09/23/2013 - We have many reports in the last hour of spam with the following subject line:
“Letter from the University of North Carolina”
The email provides a “Click Here” link. When you roll over the link, you see that it refers to a non-UNC-CH URI.
This is not legitimate email. We have blocked the relevant IP address at the campus border. Please contact the Information Security Office if you continue to see such inbound emails after 12:15 p.m. today.
As always, please feel free to contact the Information Security Office via firstname.lastname@example.org during the business day and via 919-962-HELP after hours. In addition, please see the help.unc.edu link below regarding handling of suspected phishing and spam:
SOM Information Privacy and Security News
HIPAA Omnibus Rule takes effect today 09/23/2013
- The new HIPAA Manual http://intranet.unchealthcare.org/hospitaldepartments/hipaa/policies
VPN Access Will Be Required for Off Campus Access to Campus Computing Resources
Over the past few months, the campus has seen a marked increase in attacks on computers that can be controlled via remote desktop tools. Additionally, vendors have identified new risks to networked printers.
Two new efforts in this area will prevent off-campus connections to on-campus computers using remote desktop tools and prevent off-campus printing to on-campus printers. These changes will take effect on March 30th. After that time, individuals wishing to connect to these types of services from off-campus will be required to first connect to the campus network via VPN.
A Virtual Private Network (VPN) provides an encrypted connection (secure tunnel) from outside networks or Internet Service Providers (ISPs) to the UNC-Chapel Hill internal network. UNC has installed a Cisco VPN concentrator that allows authorized users to access UNC network resources from off-campus using an ISP dial-in, DSL or cable modem service with ONYEN authentication. You can work securely, just as if you were physically on campus.
If on or after March 30th you are unable to connect to your campus computer from off-campus or are unable to print to your campus printer from off-campus then it is likely you need to use the campus VPN software. This software will let you create a secure connection to the campus network using your Onyen and Onyen-password. A help page (http://help.unc.edu/CCM3_035705) has been created that will provide detailed information regarding VPN use and link to download the necessary software.
- The VPN client software can be downloaded at https://shareware.unc.edu/software.html#v
Please remember that data security here at the University is a partnership. While we continue to look for ways to reduce our vulnerability to outside attacks from hackers, we rely on all of you as well. We appreciate your continued efforts of not clicking on links in phishing emails, not sharing your passwords, and keeping your antivirus up to date. The use of VPN is just another important step to reduce outside threats to the university.
SOM PGP Encryption Project
PGP Whole Disk Encryption is in full swing. The deadline of July 2012 is approaching. All laptops storing sensitive data are required by UNC Information Security Policy to be encrypted. Please bring your laptop to the OIS Helpdesk for encryption. More information on encryption can be foung on the encryption FAQ page.
Global Information Security News...Stay Secure
Stay up to date on the latest security news bulletins from SANS, SecurityFocus, CERT, ZDNet, and Symantec.