MyLU Insider

Technology

Category: Technology

Viking Gold: Now Add Funds Online

Students can now add funds to their Viking Gold balance using a credit card!  Even better, parents or anyone else, can also add funds to your Viking Gold account for you.

This can be done anytime and the funds are available immediately. There is no service fee.

  1. From Voyager go to Student Services – Add Viking Gold with a Credit Card or visit http://go.lawrence.edu/VikingGold.
  2. Click the Sign-in button and login with your Lawrence username and password
  3. Click Add Money from the Viking Gold box.
  4. Follow prompts to add funds via credit card.

To have someone else add funds to your Viking Gold account have them visit http://go.lawrence.edu/VikingGold and click on the “Make a guest deposit” button.   They just need to know your last name and your Lawrence University email address to complete the process.

Note: For your convenience, Viking Gold can also be used at most vending machines,  laundry rooms and the new vending kiosk in the Conservatory.

Viking Gold Updated

Students can now add funds to their Viking Gold balance using a credit card!  Even better, parents or anyone else, can also add funds to your Viking Gold account for you.

This can be done anytime and the funds are available immediately. There is no service fee.

  1. From Voyager go to Student Services – Add Viking Gold with a Credit Card or visit http://go.lawrence.edu/VikingGold.
  2. Click the Sign-in button and login with your Lawrence username and password
  3. Click Add Money from the Viking Gold box.
  4. Follow prompts to add funds via credit card.

To have someone else add funds to your Viking Gold account have them visit http://go.lawrence.edu/VikingGold and click on the “Make a guest deposit” button.   They just need to know your last name and your Lawrence University email address to complete the process.

Note: For your convenience, Viking Gold can also be used at most vending machines,  laundry rooms and the new vending kiosk in the Conservatory.

Viking Gold Update

Faculty and Staff can now add funds to their Viking Gold balance via Voyager or by visiting http://go.lawrence.edu/VikingGold!

This can be done anytime and the funds are available immediately. There is no service fee.

  1. From Voyager go to Employee Services – Manage Viking Gold Funds or just visit http://go.lawrence.edu/VikingGold
  2. Click the Sign-in button and login with your Lawrence username and password
  3. Click Add Money from the Viking Gold box.
  4. Follow prompts to add funds via credit card.

Note: For your convenience, Viking gold can also be used at most vending machines on campus.

Do you ever want to put a face with a name? Add your photo to outlook!

With many new faces on campus, we want to ensure everyone has a chance to not only meet in person, but to know who you are through your Outlook profile picture.  Please take a few minutes to upload your picture by following the instructions below.

To begin you must first have a photo saved somewhere on your computer (personal network space/desktop).

For Windows or Apple device users:

  1. From Webmail, https://lumail.lawrence.edu/
  2. At the login prompt login with your Lawrence username and password
  3. From the top right corner, click the Gear icon.
  4. Click Options from the drop down list
  5. From the left edge, click General-My Account
  6. Click on the round image icon
  7. Click on Upload photo
  8. Navigate to the location of where your photo is store, select it and click Open/Choose.
  9. Click Save (top right-hand corner)

If you have any questions or need assistance, please contact the Help Desk.

Graduating this June? If so, read this about your Lawrence accounts.

If you are graduating this June the below information is for you. Technology Services wants to let you know that your Lawrence accounts (email, campus share and Office 365’s OneDrive) will close as of Thursday, Aug. 31.  Your Voyager account will remain active, but you will need to access it differently. See the below information on how your accounts will be affected by your graduation from Lawrence.

Lawrence account changes:

Voyager access after graduation: Upon graduation, you will no longer be able to access Voyager with the username and password that you used as a student. The first time you access Voyager as an alum from off campus, you will need to create a new password for your Voyager account. Please refer to the instructions below to create your Alumni Voyager password.

  1. Go to https://bannerweb.lawrence.edu
  2. Choose the button titled “Alumni, Academy of Music, Everyone else” in the User ID field, enter your Lawrence ID number or a personal email address that is on file with Lawrence.
  3. Choose the “Forgot PIN / Reset PIN” button
  4. At this point, you will have the option of answering your security questions to set a new PIN or you can choose to have a new temporary PIN sent to your personal email address on file with Lawrence.

Email: Your Lawrence email account will close with your graduation from Lawrence. If you desire to keep your Lawrence emails or contacts you will need to move them to another account. For instructions on how to move your email please see: Lawrence Email to your Personal Email Account. Also please notify your contacts of your new email address.

Files and Documents: Documents currently saved on Office 365-OneDrive or your personal network space will be deleted. If you want a copy of your documents you must copy or move them to your personal computer or some other storage device.  NOTE: Documents saved on the Lawrence network (personal space or campus share) must be copied/moved while you are still on campusIt is your responsibility to make copies of any documents you wish to save before your account closes on Thursday, Aug. 31.  Any data left on the network after Thursday, Aug. 31 will permanently be deleted.

Special Note to Student Teachers:
Student teacher accounts stay active through student teaching assignments. If you are registered for “student teaching” next year, your account will remain active for two weeks after your assignment end date.

Technology Services recognizes this is a busy time for you; please take the time to save your important data and move any emails you want to keep before Thursday, Aug. 31.  If you have any questions, please contact the Helpdesk at 920-832-6570 or send email to helpdesk@lawrence.edu.

 

Cloudflare “Cloudbleed” Information Disclosure

Technology Services is closely monitoring an unfolding and wide-reaching security disclosure from the internet content delivery company Cloudflare. The underlying incident — dubbed “Cloudbleed” — potentially exposed sensitive information from internet sites that used Cloudflare during the period of September 22, 2016 through February 20, 2017.

Lawrence does not use Cloudflare, so Cloudbleed affects none of the university’s sites and services like the Lawrence website or Voyager. We are not aware of any impact on third-party service providers who work with Lawrence at this point.

Because Cloudflare serves over 2 million websites, it is possible that you will receive notification from sites and services you use if those services determine that any private information leaked because of Cloudbleed. Compared to other breaches, bugs, and vulnerabilities over the past year, Cloudbleed appears to be a mostly low risk to individual users. Fully understanding the coverage from media outlets can be difficult, but security researcher Ryan Lacky provides good advice for individuals who are concerned about what Cloudbleed means for them:

From an individual perspective, this is straightforward —the most effective mitigation is to change your passwords. While this might not be necessary (it is unlikely your passwords were exposed in this incident), it will absolutely improve your security from both this potential compromise and many other, far more likely security issues. Cloudflare is behind many of the largest consumer web services (Uber, Fitbit, OKCupid, …), so rather than trying to identify which services are on Cloudflare, it’s probably most prudent to use this as an opportunity to rotate ALL passwords on all of your sites. Best practice is to use a long random string for each password, unique for each site, and to manage that collection using a “password manager”, such as 1Password, LastPass, or the built-in password managers in modern web browsers. Users should also log out and log in to their mobile applications after this update. While you’re at it, if it’s possible to use 2FA or 2SV with sites you consider important (using something like TOTP/Google Authenticator or U2F), that’s a meaningful security upgrade, too.

(from the article Cloudbleed: How to deal with it — https://medium.com/@octal/cloudbleed-how-to-deal-with-it-150e907fd165#.7mysif5j1).

Technology Services will continue to track the Cloudbleed incident and will provide further recommendations if necessary.

For those interested, more information is available at the following locations:

Beware of the “Can you hear me?” scam

Recently, campus has been receiving fraudulent calls from scammers asking, “Can you hear me?” If you answer with “yes,” your answer is recorded and may be used by the scammer to authorize bogus charges on a credit card or a phone or utility bill.

Other variations of the scam are being reported as well. These include asking other yes/no type questions such as, “Are you the person responsible for paying the telephone bill?” and, “Are you the homeowner?”

If you receive a phone call from a number you do not recognize, use caution. Do not answer personal questions, try not to engage and, if you must respond, consider asking questions of your own such as “Who is calling?” Don’t be afraid to hang up if you believe the call is not legitimate. It is not impolite to hang up on a scammer. The longer that a scammer has you on the phone, the more likely it is that you will give them some information that they can use thus making you a victim.

For more information, read this story from CBS News.

Voyager password change

As of Jan. 18, faculty, staff and students now use their Lawrence network/email username and password to log in to Voyager. This means you will no longer have two passwords to remember—just one that will allow you to log in to email, Voyager, campus computers and Lawrence Wi-Fi.

Please contact the Technology Services helpdesk at 920-832-6570 or helpdesk@lawrence.edu with any questions.

Important information security training announcement

Every day Lawrence faculty, staff and students are exposed to many attempts to compromise their accounts, computers and mobile devices. These attacks are constantly evolving as the cyber criminals adapt to changes in technology, work harder to create “smarter” scams and come up with new methods of making or stealing money.

At Lawrence, we have seen several of these new attacks on campus. A few examples include very targeted spear phishing email messages that appear to come from cabinet members requesting sensitive information via email, email messages that appear to come from coworkers requesting recipients to open infected attachments and computer infections that attempt to encrypt all the data on a computer and network share folders (with the goal of demanding payment to unlock your data).

The most important thing to know about information security is that YOU are the target of the cyber criminals. The easiest way for these criminals to make money is to target individuals and smaller organizations like Lawrence. The two most common methods computers are compromised is by clicking on links or attachments in email messages or by using a search engine such as Google to search for something online and then clicking on compromised links in the search results.

How can you tell if this message is legitimate and if it is safe to click the links below?

  • Check the sender and reply to address in the message. If you hit reply does it look like the reply is going to a real Lawrence email address? See the third bullet point below even if it looks right!
  • Hover your mouse over the links—does the pop-up link match the link shown and does it make sense? Is it a lawrence.edu site?
  • Check the subject of the message. Our email system will flag messages in the subject line with [Warning: Possible Fraud] if they were sent to appear as if they came from on campus but originated from OFF campus. Be very careful with these messages.
  • To be extra safe—just retype the link into your browser instead of clicking on it!

In an effort to reduce the risk of security breaches, Lawrence has invested in a security awareness training program to help protect the campus from information security threats. Lawrence has significant amounts of sensitive data about our students, employees, alumni and donors, thus we all must work together to make sure we do everything we can to protect this information. This training is updated each year to include information about these new attacks, so it is important that we all complete it annually.

While this training is very important to protect ourselves and the university, please note that this annual, online training is required for employees in departments that have access to the most sensitive data or credit card information. All staff in Human Resources, Financial Services, Technology Services, Alumni & Development, Registrar’s Office, Admissions, Financial Aid and Research Administration must complete this entire training course. In addition, if you process or handle credit card information in any way, you must complete the training. Please complete the training by the end of October.

You can complete the online security awareness training anytime by going to http://go.lawrence.edu/bhdp. Log in using your network/email username and password. The online security awareness training takes about 45 minutes to complete and consists of a series of videos with questions at the end. Your progress and completion of the training will be automatically recorded. This training is delivered using Moodle, the campus learning management system.

If you have any questions regarding this training, please contact the Helpdesk at 920-832-6570 or reply to this message.

Steve Armstrong
Technology Services

For those that want to know more: Passwords & Password Managers

One topic that comes up frequently is passwords and how to manage them. Here are some key points to remember and a link to additional resources on this topic.

  • Do not use the same password (or a version of the same password) for multiple accounts or websites.
  • Use as long and complex a password as possible. Strongly consider using passphrases instead of passwords.
  • Use a password manager.

Learn more about all of these topics, including a link to a review of five popular password managers, at the Technology Services information security page at http://go.lawrence.edu/infosec.