Tech Alerts

Last Thursday, we sent a Tech Alert regarding connection issues when accessing FDU websites via Google Chrome. The issue, caused by the Chrome browser, was resolved within hours for all sites except library.fdu.edu, which remained accessible through all browsers except Chrome. This remaining issue has now been rectified, and library.fdu.edu is once again fully available through Chrome. No further issues are expected.

OIRT currently uses a pair of Ivanti applications, Environment Manager and Application Control, to manage configuration and privileges on all employee machines. In the coming months, the Desktop Engineering team will add a third Ivanti application to our toolkit: Ivanti User Workspace Manager. This application will allow us to manage agent deployments, policy deployments, updates, and revocations for the existing applications.

OIRT computers will be the first to receive the updated Ivanti software package, including User Workspace Manager, starting on 5/1/25 at 8:00 AM. During deployment and enrollment, you will be prompted to reboot your computer.

While the reboot can be postponed, we recommend doing so at your earliest convenience. The entire installation and reboot process is expected to take approximately 7 minutes. Once installed, you will likely notice a new icon, as shown below.

OIRT is receiving this update first because your valuable feedback is essential to our process. If any issues arise, open a SAMI support ticket detailing your experience and direct it to the USAN Systems team.

Some members of our community are experiencing issues when using Google Chrome to make a secure connection to FDU websites such as www.fdu.edu and library.fdu.edu. This issue is the result of a recent Chrome browser update. Our team is actively working to resolve the problem, and we expect full resolution within approximately 4 to 6 hours. In the meantime, Chrome users who receive a “secure connection” error message are advised to use an alternate browser.

FDU OIRT has been advised that the Zoom outage is now resolved. Our expectation is that there will be no further issues.

Zoom is currently experiencing an outage affecting users in the US and Canada. FDU OIRT is actively monitoring the situation and will update the community as more information becomes available.

Network security is always about finding the optimal balance between a secure network environment and convenience. As bad actors continue to proliferate across the internet, we have watched our peers in higher education strengthen their security postures. It’s time we do the same.

Starting on July 1, 2025, we will be disabling the “Remember Me” feature of Cisco Duo. Once this change is implemented, users will need to complete second-factor authentication each time they connect to one of the University’s single sign-on (SSO) services. While the “Remember Me” feature offers convenience, it introduces significant risks. For example, if a device with “Remember Me” enabled becomes compromised, an attacker could gain unrestricted access to sensitive data and applications. Additionally, because “Remember Me” relies on internet cookies, those files can be stolen from a device and used to access user accounts. For these reasons and more, cookie-based authentication is being phased out as a security standard.

Additional information will be shared as we approach the July 1 change.

Last week, OIRT (Office of Information Resources & Technology) conducted a phishing simulation as part of our ongoing cybersecurity awareness training. These simulated emails were designed to help employees recognize and respond to potential phishing threats. The test was comprised of five unique emails sent out in equal distribution to all Staff and Faculty.

Overall, results fell short of prior performance and expectations. While many employees eventually recognized the emails as phishing, few correctly reported them. If you sent an email to UTAC or contacted UTAC directly, that was incorrect. If you emailed another individual, that was incorrect. If you deleted the email but took no further action, that was also incorrect. If you clicked on the red shield Report icon in Outlook or Outlook on the web, or used the Report text option from the mobile dropdown on your cell phone—congratulations! You helped the university identify and stop a potential phishing scam.

All instances where a member of the community did not recognize the phishing email and entered the requested data came from one of two test emails that appeared to come from a trusted source whose name was spoofed. This is an extremely common tactic used by bad actors. Read the information below to improve your skills in identifying and reporting phishing and “quishing” (QR code-based phishing) emails. Our community is the first line of defense in protecting the university—and the first line of attack for cybercriminals.

How to Identify Phishing Emails

To protect yourself and university data, always be on the lookout for these common phishing red flags:

✅ Suspicious Sender – Check the email address carefully; cybercriminals often use addresses that look similar to legitimate ones.
✅ Urgent or Unusual Requests – Be cautious of emails pressuring you to act quickly, such as changing passwords, verifying accounts, or sending sensitive information.
✅ Unexpected Attachments, Links, or QR Codes – Hover over links before clicking to verify the destination. Be extremely cautious with emails containing QR codes—scanning a malicious QR code could lead you to a phishing site or trigger a malware download.
✅ Poor Grammar & Formatting – Many phishing emails contain spelling errors, odd formatting, or unprofessional language.
✅ Mismatched URLs – A hyperlink might display one address but direct you to another. Always double-check URLs before clicking.
✅ Unfamiliar Login Pages – Never enter your FDU network credentials (username and password) on any site not affiliated with the fdu.edu domain. Always ensure you’re logging into official FDU services. If you’re unsure, contact UTAC before proceeding.

What to Do If You Suspect a Phishing Email

• Do not click any links, scan QR codes, or download attachments.
• Do not reply to the sender or provide any personal or company information.
• Report it – Follow the reporting instructions provided on this IT webpage:

Ongoing Phishing Simulations – Stay Vigilant
Phishing tests are mandated by law at least twice yearly. OIRT conducts phishing simulation tests throughout the year to help ensure employees remain aware of potential cybersecurity threats. Phishing attacks can happen at any time, so always stay alert, especially when receiving emails that request sensitive information.

Additional Training for Phishing Simulation Participants
Any users who failed the phishing simulation by clicking on a malicious link, entering credentials, or otherwise engaging with the simulated phishing email will be invited to take additional cybersecurity training. This training is intended to build awareness and strengthen our overall security posture. If you receive an invitation, complete the training as soon as possible.

Cybersecurity is a shared responsibility, and your vigilance helps keep our organization safe.

As part of our previously announced Unified Communications backend platform update, OIRT will be performing a firmware upgrade of our Cisco phones on Friday morning, March 28 between 1:00 AM and 5:00 AM Eastern. At staggered times throughout this window, each phone will reboot and be unavailable for approximately 5 minutes. This work is scheduled outside of business hours to minimize impact to the community.

As part of our previously announced Unified Communications backend platform update, we will be upgrading the University’s softphone application from Cisco Jabber to Cisco’s newer softphone application, Webex Calling.

In the coming weeks, users with FDU-owned Windows and macOS computers will notice a new Webex icon on their desktops. Although this icon will eventually be used to access Webex Calling, softphone users should continue using Jabber for now. The new software is being installed well in advance to ensure a seamless transition. Once we are ready for the community to switch from Jabber to Webex Calling, we will send an additional communication with further instructions.

OIRT will migrate the Unified Communications system to a new backend platform at the end of May. Preparation for this deployment is underway, and additional information will be shared with the community once details are finalized.

Starting around May 1, 2025, there will be a temporary freeze on moves, additions, or changes to phone lines. Phone system requests submitted via samisupport.fdu.edu during this period will be delayed until the migration is complete.