Save this Spring with BU’s Computer Standards

April 24th, 2012 in Featured, News

BUMC Information Technology, in cooperation with Sourcing & Procurement, is pleased to announce the Spring 2012 computer bulk buy initiative.  When you participate in these bulk purchases and leverage the buying power of the entire University, your department saves on its notebook and desktop purchases from Apple and Lenovo.

Please note: the deadline to place your order for the Spring 2012 bulk purchase is
Friday, June 1, 2012. Read on to find out how to take advantage of this opportunity!

New for Spring 2012

All Lenovo Think series systems now come pre-installed with a standardized BU image, created by BUMC IT and Lenovo. This image streamlines deploying and maintaining computers on campus. The BU image includes Windows 7 Enterprise, Microsoft Office 2010, McAfee Antivirus, Adobe Reader X, IE 9, and Firefox 11. Click here for a complete list and more information.

How to Participate

Place your order for BUMC IT Recommended Standard Configurations by using our hosted catalog in BUworks!

Click HERE to view or order standard configurations.

Don’t forget to consult with your IT support representative before ordering.

Details and Benefits

The Spring 2012 bulk buy is part of Boston University’s PC and Apple Standards initiative. Standardization lowers the total cost of ownership through reduced support costs and encourages collaboration and efficiency between all BU IT support staff.

Based on your feedback, the models offered were carefully chosen and configured to bring you:

• Cost Savings
• Quality
• Sustainability
• Extended Warranty Support

Please remember that to participate in the Spring 2012 bulk order and take advantage of the special pricing, your BUworks shopping cart must be fully approved within SAP by Friday, June 1, 2012.  Items will ship as available prior to June 1, so the sooner you order, the sooner you will receive your new product.

Thank you for your continued support!

BUMC IT and Sourcing & Procurement

BUworks Employee Learning Solutions Website Successfully Upgraded

April 9th, 2012 in News, Service Outage

As communicated last week, The BUworks Employee Learning Solutions website was successfully upgraded over the weekend and is now available. I invite you to visit our new site and take advantage of the improved search capabilities and streamlined BUworks support materials. The upgrade included:

• New Portal Design – The Employee Learning Solutions website has a new simplified design and a new folder structure making it easier to browse and locate materials.
• Improved Search – Work Instructions and Quick Reference Guides can be located by searching on a keyword or transaction code and are now accessible directly from within an SAP transaction.
• Simplified Work Instructions – Support materials have been condensed and simplified allowing you to choose the level of detail you need to complete a transaction in SAP.

Click here for information on accessing online help.

We will continue to work on improving your learning experience. If you experience any issues with website or support materials, please contact the IT Help Center at ithelp@bu.edu or 617-353-4357.

Workaround for UIS Issue in Firefox

April 4th, 2012 in Incidents, News

UIS will not work if you have any Java version after v23 installed. Recently, Firefox blocked the use of the old Java plugin and many users have recently been experiencing issues accessing UIS in Firefox.

If you have the most up-to-date version of Firefox and cannot access UIS, you can follow the instructions below to workaround this issue:

1. Go to https://addons.mozilla.org/en-US/firefox/addon/ie-tab/
2. Click “Add to Firefox” and wait for the file to download.
3. Click “Install Now” (it might take a couple minutes for Install Now to show up)
   
4. Click the button to restart Firefox
   
5. Right click anywhere in empty space in the bar where your webpage tabs are and click “Customize”
6. Scroll down until you see “IE tab.”
   
7. Click the IE Tab and drag it up next to your address bar.
   
8. Click the IE Tab icon every time you go on UIS in Firefox and it will display UIS in an IE tab.

If you have any questions, please contact the Service Desk at (617) 638-5914 or bumchelp@bu.edu.

PLANNED OUTAGE- BUworks Employee Learning Solutions

April 4th, 2012 in News, Service Outage

The BUworks Employee Learning Solutions website will be offline from Thursday, April 5, 4:00 p.m. through Monday, April 9, 8:00 a.m. as we perform planned system upgrades and introduce improved online help capabilities. During this outage you will not be able to access online work instructions, quick reference guides or simulations. Additional information on new online help and updated support tools will be communicated early next week. If you experience any issues after the system is restored, please contact the IT Help Center (Charles River Campus) at ithelp@bu.edu or 617-353-4357.

NEW! iOS Quick Config

April 2nd, 2012 in News

Users can quickly configure iOS devices for BU e-mail (Exchange or Gmail), VPN (BUMC and/or Charles River Campus) and WiFi from their device in seconds! Simply open this link or scan the QR code below on your iOS device and download the appropriate configuration file to your device.

Outlook/Exchange update – free/busy information shared with BMC for scheduling meetings

April 2nd, 2012 in News

You are now able to more effectively set up meetings with members of the BU Charles River Campus (CRC), Boston University Medical Campus (BUMC), and Boston Medical Center (BMC) community whose email is on a BU or BMC Exchange server.  This feature was always available to you, but you could only see free/busy information of others at BU.   The update allows you to view this information for many more individuals.

When creating a meeting request, click the “To…” button, add individuals from the Global Address List (BMC individuals are indicated by the person icon with a globe next to it).  After adding, click the scheduling assistant tab and you will see free/busy information for your invitees.  This will allow you to avoid sending a meeting invite for a time the recipients have marked busy or away.  Please note that you cannot see details about their calendar, only free/busy information.  For more information on how to schedule meetings in Outlook, please visit http://office.microsoft.com/en-us/outlook-help/schedule-a-meeting-with-other-people-HP010354402.aspx.

Should you have any questions, please contact your IT provider:
For individuals with BU email: BUMC IT Service Desk at 8-5914 or www.bumc.bu.edu/ithelp
For individuals with BMC email: BMC ITS 4-4500 or internal.bmc.org/its/

Security Alert for Microsoft Windows Users and VPN Required for RDP

March 26th, 2012 in Information Security, News

(View the original post from IS&T here)

Summary

Action Required for all Microsoft Windows Users:

1. If you are running Microsoft Windows and you do not have it set to Automatically Update, you should run Windows Update immediately.  See instructions at www.bu.edu/tech/desktop/virus-protection-security/safe-computing/autoupdate/ and confirm that you have the correct patches using the instructions below on this page.
2. If you do have Automatic Updates turned on, you should have received the patch last Tuesday and you are all set – no further action is required toward installing it. You can confirm that you are updating automatically by following the instructions at www.bu.edu/tech/desktop/virus-protection-security/safe-computing/autoupdate/.
3. If you use Microsoft Windows Remote Desktop (RDP) to connect to a BU computer from outside of BU, you will need to connect to the VPN prior to connecting via RDP – login at http://vpn.bu.edu.
4. If you have set up your system to allow remote access, or if you run a server, see the additional instructions below.

Details

The Problem:

On Tuesday, March 13, Microsoft announced that a critical vulnerability had been discovered in all versions of Windows from XP and up.  This vulnerability affects the Remote Desktop (RDP) feature of Windows.  RDP allows a remote user to connect to the computer and the vulnerability may allow even an unauthorized person to do so.

The Impact:

An exploit has already been released that will cause a Blue Screen of Death on Windows 7 and a Denial of Service on Windows XP.  It is expected that another exploit will soon be released that will allow an attacker to have complete control of the computer.  After that, the next expected step is that a self-replicating worm will be released that will automatically jump from host to host, granting the attacker access to the system and taking any other action the attacker may wish.

The Solution:

Microsoft has released a patch for this vulnerability.  See below for details on installing it.

What IS&T and the IT Partners are doing:

• IS&T and the IT Partners have been working to install this patch on the servers at BU.
• Due to the serious nature of this vulnerability, IS&T will be blocking RDP access at the BU firewall within the next few days. This block is necessary because it is common for people to disable the automatic update functionality.  It can reasonably be expected that many systems will remain unpatched for an extended period of time.  If we take no action to block access to RDP through the firewall, exploit code could significantly impact the stable operation of computers at BU or otherwise compromise BU operations or protected information.  (For reference, as of Monday (3/19) there were over 3000 computers at BU that had RDP up and operating.)

Related Instructions

If you never use RDP…:

• If you do not need to use RDP, you can disable it.  Instructions are provided below.
• If you do need to use RDP, please follow the security best practices published by IS&T:
  http://www.bu.edu/tech/security/protect/bestpractice/remote-desktop/
  Best practices include moving RDP away from its standard port to some other port protected by the BU Edge Firewall.

If you are running a server:

• Patch information can be found here: http://technet.microsoft.com/en-us/security/bulletin/ms12-020
• If the system cannot be immediately patched, please see this page for an alternative “fix it” option:http://blogs.technet.com/b/srd/archive/2012/03/13/cve-2012-0002-a-closer-look-at-ms12-020-s-critical-issue.aspx

Confirm that you have the correct patches:

Windows 7

1.       Go to Start -> All Programs -> Windows Update -> View Update History and confirm that KB2667402 and KB2621440 are installed

Windows XP

1. Go to Start -> Microsoft Update -> Review your update history
2. Confirm that KB2621440 is installed

How to disable RDP if you don’t use it:

Windows 7

1. Go to Control Panel, click System And Security, and then click System.
2. On the System page, click Remote Settings in the left pane. This opens the System Properties dialog box to theRemote tab.
3. To disable Remote Desktop, select Don’t Allow Connections To This Computer,
4. Also uncheck the  Allow Remote Assistance box as shown below and then click OK

Windows XP

1. Click System in Control Panel.
2. On the Remote tab, clear the Allow users to connect remotely to your computer check box, and then click OK.

UPDATE: Symantec Releases Patch for pcAnywhere

February 2nd, 2012 in Incidents, Information Security, News

Last week, Symantec said it was unable to predict when it would complete its patching of pcAnywhere, citing the unpredictability of its investigation and the creation of the necessary fixes.  However, they have now released an update that addresses the security issues we reported earlier this week.  We therefore will not be implementing an inbound filter to 5631/TCP, 5632/UDP on Sunday 2/5 as previously mentioned.

The updates can be manually downloaded from Symantec's website, or customers can use pcAnywhere's built-in updating service to retrieve and install the patches.  http://www.symantec.com/business/support/index?page=content&id=TECH179960

Modena also confirmed that customers running versions of pcAnywhere prior to version 12.0 will be offered a free upgrade to 12.5.  "If requested, Symantec will honor an update to version 12.5 for the customer.”

Warm Regards,

-IRT

Information Security Incident Response Team, Information Services & Technology
Boston University
T(617)358-1100
F(617)353-6260
irt@bu.edu

Security Issue with pcAnywhere

January 30th, 2012 in Information Security, News

Security Alert – Due to a security issue with pcAnywhere, we plan to create a new rule to block in bound traffic to ports: 5631/TCP, 5632/UDP.  This rule will go into effect on Sunday, 2/5.

If you are using pcAnywhere, please read this message in its entirety.

In a white paper released on 1/23, Symantec revealed that  proprietary source code for current versions of its pcAnywhere software were stolen in 2006 and that all users are at risk of attack and should disable the product.

Symantec, in their official report on this event, provides this statement:  “Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks.“

What you should do:

• For any system that contains Restricted Use information, pcAnywhere must be disabled and alternatives sought.  (For a definition of Restricted Use information, please see the Data Classification Guide, part of the Data Protection Standards: http://www.bu.edu/infosec/policies/data-protection-standards/)
• For any other system where you are using pcAnywhere and where an alternative solution will work, you should switch to the alternate solutions.  Some possible solutions include:
  1. Windows Remote Desktop (see http://www.bu.edu/tech/security/protect/bestpractice/remote-desktop/ for details)
  2. GotomyPC (security has not evaluated this product and it does have a price tag, so this is not a specific recommendation of this product, but simply an alternative if Remote Desktop will not work)
  3. Avoid RealVNC.  It is known to have significant security issues.
• Where you (1) have a business critical function (2) on a system not containing Restricted Use information and (3) pcAnywhere is the only solution that will work for that function, you may continue to use it provided you do the following:
  1. Upgrade to the latest version
  2. Update your pcAnywhere configuration as recommended in the white paper from Symantec in the “pcAnywhere Security Best Practices” section, beginning on page 5
  3. Set up your pcAnywhere connection to use different authentication credentials than you use for any other BU system
  4. If you are outside of BU, Connect to BU via VPN prior to establishing the pcAnywhere connection
  5. Monitor Symantec’s site for further security information and updates

What we will be doing:

• As recommended by the vendor, we will be writing a new rule to block traffic coming in to BU using the standard pcAnywhere communication ports: 5631/TCP, 5632/UDP.  This rule will go into effect on Sunday, 2/5.

References:

• The story as told by Sophos
• The story as told by Techspot
• The white paper from Symantec

BUMC Director of IT Announced

January 1st, 2012 in New Hire, News

Tracy Schroeder, VP for Information Services & Technology, and I are delighted to announce that Robert Sprinkle, MS, will become the new Director of IT for BU Medical Campus, effective Jan. 3, 2012.

Most recently, Bobby served as the Sr. Director of IT Research Informatics and Systems at NYU Langone Medical Center in New York where he was responsible for information technology systems that supported bioinformatics, clinical research, basic/translational science and education. Prior to that appointment, Bobby served in a number of positions at the Moffitt Cancer Center, Tampa, Fla., including Supervisor of Computational Biology, Manager of Research IT Systems, Director of Research IT and Interim Co-CIO.

Bobby holds a master of science in management information systems and a bachelor of arts degree in history from the University of South Florida.

Please join us in welcoming Bobby to Boston University and to the BU Medical Campus.

Karen Antman, MD
Provost, Boston University Medical Campus
Dean, School of Medicine
Professor of Medicine