resolved.  1/6/17 2:05 PM
  • An issue regarding permissions mapping for certain role types on the College of Nursing website has been resolved. Improvements have been made for first-time users.  1/6/17 4:12 PM
  • Blogs (blogs.nursing.osu.edu). 1/06/2017 10:00 PM

The following services are fully disabled due to the need for a full migration:

  • Cloud (cloud.nursing.osu.edu)

Please contact us at con-it@osu.edu with questions.

College of Nursing Passw​ord Synchronization Frequently Asked Questions

What is happening?

On December 20th, 2016, we will begin syncing computer log in usernames and passwords with Ohio State usernames (lastname.#) and passwords throughout the College of Nursing​.

Why is this happening?

Simplicity! By syncing your computer log in with your Ohio State username (lastname.#) and password, you will only have to remember one password instead of two. In addition, you will only need to update one password every 180 days at https://my.osu.edu

What do I need to do to prepare?

  • You will need to make sure that you know your Ohio State (lastname.#) password so that you may use it when you log in to your computer.
  • It is also recommended that you log off your computer prior to the password sync if you are able to do so.​​

​​How should I change my password in the future?

​Please go to https://my.osu.edu to change your password when you receive the email notification that it will be expiring soon.

What do I do if I forgot my Ohio State username and password?

Visit https://my.osu.edu to obtain your username and password. Please note that only the account owner can request a password reset. Call 8-HELP (4357) or e-mail 8help@osu.edu

Will I still need to put OSUCON\ in front of my username?

For certain applications, yes. Examples include, but are not limited to:

  • SharePoint
  • Studentweb
  • Panopto Recorder​ (Not the web page)
  • Nucleus

I’m a VPN user – will it work if I don’t come in to campus first?

The short answer is “it depends”. There are several factors related to your operating system, VPN client version, and domain membership that all work together to create network access.

  • If you connect to the VPN using a personal computer, you will likely only need to update your connection script. Please see the article here for more information.
  • If you connect to the VPN using a CON owned computer, AND you plan on connecting over break (before you are able to bring the laptop back in to Newton Hall), please contact us. We will work with you to make the transition as smooth as possible.

If you have trouble accessing documents remotely over break via the VPN, please try using the CON Remote Desktop Server as a temporary workaround. For questions, please contact us at con-it@osu.edu.

CON Firewall Upgrade Status

Friday, Feb 20

Update 1: 5:00 pm – The CON IT team has started the firewall upgrade project.  Right now, all systems are down and are being moved over to the new network configuration.  We will update this page as we make progress.

Update 2: 8:30 pm – Most services have been changed to accept the new firewall configuration, but will not be available until the router and switches have been configured.

Update 3: 11:00 pm – Router and switches have been configured, but we are experiencing issues with DNS (web site name) resolution.

Saturday, Feb 21

Update 4: 3:00 am – Still experiencing issues with DNS resolution and OSU.edu authentication, but we are beginning to restore internal web and file services.  Client computers from within the building should be able to access the internet.

Update 5: 4:00 am – We are making progress in restoring services from within Newton Hall.  Network drives and websites are available internally but are not yet available outside of Newton Hall.  We are stopping for the night and will return tomorrow.

Update 6: 10:00 am Saturday – We are beginning work again.

Update 7: 12:00 pm – Remaining routing issues, DNS resolution, and OSU.edu authentication have been resolved.  Client computers, file servers, and some web servers (including Panopto) are available.

Update 8: 3:00 pm – VPN, SharePoint, Studentweb, Nucleus, Panopto, Network drives (H:, N:, W:, R:), Remote Desktop Server, and Wireless have all been restored and should be accessible.

Update 9: 5:00 pm – We are running OS updates on some systems which may cause brief service interruptions.  The nursing.osu.edu website is still experiencing issues.

Update 10: 10:00 pm – Most printers are back up.  The most CON websites are up (nursing.osu.edu, iPeer), but payment forms are not yet available.

Update 11: 11:30 pm – Some extended functionality of the nursing website has been brought up, client PCs and printers are available.  We are concluding work for the evening but will be back tomorrow to continue to upgrade the security of our new infrastructure.

Sunday, Feb 22

Update 12: 11:30 am – We are beginning work again.

Update 13: 5:00 pm – We have completed work.  All services should be back up and operational.  If you need assistance, please contact us by email at con-informationtechnology@osu.edu.

Thank you for your patience,

CON IT Team