Opportunity: Azure Fundamentals Class

• October 27th, 2023
• in Uncategorized

The local Microsoft Account Team will be providing an AZ-900 (Azure Fundamentals) class at the University of Alabama on November 9^th from 9:00am – 4:00 pm. The cost of the training is FREE. Room for this event will be limited to 40 participants. The agenda and Registration link are below. Additional general details will be forthcoming to registered attendees.  Please let me know if you have any questions.

Azure AZ-900 Class  

Azure Fundamentals introduces cloud services, and how these services are provided by Microsoft Azure. Take this course as a first step towards learning about cloud computing and Azure, before taking further courses. 

This course covers:

• General cloud computing concepts, models, and services such as: 

• Public, Private, and Hybrid clouds
• Infrastructure, Platform, and Software as a Service

• Core Azure products, services and tools for security, privacy, compliance, and trust
• Azure pricing and support options

Registration Link for University of Alabama AZ-900 course on November 9^th

Azure AZ-900 Microsoft Azure Fundamentals     

Candidates for this exam have skills and experience working with an area of information technology (IT), such as infrastructure management, database management, or software development.

·        Describe cloud concepts (25–30%)

·        Describe Azure architecture and services (35–40%)

·        Describe Azure management and governance (30–35%)

Describe cloud concepts (25–30%)

Describe cloud computing

·        Define cloud computing

·        Describe the shared responsibility model

·        Define cloud models, including public, private, and hybrid

·        Identify appropriate use cases for each cloud model

·        Describe the consumption-based model

·        Compare cloud pricing models

·        Describe serverless

Describe the benefits of using cloud services

·        Describe the benefits of high availability and scalability in the cloud

·        Describe the benefits of reliability and predictability in the cloud

·        Describe the benefits of security and governance in the cloud

·        Describe the benefits of manageability in the cloud

Describe cloud service types

·        Describe infrastructure as a service (IaaS)

·        Describe platform as a service (PaaS)

·        Describe software as a service (SaaS)

·        Identify appropriate use cases for each cloud service (IaaS, PaaS, and SaaS)

Describe Azure architecture and services (35–40%)

Describe the core architectural components of Azure

·        Describe Azure regions, region pairs, and sovereign regions

·        Describe availability zones

·        Describe Azure datacenters

·        Describe Azure resources and resource groups

·        Describe subscriptions

·        Describe management groups

·        Describe the hierarchy of resource groups, subscriptions, and management groups

Describe Azure compute and networking services

·        Compare compute types, including containers, virtual machines, and functions

·        Describe virtual machine options, including Azure virtual machines, Azure Virtual Machine Scale Sets, availability sets, and Azure Virtual Desktop

·        Describe the resources required for virtual machines

·        Describe application hosting options, including web apps, containers, and virtual machines

·        Describe virtual networking, including the purpose of Azure virtual networks, Azure virtual subnets, peering, Azure DNS, Azure VPN Gateway, and ExpressRoute

·        Define public and private endpoints

Describe Azure storage services

·        Compare Azure Storage services

·        Describe storage tiers

·        Describe redundancy options

·        Describe storage account options and storage types

·        Identify options for moving files, including AzCopy, Azure Storage Explorer, and Azure File Sync

·        Describe migration options, including Azure Migrate and Azure Data Box

Describe Azure identity, access, and security

·        Describe directory services in Azure, including Azure Active Directory (Azure AD), part of Microsoft Entra and Azure Active Directory Domain Services (Azure AD DS)

·        Describe authentication methods in Azure, including single sign-on (SSO), multi-factor authentication (MFA), and passwordless

·        Describe external identities in Azure, including business-to-business (B2B) and business-to-customer (B2C)

·        Describe Conditional Access in Azure AD

·        Describe Azure role-based access control (RBAC)

·        Describe the concept of Zero Trust

·        Describe the purpose of the defense-in-depth model

·        Describe the purpose of Microsoft Defender for Cloud

Describe Azure management and governance (30–35%)

Describe cost management in Azure

·        Describe factors that can affect costs in Azure

·        Compare the pricing calculator and the Total Cost of Ownership (TCO) Calculator

·        Describe cost management capabilities in Azure

·        Describe the purpose of tags

Describe features and tools in Azure for governance and compliance

·        Describe the purpose of Microsoft Purview in Azure

·        Describe the purpose of Azure Policy

·        Describe the purpose of resource locks

Describe features and tools for managing and deploying Azure resources

·        Describe the Azure portal

·        Describe Azure Cloud Shell, including Azure Command-Line Interface (CLI) and Azure PowerShell

·        Describe the purpose of Azure Arc

·        Describe infrastructure as code (IaC)

·        Describe Azure Resource Manager (ARM) and ARM templates

Describe monitoring tools in Azure

·        Describe the purpose of Azure Advisor

·        Describe Azure Service Health

·        Describe Azure Monitor, including Log Analytics, Azure Monitor alerts, and Application Insights

Registration Link for University of Alabama AZ-900 course on November 9^th.

Paty Hall & Ridgecrest South Wi-Fi Outage – Oct. 13, 2023

• October 13th, 2023
• in Uncategorized

UA-Xfinity residential wireless internet experienced an outage in Paty Hall and Ridgecrest South on Friday, Oct. 13, that began at 5:00 PM and ended at 7:30 PM. Paty Hall recovered as of 5:30 PM and Ridgecrest South recovered at 7:30 PM.

If you have any questions or concerns, contact Xfinity at 833-455-2678.

You can track updates on this issue here: oit-status-page.oitapps.ua.edu/issueHome

Duo Verified Push

• October 4th, 2023
• in Uncategorized

OIT is deploying a risk-based verified push feature in Duo that will help cut down on compromised accounts and improve cybersecurity all across campus.

What is a DUO Verified Push? Examples Below

Verified Push is a more secure version of Duo Push that requires users to enter a numeric code from the authentication prompt on their mobile device. When Duo detects an anomaly in your login pattern, it will display a code on the screen the person is using to log in. You will simultaneously get a request to answer the code in your Duo app. The code will be a mandatory step to log in the first time you use the device, but will happen less frequently the more you use the device.

Duo’s Risk-Based Authentication automatically detects and mitigates commonly known attack patterns and high-risk anomalies. Risk-Based Authentication consists of two key capabilities: Risk-Based Factor Selection and Risk-Based Remembered Devices.

How is risk assessed by DUO?

• User marked fraud: A user has indicated they weren’t responsible for a login by marking it as suspicious in the Duo Mobile app.
• Push harassment: A pattern of failed authentications is consistent with an adversary performing a targeted push harassment attack against a single user.
• Push spray: A pattern of failed authentications is consistent with an adversary performing a non-targeted push attack against multiple users.
• Unrealistic travel: A user attempts to authenticate from a new location that would be impossible to reach based on the past authentication time and location.
• Country code mismatch: The authentication device and access device appear to be in two different countries.
• Novel ASN: A user attempts to authenticate from an autonomous system number (ASN) not seen in the organization’s recent history of successful authentication.

What is the point?

Verified Duo Push automatically adds a separate layer of security on top of the push by asking the user to complete an action that requires them to interact with both the access and the authentication devices.

Limitations

• Apple Watch experience is degraded. The full QWERTY keyboard makes entering the code a challenge. You are able to illustrate or narrate your code as an alternative.
• In iOS, the numeric keyboard is only launched in the Duo app. If you attempt to approve directly from notification, you will have QWERTY. The approval still works, just less smoothly.
• Verified Push only works when combined with the Duo mobile app. Phone call and SMS authentication are unsupported. Hardware token usage is unchanged as well. If a phone call is the only way to authenticate due to accessibility reasons, we can add the user to an exception group.

Want to learn more?

You can find out more about Verified Push on Duo’s website: CLICK HERE

Paty Hall Wi-Fi Outage – Sept. 20, 2023

• September 20th, 2023
• in Uncategorized

UA-Xfinity residential wireless internet experienced an outage in Paty Hall on Wednesday, Sept. 20 that began at 2:00 PM and ended at 7 PM. On Sept. 21 at 5 AM Xfinity replaced some equipment that supports your Wi-Fi network in your building to ensure a better experience moving forward.

If you have any questions or concerns, contact Xfinity at 833-455-2678.

Artificial Intelligence Increases Threat of Extortion

• June 7th, 2023
• in Uncategorized

The Federal Bureau of Investigation (FBI) warns about a growing trend of malicious individuals using deep fake technology for explicit extortion attacks. This brand of extortion involves threatening victims with publicly releasing explicit images or videos unless they pay a ransom. Previously, the compromising content used in extortion was often fake, but now threat actors are scraping publicly available images from social media platforms. They use these images as input for deep fake content creation tools, generating AI-generated explicit content that looks highly realistic. The FBI has observed an increase in extortion victims reporting the use of fake images or videos created from their social media posts or captured during video chats.

Bad actors are achieving this with content creation tools available online, including free ones, that can generate realistic videos using just a single image of a person’s face. While some of these tools have built-in protections, those sold on underground forums and the dark web may not.

The FBI’s alert mentions two common demands made by malicious actors: demanding payment with threats to share the images/videos with family or social media friends if funds are not received or forcing the victim to send real sexually-themed images or videos. The created explicit content may be posted directly to pornographic websites, exposing victims without their consent. This media manipulation activity has unfortunately affected minors as well.

To protect oneself, OIT recommends practicing safe habits online, considering the risks of sharing personal media, restricting access to personal content, and reporting any deep fake content or threats to OIT Security, UAPD, and hosting platforms.

Link to FBI Article

Upgrade Windows 10 – 22H2

• May 1st, 2023
• in Uncategorized

Beginning in May 2023, faculty and staff with Windows computers will begin receiving announcements on their computers to upgrade Windows 10 to the newest supported version, 22H2.

Faculty and staff have the option to upgrade when they receive the announcement or schedule the upgrade for another time. OIT recommends that faculty and staff perform the update at the end of the workday, as the upgrade will require 90 minutes of downtime.

This upgrade will not delete any applications or data, but as always, OIT recommends backing up before performing any OS upgrade.

Please perform this upgrade at a time convenient to you. OIT suggests starting the upgrade, or scheduling for it to occur, just before you leave for the end of the day. OIT also recommends performing the upgrade while on campus, connected to power and connected to the UA network. Below is an example of the announcement faculty and staff can expect to see.

Machines that are not upgraded by Sept. 11 will automatically receive the update from OIT. OIT recommends faculty and staff schedule the upgrade to occur this summer for it to be performed at a time of their choosing.

Microsoft to enable number match authentication for all UA alumni and retiree UA email accounts

• January 27th, 2023
• in Uncategorized

Beginning February 27, 2023, Microsoft will enable number match authentication for all UA alumni and retirees who are currently using Microsoft Authenticator to access their UA email accounts.

With number matching enabled, the Microsoft Authenticator app will prompt users with a number. Users will need to type that number into the app to complete the authentication process when attempting to sign into their UA Outlook account.

The feature helps to prevent accidental approvals and provides protection against multi-factor authentication attacks.

Number matching isn’t supported for Apple Watch notifications. Apple Watch users need to use their phone to approve notifications when number matching is enabled.

FAQS

Who will be required to use number matching in Microsoft Authenticator push notifications?

UA alumni and retirees who are currently using Microsoft Authenticator to access their UA email accounts.

Can I opt out of number matching?

No, starting February 27, 2023 users can’t opt out of number matching in Microsoft Authenticator push notifications.

Does number matching only apply if Microsoft Authenticator is set as the default authentication method?

Regardless of their default method, any user who is prompted to sign-in with Authenticator will see number match after February 27, 2023.

What happens if a user runs an older version of Microsoft Authenticator?

If a user is running an older version of Microsoft Authenticator that doesn’t support number matching, authentication won’t work if number matching is enabled. Users need to upgrade to the latest version of Microsoft Authenticator to use it for sign-in.

LastPass Breach – Password change required

• January 4th, 2023
• in Uncategorized

Many faculty, staff, and students utilize LastPass as a password management tool to store passwords in an encrypted environment.  On December 22, LastPass informed its customers of a potential cyber security incident that could compromise the passwords stored in their accounts. LastPass discovered that in November 2022, a copy of the customer password vaults had been stolen. This attack affected a significant portion of the large LastPass customer base, including users at The University of Alabama.

Your LastPass password vault is encrypted with a master password that only you know. Cybercriminals who obtained copies of customer vaults in November 2022 and may be trying to crack these master passwords to access the passwords stored within.

We recommend that you follow these steps, including changing your master password immediately. On January 4, 2023, at 2:00pm, OIT Security will configure LastPass to require all users to change their master passwords if they have not since December 21, 2022.

1) Change your LastPass master password to include at least 14 characters. This should be different from your myBama password. Consider using a pass phrase or at least five randomly selected words. Passwords must include 3 of the 4 character types (uppercase, lowercase, number, symbol).
2) Start changing the passwords for your stored accounts and prioritize your myBama account, email accounts, financial accounts, and other accounts that could cause significant harm to you or the University if stolen.
3) If you store API keys or other similar application credentials, change those as well.
4) If you store credit card numbers in LastPass, we suggest requesting a new card from your financial institution.
5) Continue changing all of your stored passwords.
6) Enable two-factor authentication on all services if possible. If you receive any two-factor prompts that you did not initiate, do not respond to them and contact security@ua.edu.
7) Check your financial accounts regularly for any fraudulent transactions.
8) Be on the lookout for phishing emails trying to steal your LastPass password or personal information!

For personal LastPass accounts, follow a similar course of action.

Additional resources:
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/
https://www.govinfosecurity.com/lastpass-breach-attacker-stole-encrypted-password-vaults-a-20790
https://arstechnica.com/information-technology/2022/12/lastpass-says-hackers-have-obtained-vault-data-and-a-wealth-of-customer-info/

FAQS:
“Won’t DUO two-factor protect my account?”
Not against this type of attack. Your master password is the only factor protecting your stolen vault contents.

“If I change my master password why do I need to change my account passwords?”
The cybercriminals have obtained a copy of your LastPass vault from November 2022, which means that offline copy will not be protected by any future changes you make to your master password. Therefore, changing the stored passwords for each account is crucial to ensure their security.

Even if you change the stored passwords, it is still important to change your master password. If you do not, cybercriminals may try to access your active vault using your master password, giving them access to any newly changed passwords for your individual accounts.

“Will UA continue to use LastPass?”
At this time, UA will continue to use LastPass. OIT Security is evaluating other vendors.

Cybersecurity Town Hall Event

• October 17th, 2022
• in Uncategorized

Join the OIT Security Team Thursday, Oct. 20 at 12:00pm for a virtual Town Hall Meeting.

Ransomware is a term you’ve seen a lot in the news lately, but do you know how to protect yourself, your computer and your sensitive information from a ransomware attack? Join the OIT Security Team Thursday, Oct. 20 at 12pm for a virtual Town Hall Meeting to ask questions of the team and learn how to be cyber secure.

UA CISO Taylor Anderson will provide a brief presentation on cybersecurity practices at UA and offer tips on how you can protect sensitive information. The team will then answer questions from the audience! Email victoria.collins@ua.edu to submit a question to the team in advance! More information about the event is available on the UA Events Calendar.

The Town Hall will be held on Microsoft Teams.

Patch Management for OIT Supported Windows Workstations

• September 27th, 2022
• in Uncategorized

Effective Monday, October 10, the Office of Information Technology will begin automated patch management for OIT Supported Windows Workstations using PatchMyPC (PMPC). Using PMPC, OIT can update supported applications on UA machines, preventing applications from sitting dormant and possibly leaving vulnerabilities open.

Updates will be automated and will run as computers detect available updates. User’s applications that are closed and not in use will be updated in the background without the user noticing. Any application that a user has open but has not updated will trigger a PMPC “conflict” pop-up on the bottom right corner of the screen that looks like this:

The pop-up will provide clear instructions for updating the opened application. Users will be given the name of the application that is trying to update, how many times the update has been postponed, how long they have until the update is postponed if they do not answer, and two options of “Close All and Update” or “Snooze Update”. If the user does not respond in the time that is given, then the update is automatically postponed. If the user has previously postponed the update three times, and does not respond to the pop-up, PMPC will automatically close the application and update it.

If an update closes a user’s browser and multiple open tabs, the users can press Ctrl+Shift+T simultaneously to open previously opened tabs in the updated browser.

Automated patch management for all UA-net devices will take place later this year. Users will receive further communications prior to that implementation.