• Notification: Important changes to access Clinical Follow-Me-Desktop (FMD) coming – Immediate action required

    Computers used to access the clinical FMD environment will be required to have a new software product called VMWare View installed in order to access the environment after March 29, 2017. 

     

    For University Owned Computers - On March 11, 2017, the Medical School IT department is deploying the required software to most university owned computers that need this software.  If your university owned computer does not receive this software, you may visit the IT SoftStore after March 17 to request an automatic installation of the software title “FMD Client”.

     

    For Student and/or Personally Owned Computers – Please visit this link to locate instructions for downloading and installing the software on your computer.

     

    For more information, please visit this website hosted by UMMHC.

  • Notification: Important changes to access Clinical Follow-Me-Desktop (FMD) coming – Immediate action required

    Computers used to access the clinical FMD environment will be required to have a new software product called VMWare View installed in order to access the environment after March 29, 2017. 

     

    For University Owned Computers - On March 11, 2017, the Medical School IT department is deploying the required software to most university owned computers that need this software.  If your university owned computer does not receive this software, you may visit the IT SoftStore after March 17 to request an automatic installation of the software title “FMD Client”.

     

    For Student and/or Personally Owned Computers – Please visit this link to locate instructions for downloading and installing the software on your computer.

     

    For more information, please visit this website hosted by UMMHC.

Security Alerts - Information Security Office

Security Alerts - Information Security Office

Friday, September 23rd
To: All University of Massachusetts Medical School Faculty, Staff and Students
Subject: Yahoo Confirms 500 Million Accounts Stolen in Largest Breach in History

As many of you are aware, Yahoo confirmed yesterday (9/22/2016) that data associated with half a billion accounts has been stolen. If you use Yahoo Mail or any of its services (Tumblr, Flickr, Fantasy Football), you need to act now. The company confirmed on Thursday that a massive data breach affected at least 500 million user accounts. Leaked account information may include names, email addresses, telephone numbers, dates of birth, hashed passwords, encrypted or unencrypted security questions and answers.
 
In a statement from Yahoo yesterday:
 
"Yahoo is notifying potentially affected users and has taken steps to secure their accounts. These steps include invalidating unencrypted security questions and answers so that they cannot be used to access an account and asking potentially affected users to change their passwords. Yahoo is also recommending that users who haven't changed their passwords since 2014 do so."
 
If you, or someone you know, uses Yahoo for their personal email, UMass Medical School Information Security recommends you take action immediately.  Internet criminals will use this information in a variety of ways.  For instance, it’s been reported already that “fake” emails from Yahoo security are making their way around the internet, claiming you need to reset your Yahoo account.  In actuality, these are classic “phishing” emails looking just like the real ones.
 
Recommendations:
 
1)      Open your browser and go to Yahoo. Do not use a link in any email. Update your Yahoo account with a new password and new security questions.

2)      If you were using that same password on multiple websites, you need to stop.  Hackers could use the information taken from Yahoo to obtain access to other online accounts that contain even more sensitive information.  If you did use your Yahoo passwords on other sites, go to those sites and change the password there too.

3)      Watch out for any phishing emails that relate to Yahoo in any way and that ask for information.  Also, be alert for any suspicious activity.

4)      Turn on Two Factor Authentication (2FA).  On its own, a password isn't a strong line of defense.  Adding a second type of authentication, like a one-time code sent over text message or generated by an app, can greatly secure your online accounts. Yahoo is recommending people turn on its two-factor authentication tool: Yahoo Account Key.  While it's certainly an extra step, make it a part of your daily routine.  Next time there's a story about a massive data breach, you'll be glad you did.
https://help.yahoo.com/kb/activate-sign-in-verification-sln5013.html

Although this is more focused on personal accounts, the UMass Medical School Information Security Department is happy to answer any questions related to the Yahoo breach. Please reach out to Brian Coleman personally or email ITSecurity@umassmed.edu.

Additional alerts from previous concerns are listed below:

▴ Back To Top