Announcements

University IT is a collaborative partnership of the three IT units within Stanford's Business Affairs organization, all dedicated to delivering world-class service and technological solutions in support of research, teaching and learning, administration, and healthcare. 

The January 2016 issue of the University IT newsletter is now available.

University IT is a collaborative partnership of the three IT units within Stanford's Business Affairs organization, all dedicated to delivering world-class service and technological solutions in support of research, teaching and learning, administration, and healthcare. 

The December 2015 issue of the University IT newsletter is now available.

Microsoft Office 365 users will now see additional tiles in their list of applications.  OneDrive and Office Online (Word, Excel, PowerPoint, and OneNote) are now available for use from a browser.  For more information, visit:  office365.stanford.edu

The new iPad Pro 128 GB is now available with AT&T and Verizon in space gray, silver, and gold. 

The Apple Pencil for iPad Pro is $99. (When ordering, please include it in the special instructions field. Currently, there is not a drop down option.)

The Apple Smart Keyboard for iPad Pro is $169.99. (When ordering, please include it in the special instructions field. Currently, there is not a drop down option.)

Shipping for the iPhone 6s and the iPhone 6s Plus (all colors) is 7-35 business days after your order has been placed with the carrier.

Shipping confirmations will be sent to the department contact as soon as we receive information from carriers. We will not have order status information prior to confirmation.

• Upgrade orders for non-eligible wireless numbers will require further approval before processing due to the higher cost.  To check a user(s) eligibility status, please submit a HelpSU ticket as soon as possible, providing the wireless numbers.
•  Request category: Mobile Device, Request Type: OrderIT - check device discount eligibility. 
• A Transfer of Liability (TOL) is a wireless number transfer from a Personal Service Plan Account to Stanford University within the same Carrier.  This may cause a delay in shipping.
• A Port is a wireless number transfer from one Carrier to a different Carrier.  This type of order may cause a delay in shipping.
• Ensure that an accurate street and building address is provided.
• Ensure color selection and size selection are accurate.
• Given the limited supply of devices and the high volume of orders, any Rush Orders will be processed as Standard Orders.
• Each Carrier (AT&T, Sprint, and Verizon) receives different inventory levels directly from Apple, therefore shipping timeframes will vary across Carriers.
• There may be a  unforeseen delays with all other orders due to the overwhelming demand of the new iPhone. 

As of August 1, 2015 AT&T has increased the upgrade fee to $45.00  for smartphones and tablets

As of September 25, 2015 AppleCare+ has increased the one time purchase price to $129.00 for the iPhone 6s and 6s Plus

Cancel service or return/exchange equipment (cellphones, iPads, data cards) for a full refund, less any applicable restocking fee, within 30 days of ship date.

University IT is a collaborative partnership of the three IT units within Stanford’s Business Affairs organization, all dedicated to delivering world-class service and technological solutions in support of research, teaching and learning, administration, and healthcare.

The October issue of the University IT newsletter is now available.

The Stanford Accounts application and Sponsorship Manager will be unavailable from 5 p.m. on Thursday, Oct. 15 until 8 a.m. on Friday, Oct. 16, while the underlying system is being updated.   

During this planned outage, users will need to contact the IT Service Desk at 650-725-4357 (5-HELP) for assistance with resetting their SUNet ID password or generating a one-time use two-step authentication code. 

University IT is a collaborative partnership of the three IT units within Stanford’s Business Affairs organization, all dedicated to delivering world-class service and technological solutions in support of research, teaching and learning, administration, and healthcare.

The August issue of the University IT newsletter is now available.

On Sunday, July 20, University IT completed round two of the Zimbra email and calendar migration to Microsoft Office 365. 1,882 accounts were migrated to the new email and calendar service. The departments and units that were migrated include:  Business Affairs; Dean of Research; SE3 (and postdocs); and a small group of other Stanford affiliates.  

To find out when your area migrates to Office 365, visit the Office 365 service page.

University IT is a collaborative partnership of the three IT units within Stanford’s Business Affairs organization, all dedicated to delivering world-class service and technological solutions in support of research, teaching and learning, administration, and healthcare.

The July issue of the University IT newsletter is now available.

In forming University IT just over a year ago, our goal has been to provide the most seamless experience that we can for clients across campus. To further increase our operational effectiveness, efficiency, consistency, and integration, I am creating a University IT Shared Services unit to provide non-technical shared support. 

I’m pleased to announce that Sam Steinhardt will become the Assistant Vice President for University IT Shared Services, effective Monday, June 15, 2015. Sam will report to me, and will join the Office of the CIO.  

The University IT Shared Services organization will include:

• Finance, led by Molly Reynick
• Vendor Management, led by Tracy Yuan
• Business Partners, led by John Freshwaters
• Communications, led by Jim Knox
• Service Management, led by Kathy Pappas Kassaras

Combining the Financial and Vendor units will create greater efficiencies with respect to the management of University IT financial resources. Bringing the Business Partners and Communications units together will continue to develop a single voice to the Stanford community. Service Management will help create consistent systems and processes across University IT. The University IT Finance function will continue to have a secondary reporting relationship to Noel Hirst, Assistant Vice President for Business Affairs Finance and Facilities.

Sam has worked closely with clients to simplify business operations and to consolidate campus spending. He recently led a team of eight leaders from across University IT to better align the three organizations of Administrative Systems, the Information Security Office, and University IT. To this new role, Sam brings business savvy, strategic perspective, and a dedication to continuous improvement.  

Please join me in welcoming Sam to his new role. 

Randy Livingston
Vice President for Business Affairs and CFO

Dear Stanford mobile device user community,

During a planned upgrade to Stanford’s Mobile Device Management system (AirWatch) on the morning of May 22nd, your mobile device may have been disconnected from Stanford email, calendar and contacts. We apologize for this, and we assure you that no data has been lost.

You will need to re-enter your Stanford password in order to reload the data to your mobile device. It may take a while to fully resynchronize your data, so we recommend connecting to a WiFi network to expedite the process. You can re-enter your password on Apple devices under: Settings --> Mail, Contacts, Calendars --> Stanford Mail --> Account --> Password.

If you need additional assistance, please contact the Service Desk at 725-HELP (4357) or submit a help request at helpsu.stanford.edu.

Google released Chrome 42 last week, and as users have upgraded, they've seen a warning about the SSL certificates installed on a number of Stanford websites. A red X and line appear in the lock icon and "https" of the URL.

This warning is displayed for certificates that are signed with an older encryption algorithm. It is not an indication that there's a current security problem with the site or certificate—this is Chrome's way of encouraging more rapid adoption of stronger encryption.

While new certificates that Stanford issues are signed with stronger encryption methods, issues with some older operating systems and applications prevent University IT from deploying newer certificates across all sites right now.

In the meantime, this specific warning in Chrome 42 and later versions can be safely ignored. For more information about this warning and the reasons behind it, please see this post from Google's security blog.

If you have any questions, please submit a HelpSU request.

University IT is a collaborative partnership of the three IT units within Stanford’s Business Affairs organization, all dedicated to delivering world-class service and technological solutions in support of research, teaching and learning, administration, and healthcare.

The March issue of the University IT newsletter is now available.

The hardware tokens for two-step authentication have arrived.  First round of distribution is underway at specified locations.  Beginning March 2, 2015, the tokens will be available for pickup at the ID Card Office now in Tresidder Union.  For more information on two-step authentication, visit:  twostep.stanford.edu.

University IT no longer supports installs and upgrades for MediaWiki through the Collaboration Tools Installer and Upgrader. You may continue to run your existing site; however, you are responsible for keeping MediaWiki software for that site up-to-date (see https://www.mediawiki.org/wiki/MediaWiki for more information) and adjusting settings to make it compatible with Stanford's web infrastructure.

As an alternative, University IT offers Confluence, a more supported wiki environment, which allows any authorized user to add, delete, or revise content via a web browser. Confluence is available to Stanford users only.

If you are using MediaWiki as the foundation for a website, a better Stanford option is Stanford Sites, a self-service tool for building and managing websites. Stanford Sites is available to current faculty, staff, and students free of charge.

Effective December 5, 2014, University IT will no longer support or offer WebEx licenses. Current WebEx users are encouraged to use BlueJeans, which is provided at no cost to all faculty, staff, and students.

After December 5, 2014, the Stanford University WebEx site will no longer be accessible.

Please contact Gino Piccardo at WebEx if you want to obtain a department license.

The appearance of Stanford WebLogin will be changing in December 2014. The new WebLogin screens can be previewed from the WebAuth What's New page.  

University IT is a collaborative partnership of the three IT units within Stanford’s Business Affairs organization, all dedicated to delivering world-class service and technological solutions in support of research, teaching and learning, administration, and healthcare.

The November issue of the University IT newsletter is now available.

University IT is a collaborative partnership of the three IT units within Stanford’s Business Affairs organization, all dedicated to delivering world-class service and technological solutions in support of research, teaching and learning, administration, and healthcare.

University IT has just launched a new website and newsletter.

In early September 2014, current Amazon Web Services (AWS) account holders should have received an email directly from AWS, on Stanford’s behalf, informing them of the new Enterprise Agreement negotiated between AWS and Stanford University as of May 2014. Learn more.

Dear Colleague:

Proactively encrypting your laptop and desktop computers is the single most important step you can take to protect your information and the University's data in the event the device is lost or stolen. The University has established a goal of verifiably encrypting all faculty, staff, and postdoc Macintosh and Windows computers by May 31, 2015, and we are asking you to begin now using one of three options presented below. This requirement applies to both Stanford and personally owned computers that will continue to be used for Stanford activities on the campus network, other than those granted exceptions due to special research requirements. Anyone who stores, transmits, or accesses High Risk Data information as defined under the Risk Classifications should have all data encrypted now and not wait until the May 31, 2015 deadline.

As you may know, an Ad Hoc Faculty Committee on IT Privacy met last spring on a wide variety of information security issues and affirmed the importance of encrypting employee computers used for Stanford activities. When these systems are lost or stolen, it often leads to months of follow-up and remediation effort that could have easily been prevented if the systems had been encrypted. More than 16,000 University employee laptops and desktops are already encrypted (thank you!) via the Stanford Whole Disk Encryption (SWDE) service, which turns on the built-in encryption capabilities of both Macintosh and Windows computers. SWDE includes the University's systems management utility called BigFix, which also periodically verifies encryption status and collects other information regarding the device.

On rare occasions during the encryption process, we have seen disk failures occur. For this reason, as well as being a general best practice, you are strongly encouraged to back up your files before starting to encrypt. CrashPlan PROe provided by University IT is the recommended backup service and is widely used within Stanford, but your local IT group may provide other options. CrashPlan encrypts your backups for secure storage and also provides the option of setting a secondary password to ensure that only you can restore the files. 

For encrypting your computer, there are currently three options:

1. To make rapid progress toward the May 31, 2015 deadline, we are presently focused on encrypting the more than 15,000 computers with BigFix already installed that have native encryption capability but are not yet encrypted. For those SWDE-ready computers, users will soon be requested to initiate the encryption process, beginning with a short "(Stanford Device Identification") questionnaire that will appear on the screen as early as Aug. 12, 2014. In the subsequent days or weeks, the SWDE installer will ask to initiate encryption, which can be postponed until a convenient time. Campus IT support staff are familiar with the SWDE installation process and will assist as needed.
2. Users can download and run the SWDE installer at any time on their systems. SWDE will begin by checking the operating system and hardware configuration and will indicate if any update is needed. 
3. For those who would like to encrypt now without using BigFix or SWDE, you have the option of checking to see if your system is encryption-ready and activating the native encryption on your own. As a reminder, we strongly recommend backing up your files prior to encrypting.

On Macintosh systems, native encryption is entirely transparent once enabled. On Windows systems, the only noticeable difference will be the need to enter another password of your choosing upon booting. Some older Macintosh and Windows systems may need to be upgraded to be encryption-capable, and your local IT staff can help you in those cases. The Information Security Office has a process for you to request an exception from the encryption requirement for research computers that are not yet capable of efficient encryption. 

In the coming months, further communications about the University's encryption initiative will be sent, and utilities will be made available to easily attest the encryption statuses of your computers. More information about encryption is available at encrypt.stanford.edu, and help is available by submitting a HelpSU request. I urge you to encrypt soon as a supplement to the other information security best practices we have been recommending, including regularly patching your operating system and applications, backing up your files, choosing strong passwords and remaining vigilant for phishing attempts. Thank you for your continuing partnership in these efforts to protect Stanford's data as well as your personal information.

Kind regards,

Michael Duff
Chief Information Security Officer

Effective Aug. 1, the university will begin issuing Stanford ID cards with a new look. While the change will not affect those with existing cards, IDs issued to new employees and new students arriving this fall will look distinctively different. The changes have been made to ensure that the cards conform to Stanford's updated wordmark and visual identity system.

“Because this card appears slightly different from existing cards, we would like to make sure all campus departments and services are aware of the change, to limit confusion over the legitimacy of the new cards,” said Jay Kohn, director of card services.

For those who are eligible for the Go Pass, the new design accommodates space on the front of the card for that sticker.

ID cards with the old design remain in effect unless the card is lost or stolen. Replacement cards will continue to cost $20. When a replacement card is issued, it will reflect the new design.

ID Cards are issued by the Campus Card Office. For more information, visit the Campus Card Services website or call (650) 498-CARD or (8-2273).

New standards mean SUNet users can choose passwords that are short but complex, or longer and less complex. Most campus users will be prompted to update their passwords in the coming weeks.

View full article on Stanford News

Apple Inc. has released updates for Mac OSX 10.7, 10.8, and 10.9 to address a critical security problem. Stanford's Information Security Office recommends that you update your Mac OSX systems and iPhones, iPads, and iPod Touch devices as soon as possible to protect your personal privacy and security, as well as to protect the university's data.

On April 4, 2014, Mac OSX systems that are not up-to-date will have the update pushed to them automatically. Please restart the system to complete the installation. For instructions and additional information, visit the Secure Computing web site.

On April 14, 2014, compliance rules in MDM will be updated to no longer allow insecure versions of iOS 6 and iOS 7. Please update your device today.

For more information, go to securecomputing.stanford.edu.

The SLAC National Accelerator Laboratory (SLAC) has a unique relationship with Stanford University. Operated by the university under the programmatic direction of the U.S. Department of Energy Office of Science, SLAC is effectively an independent entity with its own governance, directives, and administrative infrastructure.

Over the last few years, SLAC has been looking to update its central administrative systems. As part of this effort, a project was undertaken in 2013 to integrate SLAC's payroll function into the central university payroll system. The goal: consolidate SLAC’s payroll administration and management of external benefits into Stanford’s PeopleSoft-based system.

The complex technical project involved months of careful planning and development, with close collaboration among AS, the Controller’s Office (Payroll), Human Resources Information Systems, and SLAC. The SLAC/Stanford payroll integration went live in December 2013.   

As a result of the project, SLAC takes advantage of the university’s more up-to-date implementation and standardized processes, while also eliminating the risks associated with operating its own in-house payroll. And SLAC employees now use the Axess portal to view pay statements and manage their direct deposit and W4 elections.

Contact Sameer Marella if you'd like to learn more about the SLAC Payroll integration.  

Ordering IT equipment and related services on campus got a lot easier in late 2013. That’s when IT Services (ITS) and AS rolled out a new IT ordering, fulfillment, and billing system.

Serving the Stanford community at large, the new OrderIT system significantly streamlines the IT ordering process with a user-friendly online portal.

With a simplified user interface, the new system drastically reduces the time (and training) required to place and process requests for IT equipment and related services.

Integration with Stanford’s financial systems and ITS order fulfillment systems ensures a seamless workflow for OrderIT transactions. Billing reports are available in Oracle Business Intelligence (OBI).

The mobile version of the new OrderIT, currently in development, will enable ITS technicians to complete work order assignments on the go. About 25 technicians are expected to use the system when it goes live in May 2014.

Curious about the new OrderIT? Visit the Ordering IT Services page for more information.

Apple has issued a security update for all iOS devices including the iPhone and iPad. University IT recommends that you apply this update. First, back up your device using iCloud or iTunes. Then go to Settings>General>Software Update and download and install to update your device.

In a letter to the Stanford community, below, Vice President for Business Affairs Randy Livingston provides an update on information security at Stanford and outlines new requirements for University employees. Deadlines are provided for implementing each of the new requirements.

Dear Colleagues:

Over the past several months, we have undertaken several initiatives to improve the security of Stanford's IT environment and protect the privacy of information stored on our systems. Thank you for your support in changing passwords and adopting two-step authentication.

To further improve information security and privacy, we will be requiring several additional steps for all University employees. These requirements apply to all University-owned laptops, desktops, smartphones, and tablets ("devices"); personally owned devices used on the Stanford Network; and personally owned devices that could be used to access Protected Health Information (PHI) or other High Risk Data. Other personally owned devices used at home or on the wireless Stanford Visitor network are encouraged to follow these mandates, but not required to at this time. Your organization may impose additional security requirements that you are required to follow. Exceptions to the mandated requirements are outlined at the end of this communication.

1. Windows XP Migration - Windows XP will no longer be supported by Microsoft after April 2014, and as a result, represents a significant security vulnerability. Approximately 2,500 Windows XP systems are currently used by University employees. Employees with Windows XP laptops or desktops must migrate to Windows 7 Enterprise or Ultimate, or Windows 8 Pro or Enterprise no later than April 8, 2014. The University now has a site-wide license with Microsoft whereby employees can download the latest operation system and application versions at no cost.
2. BigFix - BigFix is a program that ensures operating systems and other applications are patched with the latest security updates. More than 80 percent of employee laptops and desktops already have BigFix installed. All desktop and laptop computers are required to have BigFix installed no later than May 31, 2014. BigFix can be downloaded from the University IT website and installed directly by any Stanford employee.
3. Identity Finder - IDF is a program managed by BigFix that scans your computer files for personally identifiable information (PII) such as Social Security numbers and credit card numbers, and provides you or your IT support team with a report that allows you to delete PII that is unneeded. In a broad pilot program last spring, 15 percent of scanned systems had more than 500 PII records, and an additional 15 percent had between 100 and 500 records. Starting on Feb. 28, 2014, BigFix will install IDF and occasionally run in the background on your system, similar to a virus scan or file backup. No action is required on your part to run the program, but you will be notified if PII is found on your system, and you should then delete unnecessary files. Your technical support team will be able to assist you to ensure permanent deletion.
4. Encryption - All laptop, desktop, and mobile devices must be encrypted. If a device is lost or stolen, encryption ensures that a third party cannot access protected information, such as PII or Protected Health Information (PHI) that may be stored on the device. In addition, it provides the University a "safe harbor" with respect to legal requirements to report a breach of information stored on the device. We have learned that a stolen device may be determined after the fact to have PII/PHI even when the user believed there was none. Given this understanding, and the high incidence of PII found by IDF scans, we are requiring all devices to be encrypted with the following deadlines:
   1. All new laptops and desktops purchased with University funds must be native encryption capable and install Stanford's Whole Disk Encryption (SWDE) service immediately. Operating systems supporting native encryption currently are: Mac OS X 10.7 or later, Windows 7 Enterprise or Ultimate (TPM chip required), or Windows 8 Pro or Enterprise. Replaced systems must be relinquished upon receiving the new one.
   2. All iOS and Android mobile devices must install Mobile Device Manager (MDM) to encrypt the device no later than Feb. 28, 2014.
   3. All laptops and desktops that store or can access PHI in any manner must install SWDE no later than Feb. 28, 2014.
   4. All remaining laptops and desktops will be required to install SWDE by a specified date based on the number of PII records found by IDF. Systems with more than 500 PII records must install SWDE by July 31, 2014; systems with more than 10 PII records must install SWDE by Nov. 30, 2014; and all remaining systems must install SWDE by May 31, 2015.
5. File Backup - All documents, files, and custom programs relating to University activity must be backed up on a regular basis by a University or department managed service. File backup capability should be in place before SWDE is installed, and must be implemented for all devices no later than May 31, 2015. Stanford laptops and desktops typically store many years of important work products and enable our daily work. When devices are lost, stolen, or otherwise compromised, critical data can be irretrievably lost. When they are backed up, lost data can be readily recovered.

Your technical teams will receive additional details to aid in the implementation of these requirements by the dates specified below. In some instances your School or Department may have established earlier deadlines for completing the tasks outlined in this memo. Further communication will be forthcoming to department IT groups regarding security requirements for servers, and to student and postdoc populations regarding requirements for their devices.

Mandate Deadline Summary

EXCEPTIONS - A handful of laptop and desktop devices are used for complex computation purposes where these management tools might interfere with their effective operation. In addition, some devices are used to control scientific instruments and cannot be upgraded at this time. For these situations, you should request an exception. In addition, Linux systems, BlackBerry mobile devices, and Windows Phones are temporarily exempted until SWDE and MDM are available for these platforms. Until they are available, these devices should not be used to store, process, or transmit PHI or other High Risk Data without a formal exception.

Thank you for the steps that you and your organizations have already taken to increase our security standards. I appreciate your understanding and cooperation as we work together to protect both University data and personal information through the implementation of these best practices.

Sincerely,
Randy Livingston
Vice President for Business Affairs

Verizon customers: Verizon charges customers one month in advance for all services. For new lines of service, your first month's bill will be higher than future bills because Verizon includes both the current month's and next month's charges.

In a letter to the Stanford community, Vice President for Business Affairs and Chief Financial Officer Randy Livingston provides an update on the recent breach of Stanford's information technology systems and offers recommendations for maximizing one's own computer security.

Members of the Stanford Community:

I’m writing to you today to outline steps that the University is considering to make our network more secure in light of the attack on Stanford’s information systems infrastructure that occurred last month.

Background

In late July, Stanford discovered that an unauthorized party or parties gained access to a portion of its information systems infrastructure. The attack appears to have been launched from an overseas location and was similar to foreign state-sponsored attacks reported in recent months by many large organizations in the United States. The purpose of the attack remains unclear, although data security experts suggest that these kinds of attacks are aimed at capturing intellectual property that could have commercial and economic value to the intruders' country. The intruders may also be interested in tracking activities of their overseas citizens. Universities are increasingly the focus of these intrusions, as reported by The New York Times in its July 16 article, “Universities Face a Rising Barrage of Cyberattacks.”

Upon discovery of the attack, as a security measure we sent a notification to all employees and students directing them to immediately change their passwords. While our investigation is continuing, we believe the attackers gained access to all Stanford SUNet ID account usernames and a “hashed” version of the passwords. The hashing algorithm converts a password into a different string of characters. While this hashing of passwords disguises the original password, hackers have the capacity to decipher simpler and shorter passwords. Though Stanford has no evidence that the hashed versions of the passwords were deciphered, Stanford is notifying all SUNet ID account holders of that possibility.

At the present time, we have no evidence that personal information — other than usernames and hashed passwords — has been accessed, but this is an ongoing process and we are continuing to investigate. Stanford has retained experts to assist us in this investigation, and we continue to work with law enforcement as well. As the Times and others have pointed out, cyber-intruders are persistent in their attempts to gain access to information systems and are very good at covering their tracks. We will continue to update the community and take action as information develops.

New security measures underway

To better protect Stanford assets and our information — including University data as well as personal information — additional security protections are being adopted to meet the ever-increasing threats of attacks. These safeguards will result in some inconvenience to users, but please be assured they are being implemented to improve our overall security.

One of the first measures will be to implement two-step authentication. When logging into certain Stanford applications like Axess or Oracle, in addition to their user names and passwords, users will need to input a second factor or means of identification. Users can learn more about two-step authentication and voluntarily begin using it by going to the Accounts page on the Stanford website. Click “Manage,” then click “Two-Step Auth” and follow the instructions. To date, more than 3,000 SUNet account holders have begun using this security feature. In the coming weeks, two-step authentication will become mandatory for accessing certain critical applications.

In addition to two-step authentication, Stanford is also taking steps to improve and enhance the security of its core infrastructure systems.

It is important to recognize that the hackers of today are very sophisticated. We cannot assume that new procedures, passwords, and security enhancements fully eliminate their continued presence. It may take several iterations of security improvements over some period of time to regain confidence in the security of the network.

Cooperation from users is essential

While we have no evidence that personal information — other than usernames and hashed passwords — has been accessed, the University is encouraging all users of Stanford’s computer network to be increasingly vigilant regarding their online activities. Cooperation from the University community will be essential, and everyone — staff, students, and faculty — will need to take more personal responsibility for the security of user devices and confidential information.

Users should, at a minimum, take the following steps to protect themselves and the University:

• Change passwords regularly, both for University connectivity and for personal use — financial, health, etc. For any personal accounts, use passwords  that are different from your SUNet password.
• Follow protocols to make passwords more difficult for an unauthorized user to determine, including using capital and lower case letters as well as numbers and symbols. The longer and more complex the password, the safer it is.
• Be aware of efforts by outside parties to gain access to passwords and personal identification information. This begins with understanding and recognizing “phishing” attempts. A phishing attack is the practice of attempting to obtain your user name and password or other confidential information, typically by sending an email that looks as if it is from a legitimate organization but contains a link to a fake website that replicates the real one. Phishing attacks have been increasing and are more sophisticated than ever.
• Turn on the native encryption capability provided by recent versions of Mac OS X (versions 10.7 and newer) and Windows 7 (Ultimate or Enterprise edition) or Windows 8 (Professional or Enterprise edition) and through Mobile Device Manager (MDM) for iOS devices (versions 5.1 and newer) and compatible Android devices (Android OS version 4.0 and newer). Talk to your department’s IT contact for guidance as to the procedure for turning on that capability.
• View the information security awareness video on the Accounts site referenced earlier.

As many employees have multiple devices that are linked into the Stanford system, use best practices for securing not only your University-issued devices but also your home computer and personal mobile devices.

Moving forward

Further investigatory work — systems diagnostics, intensive activity monitoring, and working with law enforcement — is helping us understand more specific details of the attack on our system. Much of this work must remain confidential as it is helping to identify further steps that the University can take to protect and ensure the security of its systems and data.

As has been the case with other organizations that have experienced similar intrusions, efforts to ensure that Stanford’s infrastructure is free from compromise will be measured not in days or weeks but in months. The sophistication and persistence of these kinds of intrusions, combined with the complexity of the University’s data and information systems, create challenges that make the securing of those systems a painstaking process.

Thank you for your support and understanding. We will keep you updated on our progress.

Sincerely,

Randy Livingston
Vice President for Business Affairs
Chief Financial Officer

Stanford's 122nd Commencement in June launched more than 3,300 graduates into the world, ready to make their mark and make a difference.

While students prepared for the Wacky Walk, they were likely unaware of the frenzied work going on behind the scenes to make it happen.

The weeks leading up to commencement are an intense period of feverish activity for the entire university as faculty and administrators rush to process final grades and transcripts.

This work puts a significant load on the university’s information systems, and during this period AS works around-the-clock to keep these systems humming.

Staff from several practice areas within AS provide extended on-call coverage, with employees standing by evenings and weekends to address any potential system issues or questions. Daily standup meetings and hourly email check-ins with key business office stakeholders ensure consistent awareness of current systems status.

These efforts, combined with standard operating procedures, ensure a stable computing environment to support a smooth Commencement (and a happy Wacky Walk).

Contact Sameer Marella for more information.

Ready for the next-generation reporting tool at Stanford?  

The Payroll and Labor Expense Management (PLM) reporting system is preparing to make its campus debut.

The multi-phased PLM project seeks to create an ad hoc payroll and labor reporting environment in OBIEE (Oracle Business Intelligence Enterprise Edition) that combines data from both PeopleSoft and Oracle.

This represents a significant accomplishment. End users gain the ability to create and manage their own custom reports in payroll and labor areas such as leave, timecard reporting, labor schedules, payroll adjustments, etc.

 More than 20 interactive reports will be released to end users campus-wide in early August. Similar to the reports generated in ReportMart3, the new reports will feature area-specific security to facilitate distribution to a wider campus audience. 

Contact Vijay Gandra for more information about the PLM project.

As a precautionary measure in the wake of an apparent breach in its IT infrastructure, Stanford University is asking all SUNet ID holders to update their passwords. Go to accounts.stanford.edu and click Manage, then select Change Password. We also encourage your to turn on Two-Step Authentication, available on the same page on the Two-Step Auth tab. This will require a single-use code in addition to your password for access to campus systems. Also, please be vigilant for unusual activity in systems that may signal unauthorized access. The investigation is ongoing and we will keep you updated as new information is available.

All services previously ordered in the old ordering system moved to the new OrderIT on May 8, 2013. To learn about service ordering, see orderithelp.stanford.edu.

The current model for faculty and academic staff appointments at Stanford might be described as inconsistent — and also perhaps a little bit archaic. Seeking to streamline and automate the faculty and academic staff appointment process, the Faculty Affairs Office has joined forces with Administrative Systems to collaborate on an integrated appointment management system for use by all the schools. 

The centralized system will help reduce appointment processing time, improve accountability and compliance with University policies, and facilitate coordination with Faculty Affairs and Human Resources.

The first phase of this 12-month project is underway to build the necessary platform and processing for the Professorial Amendments process, which will allow users to make changes to professional appointments online.

AS is partnering with the Dean of Research and several schools on the business requirements for the project, including the professional schools (Business, Law, and Medicine) and the Schools of Earth Sciences, Engineering, and Humanities.

Technical design and development are in progress, and the first phase is expected to go live in Spring 2013.

Contact Sameer Marella for more information about this project.

In Summer 2012 AS worked with the Graduate School of Business (GSB) to virtualize and migrate many GSB application services (including both administrative and academic applications) to the AS virtual farm.

AS leverages virtualization and low-cost, high-performance storage solutions (based on VMware and NetApp technologies) to provision and manage the servers that run AS (and now GSB) applications.

Moving to this infrastructure enabled the GSB to both modernize its systems and reduce associated maintenance and support costs.

"The biggest thing is that we migrated several of our hardware systems to virtual servers," said David LeVine, Information Technology Operations Services Manager at the GSB. "That was a big win for us because a lot of these systems were end-of-life or approaching end-of-life."

The technology also enabled AS to migrate the GSB systems "as-is"— no additional application reconfiguration required — and with minimal downtime. 

"It was a fairly seamless transition," LeVine said. "There is always a hiccup here and there, but overall we are satisfied with the end result."

Based on the success of this project, the GSB and AS have moved forward with a second phase to deploy new applications and transform the recently migrated "as-is" systems to more fully leverage AS infrastructure.

Contact Armand Capote for more information about AS infrastructure and virtualization.

The Human Resources Metrics Dashboard, an online tool that tracks HR data, was launched last fall for senior leaders and HR managers.

The dashboard presents HR data in a consolidated view that includes dynamic displays such as charts and graphs.

The visual presentation of this complex data streamlines workforce planning and analysis by allowing users to drill down on the displays to their desired level of detail.

The dashboard represents the first phase of an effort to move HR data and information delivery to Stanford's new Oracle Business Intelligence Enterprise Edition (OBIEE) reporting environment.

Further enhancements to the dashboard are planned for FY13, and will include the conversion of HR's ReportMart1 reports to OBIEE, and the creation of an ad hoc report/query tool. These reports will feature area-specific security, facilitating their distribution to a wider audience.

Contact Vijay Gandra for more information about the HR Metrics Dashboard.

The business process for sponsoring SUNet ID changed on April 2. Previously, it started with the person who needed a SUNet ID, but now the sponsor begins the process. Learn more and try the new system today.

AFS disk quota has increased to meet campus needs. Individual user quota went from 2 to 5 GB, group quota from 500 MB to 4 GB, department quota from 2 to 4 GB, and class quota from 1 to 2 GB.

Over the winter closure, University IT upgraded to CS Gold 6. Building managers can access the new version at csgoldweb.stanford.edu. 

Most University IT units will close on Friday, December 21 at 5 p.m. and re-open Monday, January 7 at 8 a.m. More information at itwinterclosure.stanford.edu.

Google Apps at Stanford is now available for all Stanford University faculty, staff and students. More information at googleapps.stanford.edu.