New Year, New(ish) IS Resources

Happy New Year K Community!

To kick off 2023, here are some new and some not so new IS resources that will come in handy throughout the quarter.

As always, if you need to connect, please feel free to send us an email at HelpDesk@kzoo.edu or stop by the Help Desk in the Upjohn Library Commons (located on the first floor to the right of the grand staircase). We’re open Monday – Friday: 8:00 a.m. – 5:00 p.m. with Student Computer Consultants available during some off hours.

Community Member Pages

Looking for resources depending on whether you’re a student, faculty, or staff member? If so, select the page that relates to you:

New Employees

Did you know there are resources for supervisor’s hiring new employees and onboarding tips for new employees? Check them out:

Partner with IS

K faculty and staff are supposed to consult and partner with IS when considering any technology hardware; software; services; and any cloud or externally hosted systems. It’s true!

Learn how to get started:

Scheduled Maintenance

You can count on Information Services regularly performing upgrades and maintenance Thursday evenings from 5:00 p.m. to 7:00 p.m. During this time you can expect a brief VPN disruption.

Note: IS may not publish a weekly scheduled maintenance post if systems do not directly affect the campus community.

Subscribe to our Posts

Did you miss the latest IS announcement? Subscribe to receive our posts directly to your inbox!

Cybersecurity Awareness Month – Phishing

This week’s post for Cybersecurity Awareness Month covers Phishing.

What is Phishing?

According to the National Cybersecurity Alliance, phishing is “a form of social engineering by which cyber criminals attempt to trick individuals by creating and sending fake emails that appear to be from an authentic source, such as a business or colleague.” Some phishing tactics used by criminals include:

  • Forging a message from a financial institution, claiming you’ve been a victim of fraud
  • Impersonating a supervisor, asking for help with a task
  • Claiming to be a delivery company, alerting you to a problem with a package

When you see these sorts of messages, it’s important to be vigilant.

How do I know if the message is fake?

Some red flags include:

  • Email structure
    • The sending email address doesn’t match the company it’s coming from
    • Poorly-crafted writing with misspellings, and bad grammar
    • Greetings that are ambiguous or very generic
    • Language that’s urgent, alarming, or threatening
  • Requests
    • Strange or abrupt business requests
    • Requests to send personal information
    • Urgency to click on an unfamiliar hyperlink or attachment
  • Offers
    • Contains an offer that’s too good to be true

See a Phishing Email? Here’s what to do…

  1. Pat yourself on the back for recognizing that an email is fake and part of a phishing scam.
  2. Report the phishing message through Outlook by selecting the Junk option in the top ribbon and then Report as Phishing option. If you’re using the web version of Outlook, simply right click on the preview of the phishing email, hover over Report and select Report Phishing.
  3. Not sure? Ask the Help Desk!

Suggested Articles from your IS Team

The content on this page was adapted from the National Cybersecurity Alliance’s information on phishing.

Subscribe to our Posts

Did you miss the latest IS announcement? Subscribe to receive our posts directly to your inbox!

Cybersecurity Awareness Month – Multi-Factor Authentication

This week’s post for Cybersecurity Awareness Month covers Multi-Factor Authentication.

What is MFA?

An authentication factor is a way for a person to identify oneself to a computer. Multi-Factor Authentication (MFA) means using more than one factor to prove to a computer that you are who you say you are. Typical authentication factors come in three types:

  • Something you know (like a password or PIN number)
  • Something you have (like a phone or ID card)
  • Something you are (biometrics like a fingerprint or facial recognition)

You probably use MFA all the time: when you use an ATM, you use a debit card (something you have) with a PIN (something you know). When someone checks that your face matches the picture on your driver’s license, they’re authenticating you with two factors.

How does MFA help?

According to Microsoft, 99.9% of account compromise attacks can be stopped with MFA. When you use MFA, a cybercriminal who wants to use your account will face a much greater challenge. If your password is compromised but a second authentication factor is required to sign in, a criminal using your password will not be able to authenticate as you. Visit the National Cybersecurity Alliance MFA page for more information.

Where should we use MFA?

You should use MFA with any service that stores sensitive information. These include:

  • financial sites (like your bank, credit card company, or investment account)
  • social media (like Facebook, Instagram, TikTok)
  • email (like Gmail or Hotmail)
  • your Kalamazoo College network account

MFA is required for all students, faculty, and staff, and more information can be found at our Multi-Factor Authentication page.

Subscribe to our Posts

Did you miss the latest IS announcement? Subscribe to receive our posts directly to your inbox!

Cybersecurity Awareness Month – Passwords and Password Manager

This week’s post for Cybersecurity Awareness Month covers habits relating to passwords and password managers. To be cybersecure:

1. Create passwords with these three principles

  • Long – All passwords should be at least 12 characters long.
  • Unique – Never reuse passwords and create unique passwords for each account.
  • Complex – Use a combination of upper and lower case letters, numbers, and special characters.

Remembering passwords and following these principles may sound hard, but there’s a better way…

2. Use a Password Manager

Password managers make it easy to use passwords that are long, unique, and complex. They save time, work across all your devices and operating systems, and can alert you when a password has become compromised. Visit the National Cybersecurity Alliance password managers page for more information including password manager options you can use to be more secure.

3. Know When to Change your Password

As reported by the National Institute of Standards and Technology it is no longer recommended to change your passwords every few months. For personal accounts we recommend focusing on creating long, unique, and complex passwords. Should you become aware that an unauthorized person is accessing an account or a password was compromised in a data breach, change your password immediately. Please note that as part of our process at Kalamazoo College, we require users to change your KNET password periodically; however, there may be a change to this process in the future.

The information on this page was adapted from the National Cybersecurity Alliance’s passwords and NCSAs password manager page.

Subscribe to our Posts

Did you miss the latest IS announcement? Subscribe to receive our posts directly to your inbox!

Cybersecurity Awareness Month – Oct 2022

cybersecurity awareness month logo.

Did you know that October 2022 marks the 19th Annual Cybersecurity Awareness Month?

To spread cybersecurity awareness, this month IS will be sharing key behaviors we can all adopt to be more secure. Read our posts each Friday for the month of October to learn more.

About Cybersecurity Awareness Month

“The National Cybersecurity Alliance launched Cybersecurity Awareness Month in partnership with the U.S. Department of Homeland Security in 2004. The campaign is a strong collaboration between government and private industry to raise awareness about online security” (National Cybersecurity Alliance). You can learn more about the month and other cybersecurity initiatives on the National Cybersecurity Alliance website.

Habits to adopt:

Throughout the month of October we will be sharing more detailed information on the following habits:

  1. Using strong passwords and a password manager
  2. Enabling multi-factor authentication
  3. Recognizing and reporting phishing
  4. Complete required and offered cybersecurity trainings offered by IS

Subscribe to our Posts

Did you miss the latest IS announcement? Subscribe to receive our posts directly to your inbox!

Welcome! – Fall 2022

K Students, Faculty, and Staff,

Welcome, welcome, welcome! Whether it is your first or last year at the College, the Information Services (IS) team is here to help you get ready for the new academic year. To start the quarter off right, please review the list of common resources available to you.

If you need to connect, please feel free to send us an email at HelpDesk@kzoo.edu or stop by the Help Desk in the Upjohn Library Commons (located on the first floor to the right of the grand staircase). We’re open Monday – Friday: 8:00 a.m. – 5:00 p.m. with Student Computer Consultants available during some off hours.

Student Tools

  • Hornet Hive – The Hornet Hive is the campus hub for announcements, event listings, and links to campus web resources.
  • Office 365 – Free access to Office 365 which includes Word, Excel, PowerPoint, OneNote, Sway, Teams, Stream, and online file storage space in OneDrive.
  • Moodle – Where you can access instructor course materials, your grades throughout the quarter, and more.
  • Printing – Information on standard laser printing, color and large format/poster printing, 3D printing, printer locations, cost, print credits allotments, and how to set up wireless printing.
  • Connecting to the Internet – See our instructions for using the eduroam network! Setup takes a few minutes, but it will work all year, all over campus, and at other campuses all over the world.

Visit the Student Tools page for more resources and student IS news throughout the year.

Faculty Tools

  • New Employee IS Resource List – Are you a new employee and need a starting point on the IS resources available to you? Check out the new employee IS resource list!
  • Moodle Help– Information on requesting a course and getting help with our course management system.
  • Office 365 – Links to Office 365 training and documentation by Microsoft.
  • Phone Services – Quick guides on how to use your office phone along with phone line troubleshooting.

Visit the Faculty Tools page for more information on other resources to utilize throughout the year.

Staff Tools

  • New Employee IS Resource List – Are you a new employee and need a starting point on the IS resources available to you? Check out the new employee IS resource list!
  • Office 365 – Links to Office 365 training and documentation by Microsoft.
  • Department Printers – Learn where to purchase printer cartridges and how to get printer repairs
  • Phone Services – Quick guides on how to use your office phone along with phone line troubleshooting.
  • Colleague – For users that need information on our campus administrative system.

View the Staff Tools page for more information on other resources to utilize throughout the year.

Additional Resources Worth Mentioning

  • Register an Entertainment Device – Do you have an entertainment device such as a console to use on the Kalamazoo College network? Check out the Register a Device page to follow the required steps and complete the Device Registration form.
  • Wi-Fi Issues
    • Visit the Wi-Fi troubleshooting page to assist you in resolving your issue. Please attempt all troubleshooting tips that apply to your circumstance before completing a report.
    • Due to the complexities of Wi-Fi-related problems, specific details are needed to help resolve Wi-Fi related issues. You must provide the following in order to submit a Wi-Fi Outage Report.
List of Information to Complete the Wi-Fi Outage Report Form
  • Name
  • The wireless network you were attempting to connect to
  • Screenshot of the error you encountered, or the exact error message as displayed on your device
    • Note: A full screenshot of the error you are encountering is the most reliable way we can assist in resolving your issue
  • Date of occurrence
  • Time of occurrence
  • Location of occurrence
  • If this issue has happened elsewhere on campus. If so, the location(s) it has occurred
  • If the device was able to connect successfully in any other locations on campus. If so, the location(s) it has been successful
  • Type of device experiencing the issue
    • Note: If you are using a device running on Android 10 or iOS 14 you will need to disable MAC randomization on your device first. See the Wi-Fi Troubleshooting section for instructions.
  • MAC Address – If you are unsure where to locate your MAC Address please see, How to Find Any Device’s IP Address, MAC Address, and Other Network Connection Details article by How-to-Geek.
  • If there were any other apps running on the device while the issue was experienced. If so, which apps.

Information Services Unavailable: Thursday, August 25 from Noon – 4 p.m.


The Information Services Team will be unavailable on Thursday, August 25th from 12 – 4 p.m.

The Upjohn Library Commons building will be closed during this time.


Divisions and services that will be unavailable include:

  • Library (online services such as databases and the library catalog will still be available)
  • Help Desk
  • Media Services
  • Center for New Media Design
  • Systems and Networking
  • Administrative Computing
  • Web Services

Congratulations Class of 2022!

Congratulations Class of 2022!


Your graduation is the first of many proud, successful moments for you. To be of assistance to you, we would like to share important information relating your Kalamazoo College network accounts as you transition into an alum.

Your Network Account

Now that you have completed your course of study at K, you may retain your network account for 10 months after the end of your course of study (graduation, completion of a year as a visiting international student, or completion of the engineering 3/2 program).

Information Services will also send reminders in the months and weeks approaching the end of this period. Please note that your accounts and associated electronic files are then permanently deleted after this 10 month period.

Departure Checklist

Email

  • Review Emails – Be sure that existing emails are reviewed and addressed appropriately. This may mean forwarding emails to a personal account or exporting emails to an external file.
  • Update Subscriptions and Services – If you have services or subscriptions (social media, streaming services, etc.) connected to your kzoo.edu email account, you’ll want to update those services and subscriptions to use a different, personal email address of yours.
  • Contacts and Info – Review information in your email contacts and copy any necessary information before the 10 months is up.

Network Files

  • M: drive – If you’re still on campus and used your M: drive, review files there and delete, move, or copy them as appropriate.
  • Review Files and Folders – Review files in individual OneDrive folders and delete, move, or copy them to others as appropriate.
  • Make Succession Plans – Think about any clubs or organizations you might belong to, and make succession plans with next year’s leadership by reviewing files in other personal cloud based storage (e.g. Google Docs, Dropbox). Be sure to delete, move, or copy them to others as appropriate.
  • Note – Please note that you will no longer have access to Microsoft Teams through K.

Alumni Email Forwarding

Kalamazoo College offers a lifetime e-mail forwarding option to its alumni. All email forwarding addresses are in the format “firstname.lastname.classyear@alumni.kzoo.edu.” To sign up, please complete the Email Forwarding Signup form.

For additional information, please contact the Office of Alumni Engagement at 269.337.7300 or alumni@kzoo.edu.

Frequently Asked Questions about MFA

If your question is not listed below, please contact the Help Desk (helpdesk@kzoo.edu, 269.337.5800), or visit us in the Upjohn Library Commons, room 117.

Basics

What is MFA?

Multi-Factor Authentication (MFA) means using more than one key (e.g. password) to log on to a given service. You are probably familiar with MFA if your bank sends you a text message when you log in.

How does MFA work?

MFA protects your account and protects Kalamazoo College because when you sign in, you prove your identity in two ways: with something you know (a password) and something you have (usually a phone).

How do I get started?

Got one minute? Use this link and add your cell number to confirm your logins via text message: https://aka.ms/MFAsetup. Got two more minutes? Continue at that link and set up the Microsoft Authenticator app.

Implementation

Why is K implementing MFA?

MFA is a standard practice at most colleges, universities, and businesses that allow access to protected information. It helps protect personal and institutional information from theft, cyberattack, and ransomware. Additionally, K must implement MFA by July 1, 2022 to renew our cybersecurity insurance. Use of MFA will be required for all who use K’s Office 365 apps.

What’s the timeline for implementation of MFA?

All students completed MFA enrollment by May 27. The deadline for staff was June 3, 2022. The deadline for faculty was June 17, 2022.

My email stopped working; what do I do?

After enabling MFA on your account, some users find that their email stops synchronizing on their phone. It’s easy to fix: just remove your email account from your phone and re-add it. You can use our instructions for Connecting Email to a Mobile Device.

Day-to-Day

What applications will use MFA?

We are implementing MFA for all Office 365 apps (like email, Teams, Word, etc.). Notably, this list does not include signing into Windows itself, nor does it include Moodle or HornetHQ.

Briefly, Office 365 applications are Microsoft Forms, Microsoft Teams, Office 365 Exchange Online (our email), Office 365 SharePoint Online (including apps that depend on SharePoint online, like OneDrive, Word, Excel, PowerPoint). 

How often will I have to use MFA?

You should expect to see prompts to authenticate with MFA about once every 90 days.

What if I reboot my computer?

Rebooting your computer does not sign you out of the apps on your computer. You should not expect a reboot to trigger an MFA prompt.

What about Colleague? What about VPN?

MFA for Office 365 apps does not change how you will use Colleague or VPN. Continue to use these services as before.

What about my tablet?

You may choose to install the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android on a tablet, and use it in addition to (or instead of) a mobile phone. If you use Office 365 apps on your tablet, you may find it convenient to have the Microsoft Authenticator app on your tablet. Having the Microsoft Authenticator app on a tablet in addition to a phone is a good idea, so you can use your tablet to authenticate in case you get a new phone or new phone number.

What authentication method is recommended for MFA?

Information Services recommend that you add your mobile phone as your authentication phone. For your primary authentication method, we recommend the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android. It’s easier, quicker, and more secure than text messages.

Should I register more than one device for authentication?

Yes; Information Services recommends you add at least two authentication methods. For most folks, it makes sense to add a mobile phone and the Microsoft Authenticator app. It’s smart to add another method (like the Microsoft Authenticator app on a tablet) as a backup.

If I use Office 365 apps on multiple devices, do I need Microsoft Authenticator on each device?

No. You only need to download the app on one device to be able to authenticate using the Microsoft Authenticator app. For instance, when you log into Teams on a laptop, you can confirm the logon with the Microsoft Authenticator app on your mobile phone. It’s smart to add the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android to a second device, in case you have problems with your main device.

Special Circumstances

What if I work at K and I forget my mobile phone at home?

If you have a phone in your office, we suggest you add your office phone as an authentication factor, in case you need to use MFA on a day when your mobile phone is not with you.

What if I’m traveling internationally? What if I don’t have signal or data?

We suggest you download and configure the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android before you leave. With it you can sign in without receiving a text message. If your phone is connected to the Internet, you can approve sign-ins via notifications. If your phone is not connected to the Internet, the Microsoft Authenticator app can still generate codes that you can use for authentication.

What if I get a new phone number?

If you have configured a second authentication factor (like the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android) you can add your new number (even an international number) at https://aka.ms/mfasetup. You should then remove your old number if that number will not be in your control. If you have already gotten a new phone number and did not previously configure a second authentication factor, please contact the Help Desk.

What if I move my number to a new phone?

If you move your phone number to your new phone, you will continue to receive text message verification messages to that number on the new phone. We recommend you add the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android to your new phone as well.

What if I get a new phone and new number at the same time (like on study abroad)?

If you will get a new phone and new phone number at the same time (perhaps upon arrival in a study abroad location), the transition will be straightforward if you bring an existing authentication factor with you (like your old phone, or a tablet to which you’ve added the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android). You can add your new number for text verification at https://aka.ms/mfasetup, and approve the sign-in with your existing authentication factor. For example:

  1. Before leaving to get a new phone and new number, add the Microsoft Authenticator app to your old phone (you could also add the app to a tablet and bring that). This will be your existing authentication factor.
  2. Bring the existing authentication factor with you when you get your new phone
  3. When your new phone number is ready to receive text messages, visit https://aka.ms/mfasetup to add your new phone number as an authentication factor.
    • When prompted, approve the sign-in as normal. If you can’t receive a push notification to the app on your existing authentication factor, you can choose to use a verification code. To get this code, open the Microsoft Authenticator app on your existing authentication factor, and tap the entry with your kzoo.edu email address. Use the one-time password code here to approve the sign-in.
  4. When your new phone number is added as an authentication factor, be sure to get the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android for simpler, more secure sign-ins.

Additional MFA Questions

Please contact the Help Desk (helpdesk@kzoo.edu, 269.337.5800), or visit us in the Upjohn Library Commons, room 117 for additional questions.