Category: Security

Microsoft Authenticator

There are four common forms of second factor authentication: Using a hardware security token or an authenticator application, such as Microsoft Authenticator, provides the best security. As there are scenarios where a hardware security token cannot be used the most robust second factor to use is an authenticator application. Account security can be improved by…Continue Reading Microsoft Authenticator

How do I secure my computer when traveling?

IT has implemented security procedures for International Travel by faculty, staff and students. If the traveler is on CUI or export-controlled projects, IT will provide a loaner laptop. If the traveler is not on CUI or export-controlled projects, then the traveler may take a loaner laptop or their S&T managed laptop. The loaner and the…Continue Reading How do I secure my computer when traveling?

Zotero Remains Available Until December 31st, 2024

Over the last several months, your Information Technology (IT) organization has been actively working to allow for the continued use of Zotero by S&T faculty, administration, and students. Today, thanks to the efforts of Dan Stutts, the Information Technology Campus Committee (ITCC) Chair, the Chief Information Officer and he were able to speak directly with…Continue Reading Zotero Remains Available Until December 31st, 2024

Code Signing Certificate Requests

Macros within Microsoft Office must be signed with a code signing certificate for security purposes. If you need to sign macros then submit a support request to IT Security. If the request is approved you will be asked to refresh your user profile by either logging out and back in or restarting your computer. You…Continue Reading Code Signing Certificate Requests

Windows 11 Transition

In 2023, S&T IT began focusing efforts and communicating to campus about the transition to Windows 11 operating system for campus computers to be compliant with UM System Information Security policies and guidelines. In fall 2025, Microsoft will no longer support the Windows 10 operating system. IT has a goal to transition computers running Windows…Continue Reading Windows 11 Transition

Everything you Need to Know About GoFetch: A Hardware Security Flaw in Modern Macs

What is GoFetch? GoFetch is a newly found security flaw affecting Mac computers released after 2020. Because the bug is found in the hardware and not any part of the computer’s firmware or BIOS, it looks very unlikely that Apple will be able to patch the issue with a software update. All of the affected…Continue Reading Everything you Need to Know About GoFetch: A Hardware Security Flaw in Modern Macs

Firewall Exceptions

By default, the S&T border firewall blocks all inbound connections. Only approved services are granted an exception to this default deny. All exceptions are subject to auditing, verification and revocation. Auditing The most basic audit performed is with a vulnerability scanner. Any critical vulnerabilities will preclude an exception and all important vulnerabilities must be remediated…Continue Reading Firewall Exceptions

Why is Zotero Being Removed From the S&T Campus?

Please see the July 24, 2024 update regarding Zotero on IT Answers for more information. Due to concerns that have arisen with Zotero, Missouri S&T IT has been instructed to retire the use of Zotero on university computer systems. To allow individuals who use Zotero time to transition, the software will remain available until August…Continue Reading Why is Zotero Being Removed From the S&T Campus?

Isora GRC Assessments

The University is using SaltyCloud’s Isora product to handle Governance, Risk and Compliance (GRC) assessments. Notifications about these assessments come from admin@mst.isora.saltycloud.com and the assessments can be accessed at https://mst.isora.saltycloud.com. The login uses your University account through a Microsoft login page (currently login.microsoftonline.com). In order to be able to login to the system your account…Continue Reading Isora GRC Assessments

Non-LAPS Workstation Administrator Privileges

This process is intended for one or two individuals who will (co-manage) a group of systems. It is restricted to situations where the co-manager will provide unique expertise that Information Technology does not have, such as familiarity with installing, configuring and updating specialized software. Each group of systems should be closely aligned in how they…Continue Reading Non-LAPS Workstation Administrator Privileges

FIleVault/Encryption Key Escrow

FileVault is an extra layer of login protection implemented on Jamf managed Mac computers. It does not impede everyday use of the computer. The main function of FileVault is to encrypt the startup volume of Mac computers. When a user profile is created on a Jamf managed Mac computer, FIleVault is enabled for them and…Continue Reading FIleVault/Encryption Key Escrow

Dual-booting Operating Systems

Dual booting operating systems on campus owned computers is an unsupported option that poses security risks to the computer in question, the campus network and the future of your research. These are some of the reasons:1. Limited Security Updates: Keeping two operating systems up-to-date with the latest security patches can be challenging. If one OS…Continue Reading Dual-booting Operating Systems

Can’t I just use Migration Assistant to transfer all my stuff over from my old Mac?

The Migration Assistant cannot be used to transfer data from an old computer if the new computer is on Jamf. It is recommended to use OneDrive to backup data and it can be easily accessed from the new computer. We can make a backup of the old computer and install it on the new computer…Continue Reading Can’t I just use Migration Assistant to transfer all my stuff over from my old Mac?

I want to go back to being an admin on my Apple computer. Why can’t I go back to being an admin?

We offer a temporary admin request option that will allow users temporary ability to become admin on the computer. Due to security standard NIST 800-172, it is no longer possible to always allow full admin access. The use of JAMF has brought our Apple computer management and security more in line with the way we…Continue Reading I want to go back to being an admin on my Apple computer. Why can’t I go back to being an admin?

Why do we need JAMF?

JAMF is a new device management tool for Apple computers we have implemented to meet security standards. NIST 800-172 is a supplementary document to NIST SP 800-171, which is designed to help safeguard sensitive information on non-federal systems through best practice processes and security controls and applies to federal contractors that handle, process or store…Continue Reading Why do we need JAMF?

OpenVPN is failing to connect with an error about “unsupported options”, how can I fix this?

If you are receiving this error when attempting to connect to OpenVPN, it is due to an update in the OpenVPN Connect software that requires changes in the VPN profile. To correct this problem, please delete your current VPN profile – click on the pencil next to the profile name, and then the Delete Profile…Continue Reading OpenVPN is failing to connect with an error about “unsupported options”, how can I fix this?

Why Can’t I Have My Email?

All students are provisioned with a mailbox while they attend S&T and to ease student life the mailbox is kept for 12 months after enrollment, but at some point it is deprovisioned and the mailbox is gone. Can’t you just get that back? Whether it is with Google, Microsoft, Apple, or some other provider there…Continue Reading Why Can’t I Have My Email?

Non-Employee Appointment Mailbox $200 License Fee

UM System has implemented additional security for protecting our mailbox accounts by assigning A5 licenses to non-employee appointments. As this license cost is outside our budgeting process for licensing accounts with Microsoft, S&T IT will be requiring an annual $200 per year license fee for non-employee appointments that require a mailbox, and will be billed…Continue Reading Non-Employee Appointment Mailbox $200 License Fee