IMPORTANT UNM IT SECURITY & USABILITY IMPROVEMENTS

Categories: Students   Faculty   Staff  

April 28, 2020 - As we continue to operate remotely, UNM has recently improved information security and usability on the university’s systems and services. Please take the time to review these updates:

Zoom Security for Main Campus & Branches

UNM Information Security and Privacy Office worked with IT service owners to review how Zoom would be used at UNM, and to help ensure that appropriate safeguards were in place to protect UNM data in use through the UNM Zoom service.

UNM has also recently provided all meeting hosts with recommendations how to secure Zoom sessions and protect the privacy of meeting participants without limiting the ability of UNM community members to have open meetings with colleagues at other institutions. This information can be found at at.unm.edu/media-collaborative-apps/zoom-web-conferencing.html

External Email Notification Banner and Message Preview in LoboMail

On Dec. 12, 2019, a banner was added to all e-mails sent from outside UNM’s e-mail system. This was in response to the detection at UNM of a virus that proliferated through external email phishing and had previously caused a peer institution in New Mexico to physically shutdown for 3 weeks last fall. While this banner has been an important step in mitigating dangerous phishing attacks, we acknowledge that the existing banner minimizes the ability for users to see a preview of the email message content.

After business hours on April 28, 2020, we will alter the text used for flagging e-mails sent from outside the UNM e-mail system so that the banner alert is smaller and message content is viewable in preview windows. We will continue to whitelist external entities that have a need to send emails on behalf of UNM.

Here are some important tips to protect your account from phishing:

• Always be cautious with externally flagged e-mails and especially when opening attachments or following links from unverified or external sources.
• Never provide your password through e-mail, even for a password reset.
• If you receive phishing email, any e-mail asking for your password or for Personally Identifiable Information (PII), please forward the e-mail as an attachment to security@unm.edu. For instructions on how to forward email as an attachment, or to see whether UNM IT is already aware of specific phishing email, please visit phishbowl.unm.edu. Additional information on reporting incidents to UNM’s Information Security and Privacy Office is available at ISPO.unm.edu.

The full article goes into greater detail on these improvements and provides additional areas where IT has increased security and usability for us.