Tag Archives: Security

Compromised Account Process

I have made some minor updates to the documentation for the compromised account process. Please review:

https://oregonstate.teamdynamix.com/TDClient/KB/ArticleDet?ID=23358#2.7

The main points are:

  • Set the TD form to “Compromised Account”.
  • Ask the customer how they were compromised and record that in the “How Compromised” field (if they know).

I have also updated the ticket triage steps to refer to this section for processing compromised account tickets.

Service Desk Digest – 10/18/2017

CPHHS Share Migration Tonight

Tonight starting at 7pm, the CPHHS home and share folders will be moved to the following new paths:

  • \\cphhs.sig.oregonstate.edu\CPHHS_Home
  • \\cphhs.sig.oregonstate.edu\CPHHS_Share

Customers were notified via email Monday and today, and were advised to close all files and either log off or shut down their computers before the end of the day today.

Windows users should automatically reconnect to the correct paths. Mac users will need to click on Go – Connect to Server and enter: cifs://cphhs.sig.oregonstate.edu

ID Badges

Please wear your ID badge at all times while on shift. This helps identify you as a Service Desk employee. Thank you!

Reminder about Account Security

It came to my attention recently that a Service Desk technician told a customer to get someone else’s password.

This is not okay. We should never ask a user to give us their ONID/OSU password, and should not ask users to give their password to anyone else.

Upcoming Events

Trick-or-Treat Tour – on Tuesday, October 31st at 3pm-5pm, the Service Desk Walkup will be visited by participants of the Family Resource Center Trick-or-Treat tour.

Costumes would be awesome, but of course are not required. Please keep it G-rated for the kiddos.

Service Desk Digest 5/16/2017

Student Meeting on 5/18

Most of you are scheduled to attend a mandatory meeting this Thursday from 5PM-7PM. We will record the meeting so that anyone who is not able to attend can catch up later. Food will be included (pizza).

The agenda so far includes the following:

  • Richard Turk – Computer lab support overview
  • Chris Evans – Beaverprint overview and troubleshooting
  • Nathan Power – Citrix XenApp overview and troubleshooting
  • Jason Appah – Exchange troubleshooting and road map
  • Josh Crowl – Wireless network troubleshooting
  • Andrew Wheeler – IS and Client Services strategic plan and direction
  • Max Cohen – Time off and scheduling procedures
  • Kirsten/Max/Andrew – OSU-Cascades tier 1 support
  • Jeff Bonnichsen – Reminders about ticket updates, professionalism
  • Kirsten/Max – Congratulations to graduating students

Appointment Ticket Troubles

Pat has been reviewing all on-site appointments and has been seeing the following issues repeatedly. Please make sure you are following proper process when creating appointments:

  • Ticket type still set to service desk / intake. This should be set to the type appropriate for the appointment.
  • Responsible not set for field technician. Responsible needs to be set so on-site techs can find their tickets.
  • Calendar notes field void of ticket # or ticket URL. On-site techs need these details so they can prepare for appointments.
  • Requested placement time (length) doesn’t match calendar appointment length. This can lead to problems with overbooking. Please pay attention to the placement time notes in the ticket.

Steps to create an appointment are outlined here. If you need a refresher, please talk to Pat or Robin.

LAN Party Finals Week

The next LAN party will be Friday, June 16 at 6:00PM in the Milne Computer Lab.

If you would like to contribute towards pizza, please see Kirsten.

If you have questions about what games we will be playing or what tech to bring, talk to Thomas.

Security Items

If you are not familiar with common strategies for account phishing and identity theft, please read up. I will provide some training materials shortly.

We have had a handful of incidents recently where a Service Desk technician gave really bad advice to a customer. Please be aware of the following common issues:

  • Tech Support Scam. A customer is directed to call a support number due to vague “security problems” on their computer. The person on the call wants to remote into their computer and install software. THIS IS A SCAM. They may be attempting to compromise the person’s computer, gain access to their data, or encrypt their data in a ransomware attack. If a customer asks about an attack like this, tell them it is likely malicious, and not to call the number. If they allowed someone to remote into their machine, help them check for malware. If they are a CN customer, make sure to ask first if they handle PII (Personally Identifiable Information) such as credit card numbers or social security numbers.
  • Account Phishing. If a customer has received an email telling them their account is going to be deactivated unless they take some action, help them review the email. If it does not look like a notice from the ONID system, and/or directs them to a website that is not at OSU, it is most likely a PHISHING ATTEMPT where an attacker attempts to gain access to their account, usually to send spam and more phishing email.  A good technique is to mouse over any links in the email and wait for the URL to pop-up – it is is not an oregonstate.edu URL, they should not click on it. This is a good technique to train customers on.
  • If Unsure, Change the Password. As our CIO Lois Brooks said, if someone is asking whether they should maybe change their password, we should tell them to change their password. If a customer has clicked on a suspicious link and then provided their username and password, help them IMMEDIATELY CHANGE THEIR PASSWORD.  Please also ask them for details about the phishing attack and record that in the ticket. Notify ONID Support of the potential compromise so they can check the account to see if there is any suspicious activity such as open connections from another country.

Client Services Code Moved to GitHub Enterprise

Our code repositories are moving (have moved?) to an IS-wide GitHub Enterprise account. If you have questions, please ask in #sd-development on Slack.

Restricted Groups in Active Directory

For some groups we manage for CN customers, the customers have indicated they do not want us to make any membership changes without explicit approval from the group owner. In the past, we have had a few issues were we made changes to these groups anyway, without the customers’ permission.

To avoid this problem, the naming convention for these restricted groups has been changed to: RESTRICTED-Name-RESTRICTED

If you are asked to make a change to a group with this naming convention, please check the notes on the object. If you are unsure what to do, please check in with a full-time staff member.

Out-of-Order in the Computer Labs

If an item in one of the computer labs is out of order, please do the following:

  • Post an “Out of order” sign
  • UNPLUG THE DEVICE (otherwise helpful customers will turn it back on)
  • Make a ticket with Responsible set to Campus Labs
  • If urgent, post in #is-campus-labs on Slack for assistance