Announcements

DUO Required for Direct Deposit Self Service

Effective August 1, 2017, all UA employees are required to use DUO Two Factor Authentication to access their online, self-service direct deposit banking information on myBama. DUO provides a secure avenue for UA employees to access direct deposit information from both on and off campus.

Because it requires two factors to verify an employee’s identity, DUO adds a second layer of security to myBama accounts. These factors include something you know – your username and password, and something that you have – a smartphone, landline phone or passcode, to authenticate and grant access to an account.  By requiring DUO to access direct deposit self-service banking information is to protect the myBama credentials of UA faculty, staff and students from remote attackers to ensure account security.

To activate your DUO account, visit www.duo.ua.edu. Users should follow the screen prompts and choose their preferred authentication type. Users can utilize a smartphone, a landline phone or passcodes. For more information, step-by-step instructions, and a complete tutorial, please visit www.oit.ua.edu/duo.

July 28 Phishing Attempt

Friday, July 28, 2017, many UA students, faculty and staff received a phishing email with the subject title “IT ALERT: Exchange 2017”

This is a phishing attempt designed to obtain sensitive user data and possibly infect your system with malicious code. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any sensitive information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

Student Phishing Attempt – July 28

OIT has received reports of students receiving phishing emails that pose as job offers. Specifically, an email with the subject line  “CISCOsystems PART TIME EMPLOYMENT OFFER”.

This is a fake job offer used as an attempt to steal sensitive and financial data. If you haven’t already, please delete the email. If you did respond to the email, or you did provide any sensitive or financial data, please place a report with UAPD by calling 348-5454. UAPD is aware of this phishing attack.

If students receive any future messages like this, please email security@ua.edu. The Office of Information Technology wants to remind students to recognize the red flags of phishing when checking your Crimson email.

  • Look at the “From” email address. Confirm that the @ address is from the actual company.
  • Hover over links to see the URL before you click.
  • Look for an official email signature.
  • If you didn’t apply for it, don’t open it.
  • Do not send sensitive data, like a social security number, over email.
  • Never provide financial information, like credit card numbers or bank account numbers.

If you suspect that you are a victim of a phishing attack, please change your myBama password and activate DUO. For any questions or concerns, please contact the IT Service Desk at 205-348-5555.

July 25 Phishing Attempt

Tuesday, July 25, 2017, many UA students, faculty and staff received a phishing email with the subject title “University of Alabama Email Alert”

This is a phishing attempt designed to obtain sensitive user data. If you haven’t already, please delete the email.

If you did receive this email, and you did click on the link in the email to provide any sensitive information, please promptly change your myBama password and activate DUO at duo.ua.edu. Please contact the IT Service Desk with questions and concerns 205-348-5555 or itsd@ua.edu.

Below is a screenshot of the email.

DUO to be Required for UA Students

Effective Monday, October 2, 2017, DUO two-factor authentication will be required for all UA students.  DUO adds a second layer of security to a user’s myBama account because it requires two factors to verify identity. These factors include something you know – your username and password, and something you have – a smartphone app or passcode, to authenticate and gain access to an account.

DUO Required Oct 2

“Passwords alone no longer provide adequate protection for our sensitive data,” said Ashley Ewing, UA’s Chief Information Security Officer.

“Malicious actors are compromising large numbers of user IDs and passwords from systems in hopes that the same ID and password is used on other systems.”

By requiring DUO, OIT can better secure individual myBama user accounts, as well as the entire UA network.  Additionally, over 100 major universities utilize DUO.

“College students are attacked constantly,” said Ewing. “We’ve seen over 8,400 compromised accounts in the last three years. Students should be concerned about the protection of their sensitive data.”

Students can activate their DUO account today by visiting duo.ua.edu. When a user activates DUO, it will be applied to all DUO-enabled systems. Meaning DUO will be activated not only for myBama access, but also Crimson email.

To get started, visit www.duo.ua.edu. Students can then follow the screen prompts and download the DUO Mobile App on your smartphone to setup your DUO account. For more information, and a complete tutorial, please visit www.oit.ua.edu/duo. Please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu with any questions or concerns.

myBama, Banner and Other Services Unavailable July 30

The Office of Information Technology will install a quarterly Oracle patch Sunday, July 30, from 6 a.m. to 10 a.m. The following services will be unavailable during the installation period: Appworx, BITPRD, Banner, CEME, CENSUS, Crystal Report Server, Degree Works, myBama, OIRA, PCR and SiteFile. If you have any questions, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

 

Financial Affairs to Require DUO for Direct Deposit Self Service

Effective August 1, 2017, all UA employees will be required to use DUO Two Factor Authentication to access their online, self-service direct deposit banking information on myBama. DUO provides a secure avenue for UA employees to access direct deposit information from both on and off campus.

Because it requires two factors to verify an employee’s identity, DUO adds a second layer of security to myBama accounts. These factors include something you know – your username and password, and something that you have – a smartphone, landline phone or passcode, to authenticate and grant access to an account.  The intent of requiring DUO to access direct deposit self-service banking information is to protect the myBama credentials of UA faculty, staff and students from remote attackers to ensure account security.

To activate your DUO account, visit www.duo.ua.edu. Users should follow the screen prompts and choose their preferred authentication type. Users can utilize a smartphone, a landline phone or passcodes. For more information, step-by-step instructions, and a complete tutorial, please visit www.oit.ua.edu/duo.