What is GoFetch? GoFetch is a newly found security flaw affecting Mac computers released after 2020. Because the bug is found in the hardware and not any part of the computer’s firmware or BIOS, it looks very unlikely that Apple will be able to patch the issue with a software update. All of the affected…Continue Reading Everything you Need to Know About GoFetch: A Hardware Security Flaw in Modern Macs
Account Expiration & Extension
The University regularly reviews accounts for expiration or deletion. When an account owner no longer meets the account eligibility requirements, account access to resources will be terminated. For more information on account eligibility please see the Email Management Policy and Electronic Mail Use and Management Procedures . Account extensions are managed via AIMS with help…Continue Reading Account Expiration & Extension
Firewall Exceptions
By default, the S&T border firewall blocks all inbound connections. Only approved services are granted an exception to this default deny. All exceptions are subject to auditing, verification and revocation. Auditing The most basic audit performed is with a vulnerability scanner. Any critical vulnerabilities will preclude an exception and all important vulnerabilities must be remediated…Continue Reading Firewall Exceptions
Why is Zotero Being Removed From the S&T Campus?
Due to concerns that have arisen with Zotero, Missouri S&T IT has been instructed to retire the use of Zotero on university computer systems. To allow individuals who use Zotero time to transition, the software will remain available until August 2, 2024, at which point it will be removed from AppsAnywhere and blocked on all…Continue Reading Why is Zotero Being Removed From the S&T Campus?
Isora GRC Assessments
The University is using SaltyCloud’s Isora product to handle Governance, Risk and Compliance (GRC) assessments. Notifications about these assessments come from admin@mst.isora.saltycloud.com and the assessments can be accessed at https://mst.isora.saltycloud.com. The login uses your University account through a Microsoft login page (currently login.microsoftonline.com). In order to be able to login to the system your account…Continue Reading Isora GRC Assessments
Apple Temp Admin Rights
To obtain Temp Admin rights for a Jamf enrolled Mac, you will need to utilize the Self Service application. Follow the directions below or watch the attached video. *Time limit per request is 30 minutes, but there is no limit to the amount of requests. Guided directions for Grant Temp Admin.>>…Continue Reading Apple Temp Admin Rights
Non-LAPS Workstation Administrator Privileges
This process is intended for one or two individuals who will (co-manage) a group of systems. It is restricted to situations where the co-manager will provide unique expertise that Information Technology does not have, such as familiarity with installing, configuring and updating specialized software. Each group of systems should be closely aligned in how they…Continue Reading Non-LAPS Workstation Administrator Privileges
FIleVault/Encryption Key Escrow
FileVault is an extra layer of login protection implemented on Jamf managed Mac computers. It does not impede everyday use of the computer. The main function of FileVault is to encrypt the startup volume of Mac computers. When a user profile is created on a Jamf managed Mac computer, FIleVault is enabled for them and…Continue Reading FIleVault/Encryption Key Escrow
Why can’t I access PaperCut?
I am in the dorm/fraternity/sorority/home/etc. and cannot access the PaperCut web link (https://papercut.mst.edu), why? PaperCut user and administrative interfaces are only available on the campus network and when connected to VPN. See: https://it.mst.edu/services/vpn/ for information on how to get connected….Continue Reading Why can’t I access PaperCut?
Dual-booting Operating Systems
Dual booting operating systems on campus owned computers is an unsupported option that poses security risks to the computer in question, the campus network and the future of your research. These are some of the reasons:1. Limited Security Updates: Keeping two operating systems up-to-date with the latest security patches can be challenging. If one OS…Continue Reading Dual-booting Operating Systems
How do I access my Apple computer on Jamf with no internet access?
The SSO login is only there if the computer restarts, or the user logs out. If you find yourself without internet access, there will be a Local Login option underneath the window that would normally display the SSO login. Use your SSO username without the @umsystem.edu and your normal password to login. From there you…Continue Reading How do I access my Apple computer on Jamf with no internet access?
Can’t I just use Migration Assistant to transfer all my stuff over from my old Mac?
The Migration Assistant cannot be used to transfer data from an old computer if the new computer is on Jamf. It is recommended to use OneDrive to backup data and it can be easily accessed from the new computer. We can make a backup of the old computer and install it on the new computer…Continue Reading Can’t I just use Migration Assistant to transfer all my stuff over from my old Mac?
How do I create backups on an Apple computer?
The use of Time Machine can currently no longer be used as a backup tool. It will brick the computer when trying to restore from the backup. It is recommended to use OneDrive to backup files. All campus accounts get 5TB of storage in OneDrive….Continue Reading How do I create backups on an Apple computer?
I want to go back to being an admin on my Apple computer. Why can’t I go back to being an admin?
We offer a temporary admin request option that will allow users temporary ability to become admin on the computer. Due to security standard NIST 800-172, it is no longer possible to always allow full admin access. The use of JAMF has brought our Apple computer management and security more in line with the way we…Continue Reading I want to go back to being an admin on my Apple computer. Why can’t I go back to being an admin?
Why do we need JAMF?
JAMF is a new device management tool for Apple computers we have implemented to meet security standards. NIST 800-172 is a supplementary document to NIST SP 800-171, which is designed to help safeguard sensitive information on non-federal systems through best practice processes and security controls and applies to federal contractors that handle, process or store…Continue Reading Why do we need JAMF?
What is JAMF?
JAMF is a device management tool for Apple computers. It has been implemented on Apple computers to adhere to security standards in place from NIST 800-172 and to provide consistency of support among all computers on campus….Continue Reading What is JAMF?
OpenVPN is failing to connect with an error about “unsupported options”, how can I fix this?
If you are receiving this error when attempting to connect to OpenVPN, it is due to an update in the OpenVPN Connect software that requires changes in the VPN profile. To correct this problem, please delete your current VPN profile – click on the pencil next to the profile name, and then the Delete Profile…Continue Reading OpenVPN is failing to connect with an error about “unsupported options”, how can I fix this?
I was phished, now what?
The first step in recovering from responding to a phishing attack is to reset your password. For reference, you can do so by following the instructions at https://password.umsystem.edu If that password was also used with other sites then it needs to be changed there as well. Each affected account should be treated as compromised which…Continue Reading I was phished, now what?
Why Can’t I Have My Email?
All students are provisioned with a mailbox while they attend S&T and to ease student life the mailbox is kept for 12 months after enrollment, but at some point it is deprovisioned and the mailbox is gone. Can’t you just get that back? Whether it is with Google, Microsoft, Apple, or some other provider there…Continue Reading Why Can’t I Have My Email?
Non-Employee Appointment Mailbox $200 License Fee
UM System has implemented additional security for protecting our mailbox accounts by assigning A5 licenses to non-employee appointments. As this license cost is outside our budgeting process for licensing accounts with Microsoft, S&T IT will be requiring an annual $200 per year license fee for non-employee appointments that require a mailbox, and will be billed…Continue Reading Non-Employee Appointment Mailbox $200 License Fee
How long can I keep my account after graduation?
University email retention policy states that students are no longer eligible for an account 1 year after their last eligible to enroll semester. There is provision for a one year extension. In practical terms this means: Please do not contact helpdesk ahead of time or immediately after you graduate. You will receive notifications automatically, and…Continue Reading How long can I keep my account after graduation?