Important Notice: Phasing out LDAP for Azure Authentication

The Office of Information Technology is phasing out the use of Lightweight Directory Access Protocol (LDAP) for authentication purposes by the end of 2024. Instead, we are transitioning to more secure and efficient solutions provided by Microsoft, specifically Azure Authentication and Microsoft Entra ID (formerly Azure AD).

What does this mean for you? If you manage a departmental application and that application currently uses LDAP for authentication, please note that it will soon be deprecated. As such, we kindly ask all application owners and support teams to begin the migration process to Azure Authentication or Microsoft Entra ID as soon as possible.

While OIT will handle the migration of authentication systems at the infrastructure level, the responsibility of migrating individual applications to the new authentication protocols will fall upon the respective application owners and support teams. We understand that this may require some effort and coordination, and we are here to assist you throughout the transition process.

If you have any questions or require assistance with the migration process, please email the Office of Information Technology’s identity mailbox – iam@ua.edu and someone will reach out to you with assistance.

IT Service Desk’s Enhanced Identification Verification Process

In our ongoing commitment to maintaining the security and confidentiality of sensitive information, the IT Service Desk is implementing an enhanced identification verification process. Effective immediately, we will be utilizing IDVerse, a trusted digital identification company, to verify the identities of individuals requesting access to sensitive information or services.

Once the service desk determines they need to verify your identity, you should receive an SMS message from IDVerse. Here’s how the new process works:

Step 1: Take a photo of a government-issued ID. We can verify 16,000+ ID documents in over 220+ countries & principalities and process 142 languages & typesets.

Step 2: Take a video selfie. Smile! Low light and poor phone camera quality? No problem. The software can handle extreme conditions. It’s also trained to recognize users of every skin tone, so you can recognize more of the people you want to let in.

Step 3: Authentication. With AI-based document processing, liveness detection, and data verification, the entire process is fully automated and takes just moments to complete—while delivering superior reliability.

We understand that security measures may sometimes seem cumbersome, but they are essential in today’s digital landscape. The steps are very easy to follow, and you will be guided through the process on your phone as it takes place.

Thank you for your attention to this matter. If you have any questions or concerns regarding the new identification verification process, please don’t hesitate to contact the IT Service Desk for assistance.

Stay Sharp While Using AI 

As AI grows in popularity, staying aware of potential risks and challenges associated with these powerful technologies is essential. 

AI undoubtedly provides significant value to daily tasks and research, but it is crucial to exercise caution and diligence when leveraging AI products. The data input into these tools is often used to train future AI models. The saved data poses a risk of accidental release to external parties querying the same tool you are using or simply as a third-party breach risk. Some tools have lenient privacy or security policies that do not sufficiently protect The University’s data or users’ privacy. 

OIT would like to emphasize a few key considerations when using AI tools: 

Consult OIT for Guidance: 

  • In situations of uncertainty or when navigating the complexities of AI integration, please contact the Office of Information Technology (OIT) for guidance by emailing us at itsd@ua.edu. 

Exercise Caution with Your or Someone Else’s Personal Information 

  • Sensitive information should never be entered into AI tools. Examples include your email, CWID, Social Security Number, or medical records. 

Secure Evaluation of Communication Tools 

  • In the case of AI meeting, email, or calendar management tools, use test accounts that lack access to sensitive or restricted information. Third-party tools may utilize meeting recordings or other participant data to train their models or for other purposes, which is why it is important to limit these tools’ access to UA data. 
  • Avoid having meetings where confidential matters are discussed until the tool’s security and privacy features have been thoroughly vetted. 
  • Do not link AI tools to your work email account unless The University has a contract with and is providing that tool. This is crucial to prevent potential breaches of FERPA, HIPAA, and other regulatory requirements. 

Prioritize Software Solutions on OIT’s Website 

  • Before using AI tools online, ensure that The University does not already have a similar solution at oit.ua.edu/software. 

By sticking to these guidelines, we can proactively avoid or minimize risks associated with AI and keep The University of Alabama safe from cyber attacks or data breaches. Faculty should also consult the guidelines provided by Academic Affairs as a resource. As we collectively strive to leverage the benefits of AI, we must prioritize the security and privacy of our data. 

macOS Sonoma 14.3 is Now Available

The University of Alabama’s Office of Information Technology (OIT) is pleased to inform the faculty, staff, and students that macOS Sonoma 14.3 is now available for installation on all OIT-managed machines campus-wide. It is highly recommended to opt for the most recent version for improved performance and security. Before updating, please ensure that you have an up-to-date backup of your data. Users can easily install the update by navigating to “System Preferences,” selecting “Software Update,” and following the on-screen instructions. For any assistance or queries during the installation process, individuals are encouraged to reach out to the OIT Help Desk at ITSD@ua.edu or 205-348-5555.

Xfinity Outage – Tuesday, January 16

A letter from Xfinity –

Dear Residents:

We’re writing to apologize for the service slowdowns and disruptions that occurred last Tuesday on campus. This is definitely not the experience our customers should have. You deserve better, and together, in partnership with your university leadership team, we have put a plan in place to ensure this doesn’t happen again.

As you can appreciate, we continue to deal with irregular weather patterns which have a direct impact on utility services across the board – cable and internet included. The extreme cold temperatures we all saw over the past several weeks severely damaged our network and caused the issue. Again, we can do better…and we are!

We’re taking steps to prevent an issue like this from happening again and to make sure that even in  adverse weather or if there’s damage to our network, your Wi-Fi service will remain at full strength.

We’re committed to providing excellent service on campus and making sure you have what you need to meet your academic and personal connectivity needs.

If you have any issues regarding your WiFi, please contact us using the Xfinity Assistant Live Chat at xfinityoncampus.com. You will be connected with a real Xfinity representative. If you’re unable to use the real-time chat support, [please call 833-455-2678.

Email Forwarding

The University of Alabama has a policy in place to ensure the security of its digital communications and data. The policy requires adherence to the minimum security standards, which state employees, contractors, and non-student affiliates are explicitly prohibited from configuring mail clients to automatically forward UA email to personal accounts or other companies or institutions without prior, documented approval from OIT Information Security. Additionally, the use of personal or other external accounts or services to store or transmit official University data and communications or to conduct official University business is strictly forbidden. This policy aims to safeguard sensitive information, maintain data integrity, and mitigate the risks associated with unauthorized access or data breaches.

Please reach out to security@ua.edu if you have any questions.

Controlled Data Center Shutdowns December 22

OIT will briefly shut down both on-campus data centers on Friday, December 22 at 7:30 a.m. until 9:30 a.m. for maintenance. Along with intermittent internet outages, the following services will be unavailable during the maintenance period: all on-premise servers, such as Banner, Action Card, myBama, etc. If you have any questions or concerns, contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.