Fake Phishing Results, Banner Modernization, and Generative AI Faculty Resource LibGuide

 

Fake Phishing Results

In the last edition of The Hyperlink, we noted that we are beginning fake phishing exercises. This has become a standard exercise to help us all be vigilant when opening emails and links in emails.

The first fake phish was sent to 940 Harding employees on June 6 at 4:07 pm. The email asked the user to verify their Amazon account.

Below is a summary of the results.

While a 4 % 'submitted data' is not outrageously high, it potentially provided some bad actors information that could be used to subject our systems to attacks. Even just clicking on the link could expose the user to malicious activity on their Harding account. Remember, if an organization is asking that you verify your account, don't click on the link in the email. Go to their site directly.

Banner Modernization

We want to provide you with more information about the Banner Modernization Project. Implementation of Ellucian Experience has commenced, and we can expect to see it and use it later this year.

In order to find out more about this, I interviewed Mike Chalenburg.

Keith: We are currently embarking on a project that has become known as the Banner modernization project. Tell us how this project got started and when it might end.

Mike: It began when Ellucian (the company that owns and markets Banner) approached us asking to work with us to produce a Strategic Alignment Plan to discover how well we were using Banner functionality and identify gaps that could help us in our work.  

Part of the reason for that plan is that Ellucian is moving all of their products to the cloud as a Software as a Service (SaaS) product and, as we plan to stay with Ellucian and Banner for several years at least, the ultimate goal of this project is to move to that environment.  At this point, our estimate to move is 5 years.

Keith: This sounds like a major shift in how we have done things in the past, both from the end user and IT perspective. Can you highlight some of the changes you can see coming down the road from this project?

Mike: The main difference for the end user will be Ellucian Experience (more below) which will replace Pipeline with a more modern  interface as well as a seamless integration with Banner.  One of the advantages for IS&T in a SaaS platform is a significant reduction in time our people will spend installing upgrades and fixes which are already being  provided more often.

Keith: We read a lot lately about digital transformation. Would you see this as one of the significant digital transformations at Harding?

Mike: While we have a culture of adding and using transformative digital tools, I believe these tools will provide a more consistent user experience as well as providing the opportunity to better automate business processes.

Keith: As you noted earlier, this is a 5 year project. Where are we starting with our modernization?

Mike: Similar to our use of Pipeline, Ellucian plans to use Experience as the “front door” to all of their products in a way that will be more friendly than it is now.  Ellucian has also dramatically improved their SSB (Self-service Banner) products.  We will be deploying those along with Experience.  

Keith: It seems like Banner Experience will replace Pipeline. As you know, Pipeline is used extensively by all of us in the Harding community. Tell us what we can expect from this new portal system. When will I be able to see and use this new system? Can we still call it Pipeline?

Mike: We plan to provide all of the tools that Pipeline provides within Experience plus some that are new or enhanced.  Some of the blocks in Pipeline are dated and need to be rewritten.  Along with that, Ellucian has provided additional tools that we can use to ease the flow of work.

At this time, we hope to have a pilot group use Experience near the end of 2023.  However the time could change as we are still learning about its capabilities and requirements.  When we think it’s ready, we plan to open it up for people to “opt-in” for about 4 months. 

And yes, we plan to call it Pipeline.  It’s too easy to say “go to Pipeline and…” so during the opt-in period, we’ll talk about Old Pipeline and New Pipeline before we end the opt-in period by shutting down Old Pipeline.  

Experience also has the ability to be deployed as an app in both the Google Play Store as well as the Apple App Store, so soon after that, we plan to replace the HardingU app with the Experience version and have a consistent user experience (pun wasn’t intended but is now) across platforms.

Keith: Is there anything else you would like to add about Banner Modernization?

Mike: We believe it will bring us to currency with the Ellucian platforms and allow us to better keep up with the new functionality that is regularly being provided for Banner and its related products.

Generative AI Faculty Resource LibGuide (eg ChatGPT)

Brackett Library has created a living guide that will be continually updated as ChatGPT and AI are rapidly evolving technologies.  The purpose is to have a resource available for faculty that contains helpful information and resources that are easy to understand.  Bookmark this link and check back regularly for updates!

https://library.harding.edu/GenerativeAI/facultyresourceguide

Generative AI is quickly maturing and moving into many areas. For example check out how Generative AI imagines what Barbie's dreamhouse would look like in each state of the USA!
Barbies Dreamhouse in each US State

Come see the light (board) and more in this post...

Meet Lightboard

Chalkboard…Whiteboard…Now Lightboard

Lightboard is a video lecture recording tool which allows the presenter to diagram concepts while maintaining eye contact with the audience. Click on the video below to see a demonstration.  Contact elearning@harding.edu to schedule a recording time with Lightboard. Staff​ members are available to help ​you ​ get started and take you through the entire process. Your finished product can be posted to a Canvas course or site of your choice.

Hover, look and then click…

The most effective way to protect an organization from being compromised through phishing or other similar schemes is through user alertness and education!

We do this in a number of ways. We like to make sure we do not become complacent in how we deal with the emails we receive. Without a doubt, the vast majority of emails that come to our inbox are not nefarious. They are there to genuinely inform us and be used as a way to conduct our business.

Then there are those emails that have attachments or links that are set to trap us into sharing information we should not share or to have something downloaded that will take information from us illicitly.

To help us be more aware and alert, we will be conducting some phishing tests in the future. We will be generating some phishing style emails and sending them to different groups around campus. This is not a punitive exercise. There will be no public shaming. If someone 'falls' for the email, they will receive information that highlights why the phishing email was successful! It is designed to be informative.

One of the simplest ways to check whether a link in an email may be legitimate or suspicious is to just hover over the link and look at the bottom left of the browser window. You will see the actual web address where the link would take you should you click on it. (this works with most browsers, but it may not work on some instances of Safari)

Consider these two links:  www.harding.edu and www.harding.edu.

They look the same don't they?

Try moving your mouse pointer over each link.  DON'T CLICK - just "hover".

Did you see what web page you would have been directed to if you had clicked?

(This example is courtesy of John Nunnally.)

Library Donations

Rhema Christian Academy Library

Did you know that Brackett Library helps with various missions here and abroad? One outreach is donating books to mission fields. Lola and David Crouch recently asked for books for a school in Nigeria. Some health science books have been sent to Zambia. One of the latest missions was the Likewise College (overseen by Jeff Kreh), a school that works with those in the prison system in Arkansas. 

These books are either discarded books from our collection or donated books. If Brackett already has a copy in the library's collection of a donated book, it can be used for missions. Discarded books will be sent because many times the library has obtained a newer edition with the older edition being only a few years old. Brackett Library makes an effort to use books in a positive way when they are not needed in the current collection. If you are interested in making a book donation, please call 501-279-4354 for more details.

New Phones on Campus

Chances are you have already received a new phone on your desk recently. We are upgrading the campus to VoIP – voice over IP – phones.

Why are we making the switch? The Nortel phone switch was installed in 1989. It was the “latest and greatest” when we installed it, and it has served the campus well, but its time has come to an end. We need to make the switch to VoIP to keep up with industry standards.

We first installed VoIP phones in the IS&T area as a “pilot” project to test their usability on campus. It didn’t take too long to decide that this was the direction we needed to go. As new buildings were built, we installed new VoIP phones instead of installing expensive copper phone cable. When we did this, it meant that we were “straddling” two phone systems – Nortel and VoIP – and that did make management of both systems cumbersome.

Recently, the decision was made to cut over the rest of the campus to VoIP. Harding Telephone Service (HTS) has been cutting over the campus building by building. As time and schedules permit, HTS is replacing old Nortel phones and installing new VoIP phones. They plan to finish the cutover by this fall.

There are many benefits to the new phones, including allowing the user to make phone changes through an online portal. Once you get your new phone, you can log onto https://phone.harding.edu with your Harding username and password and make changes to your ring settings, forwarding settings, and other settings. You will also have access to Jabber.

Jabber is a set of applications that allows users to connect to each other in more ways than just a desk phone. One feature is an app for Android and I-Phone. Once downloaded, Jabber allows a user to answer and make calls as if using their desk phone on their cell phone no matter where they are located, as long as they have a data connection (don't worry, the app can be turned off/on when needed). This app not only allows you to take calls in almost any location but it also allows you to keep your cell number and private voice mail separate from your office number and office voice mail when you need to.

Another feature of Jabber can be a virtual phone set on your computer so you can answer, make calls and check voice mail via your computer. It’s also easy to save a voice mail on your computer by using this feature so you can keep any messages you feel you should for as long as you need to.

Along with the desktop virtual phone, a chat window can be used to message others who use Jabber. In all Jabber applications, you can set a presence icon that lets others know if you are on the phone, away or in a meeting. These are just a few of the features of Jabber we are excited about using on campus.

New Faces

IS&T has welcomed some new people this semester. If you haven’t already met them, stop by and say hello!

Anora David

Anora is the Office Assistant in the Center for Technology & Learning/AV. Born in Camden, Tennessee, she attended both Michigan Christian College and Freed-Hardeman University. She spent 22 years in Liberia as a missionary. In 1996, she and her husband built Ford-Madden Christian School there which now houses kindergarten through high school grades. Anora’s office is located in Lee 110.

Maren Patterson

Maren Patterson comes to the Center for Learning with Technology from Milwaukee, Wisconsin. He has been a digital content developer for 18 years and has guided teams to successful publications of various projects.

Currently, Maren is working​ on​ ​the following projects: 3D Virtual tour and interaction​ ideas​, best methods for introducing Virtual Reality (VR) to campus and assisting with planning for the 8th Annual Faculty Technology Showcase. ​He is also collaborating with the Library to create a dynamic video to illustrate library resources for instructors and students.

Maren’s office is located in Admin 212.

Introducing Team Dynamix

For a while, we in IS&T have wanted a better way to help track what we do both from a day-to-day standpoint as well as the projects, short and long, that we work on. Along with that we wanted to have an easier and more consistent way to communicate with you as we work for and with you.

With that in mind, we explored the market and found a company and product called TeamDynamix. Because TeamDynamix works mostly with higher education institutions, they understand the things we in a higher ed IT operation regularly deal with. It appeared to be a good fit so we recently signed a contract and have been implementing the product.

We plan to open it to you around June 1. Your main entrance to it will be a portal linked from Pipeline that will have links to four main areas we think you will find helpful:

A Service Catalog that will contain information about the various software, hardware, help, and other services we provide. Within each service will be information about how to use the service as well as request the service or help with it.

A Ticketing system where you will be able to enter requests and view your outstanding requests. We will be using this much more to to track, but more importantly to consistently communicate with you about what we are working on for you.

A Knowledge Base like Kenobi, our wiki, except tied in with the services and tickets. Over time, the articles IS&T people have created will be moved to the TeamDynamix knowledge base and will be accessible through this portal. (Don’t worry, the other things in Kenobi like Policy Portal, etc. will remain as they are.)

A Projects area where you can see and interact with the projects we are working on or plan to work on.

We are already using this in a limited fashion as we configure it and are already seeing some benefits. It is also expandable and as our use of it grows, it will allow other areas to have a presence as well.

More information will be coming soon. We look forward to being able to use it as we work with you.

Have jolly and cyber safe time...

The time of the year where we use the word 'jolly' more than any other time of the year is upon us. It is a most wonderful time of the year for sure.

It is also the time when we are shopping! And increasingly we are shopping online. We all like get the boxes at the front door!

I don't like sending messages like this one. They make me feel a lot less jolly and more like a grinch.

When we are shopping online, we are giving different organizations a fair amount of our personal information. Therefore we should all take steps keep our usernames and strong passwords secure. Here are some tips how to do that: Tips for Secure Online Shopping.

In summary this article tells us:

1. Don't shop at a site if you're not comfortable
2. Never click on links from spam emails to make purchases
3. Check the web address to make sure you are on the correct site
4. Check that the site is secure
5. Use a credit card or an online payment service
6. Do not use a public computer to shop online
7. Only use a secure connection when you place your order
8. Use strong passwords

You may also see more email activity afterwards from various companies. Be on the lookout for phishing schemes. Here is some good advice on how to avoid being phish fried: Avoid Phishing Fraud. 

Maybe to help us sort through this a bit further, John Nunnally provided an analysis of how to deal with a real example that was recently received by people at Harding.'

Please take some time to take a look at this example.

_____________________________________________________________

No links! It Must Be Safe…. Wrong.

Phishing Scheme – Analysis, Case 1: Remittance Advice

Here is a message recently received by a person at Harding:

At first glance this looks legitimate. But looking closer:

• Do we know anyone named Charlotte Allison?  That would be the first question.  If not, we should go no further until we check.
• Look at the from address:  charlotteanderson@wellsfargo.com.  Have you been doing any business with Wells Fargo?  Instead of that stopping us, we have a tendency to open the attachment to see why in the world Wells Fargo would be sending us something.  BAD IDEA!  That is exactly the reaction the scammers want you to have.
• If you simply hover your mouse pointer over the attachment without clicking, you can see that it is named “Secure Remittance.htm”.  HTM files are executable web programs.  So if you click on this attachment you would most likely be connected to some bogus web site to do you harm.  Another red flag.

And then we should think about this email from the opposite point of view:

• This email is so very generic.  It could be sent to anyone.  There is nothing that specifically references you as the recipient.  It doesn’t even identify the “Intermediary Bank” supposedly involved in this transaction. (it would be most unusual that people at Harding would send an email that said something generic such as ‘Dear User’)
• Surely a message like this would at least provide a phone number to call in case you have questions.  In fact, it encourages you to contact Charlotte Anderson and then provides you with no contact information except replying to the email.
• This scam even warns you in advance that by clicking on the attachment “You will be required to download and authenticate your email client” – So you are warned that you will be installing software on your computer and probably be expected to give away your username and password!  All scams should be so forthright!

So the only safe thing to do with this email -- delete it.

___________________________________________________________________

Even with all this seemingly dire information, all of us in IS&T want to wish you a jolly Christmas and holiday.