Center for Information Technology Services posts displayed by tag


Online Security Awareness: Watch Out for Phishing Attempts

Phishing is a method of obtaining sensitive information, such as usernames and passwords, Social Security numbers, and banking information, for malicious reasons by disguising an electronic communication as coming from a trustworthy person or organization. The malicious person “fishes” for a victim to perform an action by “baiting” the victim with what appears like a legitimate and trustworthy email or instant message. The victim often is directed to enter their information into a fake website that looks identical to a legitimate one. Communications purporting to be from social media websites, auction sites, banks, online payment processors, or information technology administrators are often used to lure victims. Phishing emails may contain links to websites that are infected with malware.

The best way to protect yourself, your family, and the University is to make sure everyone is aware of what phishing attempts look like. Generally, phishing attempts implement social engineering and fear tactics  to get you to become a victim. Also, if the offer seems too good to be true, it probably is. You always should thoroughly examine any email asking for confidential information, especially of a financial nature. Many phishing scams have obvious signs of fraud such as poor spelling or grammar. And, lastly, if you are unsure about a message, try calling the sender or visiting its website without clicking on links or attachments in the message by searching for it online or typing its website directly into your browser. Never reply to the phishing attempt, as you would be confirming to the criminal that your email address is valid and you are reading your messages.

If you think an email or instant message on your work computer is a phishing attempt, you should notify Campus Security and Compliance at and/or your school/departmental IT staff. You may not be the only one to receive the phishing attempt, and sharing with others may stop them from falling victim. Also, you can forward suspected spam emails to

If you have become a victim and disclosed your username or password, immediately contact Campus Security and Compliance at so that we can disable your account to prevent unauthorized account access. Acting quickly could stop the criminals before they have a chance to hijack your account.

Fred Smith Technology, University LifeOctober 19, 20170 comments
Read More

Multi-Factor Authentication Coming for Office 365

Multi-factor authentication (MFA) is being rolled out for Office 365 this fall as a means to provide extra cyber security and guard against phishing attacks.

At UMB, we will be transitioning to an approach that allows you to use a mobile device in addition to your UMID and password to achieve a significantly higher level of security and almost entirely negate the risk associated with phishing and similar attacks.

In the coming weeks, the Center for Information Technology (CITS) will hold a series of demonstrations on how to register your MFA device and how to sign on to and interact with Office 365.

Go to the CITS web page on MFA for a regularly updated schedule of these demonstrations and more information about multi-factor authentication.

Joe Dincau TechnologySeptember 18, 20170 comments
Read More

Want to learn about Office 365 but are short on time?

If you have been unable to attend one of the instructor led Introduction to Office 365 classes but are eager to learn more about Office 365, OneDrive and Skype, you’re in luck! Three short videos have been created that cover the three primary Introduction to Office 365 topics.

The videos cover:

  • Introduction to Office 365 and OneDrive
  • Introduction to the Office 365 Portal
  • Introduction to Skype

These introductory videos are located on the MicroSoft Office 365 site and run approximately seven to nine minutes each. As Office 365 and OneDrive are the future of UMB, we encourage you to either attend a live training session or view these videos to learn more about these great tools!

Sarah Steinberg Collaboration, Education, TechnologyAugust 15, 20170 comments
Read More

SharePoint – What It Is and Why You Want to Use It

SharePoint Online is now here at the University of Maryland, Baltimore. Not sure what it is? Keep reading!

What Is It?

SharePoint is another tool in the Office 365 tool kit that continues to provide flexibility and facilitate collaboration. It enables departments, schools, and project members to securely share and collaborate with other faculty, staff, and students. With SharePoint, you can create collaborative websites that can be used to share files, assign tasks, start blogs, calendars, manage workflows, etc. from anywhere — at the office, at home, or from a mobile device. As with OneDrive, SharePoint is also HIPAA and FERPA compliant and University approved.

What Are the Benefits?

There are many great benefits. SharePoint can help improve communications, collaboration, reduce paperwork and manual processes, and safely store and share information within your department, school, and project. Specific benefits include:

  • Accessibility and flexibility: SharePoint Online is a cloud-based service so it is easily accessible to all UMB users both on and off campus by using a browser and logging into Office 365 or from your mobile device by using an app.
  • Microsoft programs: It is closely integrated with many other Microsoft programs that you use and are familiar with such as Word, Excel, PowerPoint, and Outlook as well as many new programs that will help create and automate business processes and tasks you do regularly.
  • Collaboration: It is a great tool to improve collaboration by sharing documents, creating and assigning tasks, using lists to track requests/information, sharing calendars and timelines, discussing topics, using a discussion board or newsfeeds, creating alerts and notifications, and much more.
  • Security: Content within SharePoint is securely stored using a Microsoft managed cloud environment. It is HIPAA and FERPA compliant. Security and permissions can be set at a site, folder, document, and item level.

Why Should I Use SharePoint?

A prime use for SharePoint is file sharing for teams and departments. But it’s more than that –

  • In addition to file storage, SharePoint offers context. It automatically provides version history for every Microsoft file so that you know what was changed, when, and by whom. Using the version history, you have the ability to revert to an older version. There is also the ability to set alerts for specific documents or folders. Anytime a change is made, you can be alerted.
  • New tools – newsfeed, discussion boards, calendars, lists, tasks, etc. – they allow for the team to share and access information and communication whenever and however they want, and ensure that everyone sees the same information.

In essence, every team and department can use their SharePoint site as an intranet – a one-stop shop to share information, calendars, and files. Especially for department/teams who may not all be in one physical location – by using SharePoint, everyone has access real-time to all the same information. It’s NOT just file storage! It’s information storage.

SharePoint enables you to gain so much flexibility and accessibility. To help you, the Enterprise Training Group provides both training opportunities and resources. Please visit the Office 365 website for information.

Sarah Steinberg Collaboration, TechnologyAugust 9, 20171 comment
Read More

What is OneDrive?

OneDrive is our new, secure, and universally accessible storage location for all your work files. OneDrive utilizes both encryption and data loss prevention techniques to protect all data. As such, the University has approved OneDrive to store all data including those with FISMA, HIPAA, or FERPA requirements.

However, OneDrive offers a lot more than just file storage! It’s an integral part of Office 365 and by using OneDrive, you can:

• Access your files securely from anywhere
• Share files with others
• Work on Office documents with others at the same time

OneDrive offers you – FLEXIBILITY!

Once your files are in the OneDrive, you can access them from any computer or mobile device that has internet access. If you’re at a meeting across campus, at home, traveling for work – whatever the scenario – you access your files by using either the Office 365 portal or the mobile app.

OneDrive provides strong data protection so you can be sure that your files are safe and secure no matter where you’re accessing them from.

If you need a colleague to review a file, by using the “Share” feature, they can view and update the file that is in your OneDrive – their changes will automatically appear in your file. No need to email a file back and forth.

You can also be in the same file as your colleague and both make real-time updates!

By using OneDrive to securely store your files, you gain so much flexibility and accessibility! To help you, the Enterprise Training Group provides both training opportunities and resources. Please visit the Office 365 website for information:

Sarah Steinberg Collaboration, TechnologyJuly 21, 20171 comment
Read More
Quantum Financials

The Voters Have Spoken!

We have a winner! UMB’s new financial system will be known as Quantum Financials. The name was submitted by Chiradeep Mukherjee, enterprise wide application specialist in administration  and finance.

Chiradeep’s entry also included a tag line, which inspired the contest team to create one for the new name as well: Quantum Financials | A leap forward. Transforming systems. Empowering people!

Dawn Rhodes, CFBO and VP, commented that she likes the image of “leaping forward” with the new system. She continued, “Enhancing and improving UMB’s financial tools and reporting capabilities is one of the primary goals of this project. While development details and tactical project plans are still being finalized, one thing is certain. Many of you will be asked to become involved in the project as we further define, configure, test and deliver Quantum Financials.”

Thanks again to the hundreds of you who participated by submitting an entry and by voting for your favorite. We’ll keep you posted here and other places as we announce more ways to stay involved with this initiative.

Robin Reid Contests, TechnologyJuly 20, 20170 comments
Read More

What is Skype?

Skype is an online meeting space that allows for tele/video conferencing, along with screen sharing and instant messaging (IM). Messaging, meetings, and screen sharing all in one app that works with Office. What exactly does this mean?

  • Tele/video conferencing – a basic “Skype call” allows you to have a meeting online. When using a headset, you’ll be hands free and there is no need for speaker phone. The audio is very clear and if you want to use video too- you can!
  • Screen sharing – while in a Skype call, a great feature is the ability to screen share. This can be to share information with everyone in the meeting (perhaps the meeting agenda, or a file containing important data that everyone should see), or it can be to troubleshoot computer problems.
  • Instant Messaging (IM) – allows you to send a quick message to other UMB employees. It’s quicker than e-mail or making a phone call and a Skype pop-up box appears on the recipients computer screen so that they can’t miss it.

We encourage you to access and start using Skype! It can make communicating with your fellow co-workers a lot easier and quicker. To help you, the Enterprise Training Group provides both training opportunities and resources. For more information, please visit the Office 365 website.

Sarah Steinberg Collaboration, TechnologyJuly 6, 20170 comments
Read More
One Drive

What is OneDrive?

At it’s very simplest, OneDrive is our new, secure, and universally accessible storage location for all your work files.

However, OneDrive offers a lot more than just file storage! It’s an integral part of Office 365 and by using OneDrive, it also allows for:

  • Accessing your files from anywhere
  • Sharing files with others
  • Work on Office documents with others at the same time
  • In a word – FLEXIBILITY!

Once your files are in the OneDrive, you can access them from any computer or mobile device that has internet access. If you’re at a meeting across campus, at home, traveling for work – whatever the scenario – if you need to access your files, you can use either the Office 365 portal or the mobile app.

If you need a colleague to review a file, by using the “Share” feature, they can view and update the file in your OneDrive – their changes will automatically appear in the file. No need to email a file back and forth!

You also can be in the same file as your colleague and both make real time updates.

By using OneDrive to store your files, you gain so much flexibility and accessibility. To help you, the Enterprise Training Group provides both training opportunities and resources. Please visit the Office 365 website for information.

Sarah Steinberg Bulletin Board, Collaboration, Education, People, Technology, University AdministrationJune 28, 20170 comments
Read More
Multifactor Authentication

Multifactor Authentication Is Coming

UMB’s computing environment requires a high level of security to ensure the privacy, integrity, and confidentiality of the data that reside in its systems.

The UMID and Password

During the last 10 years, the UMID and password have developed and served as a common credential to gain access to systems and services at the University. This authentication strategy has greatly improved the computing services user experience. However, with the growth of cyber threats and attacks, and the attempts to convince individuals to reveal their credential, known as phishing, the computing industry recognized the need to develop a technology to address this problem.

Multifactor Authentication (MFA)

An approach was devised to leverage multiple verification methods and to no longer rely only on a single credential. The combined strength of these multiple factors of authentication create a confidence or level of assurance that the person accessing the system is the appropriate individual.

At UMB, we will be transitioning to a MFA approach that allows users to use a mobile device in addition to their UMID and password to achieve a significantly higher level of security and almost entirely negate the risk associated with phishing and similar attacks.


The Center for Information Technology Services (CITS) has been preparing the computing environment for the implementation of this new technology since last year. CITS also has been coordinating with each school and department to plan the implementation of MFA across the campus.

The first phase of this roll-out will cover the systems that contain the University’s most sensitive data and the users that can access those data. As each of these systems are integrated with MFA, the impacted users will be contacted individually with relevant timelines and instructions for how to set up and use MFA in their daily computing operations.

For more information on this project, check out the CITS site.

Joe Dincau Collaboration, Education, People, Technology, UMB News, University AdministrationJune 21, 20170 comments
Read More

UMB Not Affected by Worldwide Ransomware Attacks

The University of Maryland, Baltimore (UMB) was not affected by the recent widespread global ransomware attack, called WannaCry.

The attack spread to more than 150 countries and affected approximately 300,000 unpatched computers running Microsoft Windows operating systems. For those affected, the attack locked people out of their computers and demanded ransom payments in order to regain access to the files.

We are members of the Research and Education Network-Information Sharing and Analysis Center (REN-ISAC), based at Indiana University, where security threats are shared among universities in real-time. Our first verified communication of this threat came from the REN-ISAC hours before it was known and reported by the news media.

We quickly took action to check the several layers of protection that are in place for the UMB campus. First, the network port (445) that WannaCry was using to get access to any vulnerable Windows machine was blocked. We blocked this network port many years ago because of its vulnerability to these types of attacks.

UMB has a sophisticated Intrusion Prevention System (IPS) that automatically blocks malicious attacks on our network. Potential threats are eliminated immediately while at the same time, we have IT security personnel monitoring real-time reports of IPS data. We were able to use information from the REN-ISAC, as well as our monitoring software, to determine that the WannaCry attack was not hitting our IPS.

We have a network monitoring system, called our Nessus Security Center, which allows us to scan the UMB network for any vulnerable server or computer. We run scans monthly, and more often when there is a report of threat activity. We apply security patches to servers and computers on a regular basis, and if there is a security patch released by a vendor to address a critical vulnerability, that patch gets applied immediately.

IT security Information is shared on a daily basis with IT professionals across the UMB campus. The IT Security Collaborative working group, comprised of individuals in UMB schools and departments, FPI, UMMS, and CITS, meets on a monthly basis. These monthly IT security meetings focus on information sharing as well as a discussion of activities and solutions for keeping our systems and data secure.

While this attack was a non-issue for UMB, and a relatively low level threat compared to other attacks that we experience on a regular basis, it is another reminder of the value and importance of having a strong IT security plan and program, the need to continue to support IT security as a priority activity, the need to continue to make appropriate investments in security technologies, and the need to continue to remind and educate the campus community that information security is everyone’s responsibility.

If you have any questions about the WannaCry attack or about UMB IT security, please contact the IT Security and Compliance team:

Fred Smith Technology, UMB NewsMay 25, 20170 comments
Read More
Employee of the Month

‘Extraordinary Customer Service’ Earns Jiang May Employee of the Month

Zhewei Jiang, an IT enterprise developer for the Center for Information Technology Services (CITS), made her way up to President’s Office on the afternoon of May 11 expecting to attend a meeting about document management systems. She was joined by Peter J. Murray, PhD, chief information officer and vice president of information technology, and Michael Smith, executive director of administrative apps, for the “meeting.”

When UMB President Jay A. Perman, MD, walked through the conference room doors and introduced himself to Jiang, she was visibly surprised. She politely said it was a pleasure to meet him, to which Perman responded: “It’s more of a pleasure to meet you.” Perman then announced the real reason for the “meeting”: Jiang had been named UMB’s May Employee of the Month.

He detailed positive comments given by other UMB employees about Jiang’s work. That with the help of her supervisor, Jiang has implemented and supported the campus-based ImageNow document management system, which stores over 8 million images. It allows the entire University to digitally scan, route, store, and access important documents while streamlining workflows, enhancing the operational efficiency of multiple schools and departments.

“In addition, your customer service skills are appreciated by your many admirers,” Perman said. “You go out of your way to be helpful, and that is important to me.”

Perman’s positive comments were echoed by others in the nomination form by Jiang’s supervisor, Douglas Bowser, director of enterprise applications.

Jamaica Cosby, assistant director of Human Resource Services (HRS), said, “I cannot thank your team enough for the extraordinary customer service that you have delivered by explaining every step of this process and introducing me to concepts and capabilities that I did not know even existed.” Before ImageNow was implemented, HRS was required to enter every performance evaluation form into a central database manually.

The School of Nursing (SON) also expressed its thanks. “Because of Zhewei, SON has been able to reduce processing time and staff workloads while simultaneously creating an opportunity for SON to provide updates and personalize messages to students and end users,” said Marchelle Payne-Gassaway, MS, director of admissions.

Despite the challenges that ImageNow and other University systems can present, Jiang — who has worked at CITS for five years — enjoys her job. “I’m always working with different schools and different people,” she said. “You’re always learning something new.”

Jiang received a plaque, as well as a $250 addition to her next paycheck as a reward for being Employee of the Month. “This is a great honor. I truly appreciate it,” said Jiang.

Once nearly everyone had left the room, her colleague Smith offered a final salute. “She deserves this. She is very timely and has great customer service skills,” he said.

Jiang was modest in her response. “It’s not just me. I have a great team. Whenever I need support, I can always talk to my team about what I need, and they always respond. We all work together,” she said.

Jacquelyn White People, UMB News, University Administration, University LifeMay 16, 20170 comments
Read More

Beware of ‘Silent Heart Attack’ Symptoms

When asked the symptoms of a heart attack, many at UMB would respond chest pain, shortness of breath, shooting pain in the arm.

But jaw pain? That was a lesson Mark T. Van Ditta, MS, senior enterprise application developer in the Center for Information Technology Services (CITS), learned firsthand recently.

Not recognizing his primary symptom — dental pain — to be an indicator of coronary problems, Van Ditta experienced what is called a “silent heart attack” and did not realize it until weeks later.

Now after open-heart surgery and back to work in CITS, where he has worked for the past 15 years as a systems professional, the past three managing the technical side of student information systems, Van Ditta is eager to tell his story so that others can protect themselves, too.

An active 55-year-old, Van Ditta spends lots of his free time biking, lifting weights, and trying to eat healthily, especially in light of his diabetes and low HDL (high-density lipoproteins).

In August, he began to experience jaw pain about five minutes into his bike rides starting with a particularly rigorous outing where he had trouble catching his breath after putting his bike away. At the time, he thought maybe he should consult a dentist.

Days and weeks passed, and still the jaw pain persisted. He Googled his symptoms, which pointed to angina, defined by the American Heart Association as “chest pain or discomfort caused when your heart muscle doesn’t get enough oxygen-rich blood,” oftentimes presenting as jaw pain. Van Ditta’s concern skyrocketed, even though only 10 years prior, he had had a nuclear stress test that showed his heart to be in tiptop shape. But he did appreciate that, as a diabetic, heart attacks often register differently than they do for a “normal” person, so he saw a cardiologist.

Van Ditta describes late September as a blur. In a matter of 10 days, his visit to the cardiologist revealed his heart attack, he had a cardiac catheterization that showed three of his main arteries were blocked between 80 and 95 percent, and he underwent triple bypass surgery.

After five challenging days in the hospital, life slowed down significantly and gave Van Ditta time to reflect on the realization that this condition could have ended his life. The blockage in his left anterior descending artery is often referred to as the “widow maker” because many people do not survive this extensive obstruction.

Van Ditta reflects, “The first thing I remember when I woke up was a nurse asking me to cough. Cough, I thought? I cannot even breathe!”

Undeniably, Van Ditta admits that an experience like this changes a person. He now has a mission to spread the word about the silent killer. In September before his surgery he sent a letter to the Office of the President that read in part: “It would mean a lot to me if Dr. Perman would take time to mention the signs and dangers of silent heart attacks in one of his future newsletters. … I ignored the signs that I had experienced a silent heart attack for six weeks because I did not experience the textbook symptoms of a heart attack.”

Those symptoms include:

  • chest pressure/heaviness
  • shoulder, arm, neck, jaw, and/or back pain
  • shortness of breath
  • sweating
  • extreme fatigue
  • dizziness
  • nausea

“If you do not pay attention to the symptoms,” Van Ditta adds, “you could follow in my footsteps or fare worse. I finally felt relief when my 16-year-old twin daughters were able to see me up and moving again. It was scary for all of us!”

Dana Rampolla Bulletin Board, Education, People, University LifeDecember 13, 20160 comments
Read More

Check Your Devices for Malware

You have probably been told the importance of checking your computer, phone, or tablet for malware. This should be done regularly if you use the Internet (and who doesn’t?).

Where do you get reliable and inexpensive tools to do security checkups on your devices? CITS to the rescue! Visit the CITS News Article to see all of the links to free security checkup tools offered by reputable security vendors.

Kathryn Heilman Bulletin Board, TechnologyDecember 2, 20160 comments
Read More

New CITS Policy on Media Disposal

There has been an extensive update to the UMB Policy on Disposal of Media Containing Data.

The policy now addresses new technology concerns and provides a consistent form to address custody of media containing secure data during the disposal process. Please address questions to the chief information security officer of CITS. Formal procedures forthcoming.

Shannon Wrenn Bulletin Board, UMB News, University AdministrationNovember 16, 20160 comments
Read More