Prevent Zoom Bombing

by | Apr 30, 2020 | Announcements

UCI Community,

In light of recent Zoombombing incidents, a new resource has been created to help hosts ensure that Zoom meetings, events and classes are configured correctly, preventing disruption from bad actors seeking to post inappropriate images or video, hate speech, harassing commentary, threats and other disruptive content.

Nearly all Zoombombing incidents can be prevented with Zoom settings configured appropriately for the meeting format. Please review this expanded guidance to prevent Zoombombing in classes and public meetings:

How to Host a Secure Zoom Event

You may use Zoom’s new Security button to remove and report individual disruptors during your event. If the incident involves UCI students or may include a criminal act, please email techprep@uci.edu to report details of the event.

Sarkis Daglian, M.B.A.
Director, Client Services
Office of Information Technology

Josh Drummond, MBA, CISSP, CSSLP
Chief Information Security Officer
Office of Information Technology

UCI Digital Accessibility Resources

by | Apr 28, 2020 | Announcements

Dear Colleagues,

In this unprecedented time, UCI confronts a variety of digital accessibility issues. Regardless of the challenges, we stay committed to accessibility and equity, both in our work environment and in our educational mission.

We have fostered a strong partnership between the Office of Information Technology (OIT), the Office of Equal Opportunity and Diversity (OEOD), and the Division of Teaching Excellence and Innovation (DTEI). While each office is issuing guidance specific to their area, we wanted to provide an aggregated list of resources and an overview for those who are new to the principles of digital accessibility.

Below is information regarding policy, principles, and resources for addressing digital accessibility. Additional information can be found on the Accessibility.uci.edu website. Should you have follow-up questions about digital accessibility, please contact a member of the IT Accessibility Work GroupMeredith Ehrenberg, IT Accessibility Work Group Co-Chair; or Andrew Berk, ADA Coordinator.

We invite you to join the effort to expand UCI’s inclusion of all members of our community in our digital domain.

Kirsten Quanbeck
ADA Compliance Officer
Associate Chancellor
Equal Opportunity and Compliance

Tom Andriola
Vice Chancellor
Information Technology and Data

Policy

The University of California IT Accessibility Policy establishes that information technology should be designed, developed, and procured to be accessible to people with disabilities, including those who use assistive technologies. Some key information technologies are:

  • websites
  • course materials and anything related to instruction – including syllabi
  • group and individual emails
  • interoffice memos
  • training materials, etc.

While we offer students an opportunity to register for services through the Disability Services Center and employees can request accommodations through their department with the assistance of Human Resources, no-one is required to disclose a disability. We should therefore assume that any digital materials that we produce may be used by a person with a disability and ensure all materials meet these guidelines to the best of our ability.

Accessibility Principles

These quick perspective videos are a great way to familiarize yourself with some of the principles of IT Accessibility and how different users may interact with your content.

P-O-U-R

POUR is an acronym for four high-level principles that describe functional accessibility: Perceivable, Operable, Understandable, and Robust.

  • Perceivable: the user can identify content and interface elements by means of the senses. For many users, this means perceiving a system primarily visually, while for others, it may be sound (read aloud by a machine) or touch (as on a Braille device).

 

  • Operable: ability to use controls, buttons, navigation, and other interactive elements. For many users, this means identifying an interface control visually, and then clicking, tapping, or swiping. For others, a computer keyboard or voice commands are required.

 

  • Understandable: consistent in presentation and format, predictable in design and usage, concise, and appropriate in voice and tone.

 

  • Robust: standards-compliant; designed to function on all appropriate platforms.

Resources & Guides

General

  • Siteimprove scans websites for accessibility issues and provides periodic reports. To obtain a new account and register your site for Siteimprove, go to [siteimprove.ucop.edu]siteimprove.ucop.edu. From there, users can auto-provision an account using their UCInetID. Then send an email to oit@uci.edu including which site to have scanned and the user(s) who will need permission to the site.
  • The Accessibility website includes a library of short training videos on various topics. You can sort and filter to find recommended courses based on your role here on campus. Each video is just a few minutes long.
  • You can also find information on closed-captioning vendors on the Accessibility website. Note that any videos you use or promote should include captions, whether you created the video or not.
  • UCOP Electronic Accessibility Testing Website provides links to software that developers can use to test their products for accessibility prior to launch.

Classroom Materials:

COVID-19 Related Phishing and Scams

by | Apr 27, 2020 | Announcements

Dear colleagues:

Opportunistic cybercriminals are targeting individuals and organizations with COVID-19 related attacks. These attacks come in the form of malicious “phishing” emails, SMS texts, phone apps, and websites. In many cases, their goal is to get you to click on a link, open an attachment, or install an app, that will infect your device with different types of malware (including ransomware) that will steal and/or destroy data. In other cases, the goal is to get you to divulge personal or financial information to the attacker.

COVID-19 related themes that attackers have attempted to exploit include:

  • Communications pretending to come from the World Health Organization (WHO), Centers for Disease Control and Prevention (CDC), or other health organizations
  • Fake online maps and tracking sites for COVID-19
  • Donations to charity or relief organizations
  • Personal protective equipment (PPE) scams
  • Cancelation of events
  • Stimulus checks
  • Remote work offers
  • Rent and mortgage relief

Common red flags to look out for include:

  • Suspicious email address – a majority of phishing emails can be spotted by looking at the sender’s email address. If the sender address looks suspicious, it is recommended to verify if the email is legitimate. For example at UCI, if you ever receive an email with uci.edu before the “@” symbol it may be a scam. Scammers also like to create accounts on free email services like Gmail and Hotmail and set the “From” address to the person they want to impersonate.
  • Generic or non-routine message – most of the time attackers don’t have internal information, so their messages are very generic. These can also include unexpected “too good to be true” offers or asking to perform non-routine requests.
  • Sense of urgency – attackers like to take advantage of our emotions and often times create a sense of urgency to get us to respond. Particularly now when most of us are working remotely and our usual methods of interaction have changed, the authenticity of our communication is much more vulnerable.
  • Misspelling, typos, unfamiliar languages – most phishing emails are not written very well and can contain grammatical errors.

Additional phishing awareness resources are also available on the OIT Security website.

Please forward any suspicious emails that you want checked to OIT Security at spam@uci.edu.

Please email OIT Security at security@uci.edu with any other questions.

Sincerely,

Josh Drummond
Chief Information Security Officer
Office of Information Technology

Working Remotely? Up Your Digital Records Management Game

by | Apr 22, 2020 | Announcements

By Jackie DiOrio. When working remotely, keep in mind that any records created or received on any device belong to the Regents of the University of California, and all UC records on personal devices are subject to eDiscovery and California Public Records Act requests.

So, even though you’re at home, you are still creating UC records. Now is the perfect opportunity to hone those digital records management skills.

  1. Remember privacy. It is your job to protect confidential items from being exposed. Avoid saving confidential items to personal devices and be cognizant of the location of your printed materials.
  2. Store appropriately. Save files to an approved shared-storage location, and provide access permission to other authorized personnel as appropriate.
  3. Know retention periods. Consult the UC Records Retention Schedule to find out how long you should keep certain records, especially those common to your area. If you have questions, contact your location’s records management coordinator.
  4. Develop consistent folder and file naming standards. Create a logical set of folders and file names that help you know where to store and retrieve records.
  5. Recognize historical records. Be aware when you’re creating a record that documents a decision or program activity. This could be a permanent historical record. Many records related to UC’s decisions around COVID-19 could be very important in the future.
  6. Avoid multiple copies. Be conscious about what you’re putting on a personal device. Try to avoid creating copies of records in various places that you will need to manage.
  7. Purge old files. Go through your electronic files and purge the digital ROT (redundant, obsolete, or trivial materials)! A big aspect of records management is getting rid of materials you don’t need – like old drafts.
  8. Don’t leave UC records at home. When you return to working on site, be sure to bring back any hard copy records you may have taken home. Remember to delete any UC records you’ve saved to a personal device once you’ve uploaded them to an appropriate UC location.

If you have any questions about records management at UCI, please contact Stephanie Tenney at sktenney@uci.edu.

This article originally appeared on the UC IT blog on April 15, 2020.

Zoombombing Incident Update

by | Apr 21, 2020 | Announcements

Dear Campus Community,

UCI again experienced an incident of Zoombombing yesterday during a public lecture event. Zoombombing describes an individual or a group of individuals misusing Zoom features to interrupt a meeting or class, often with criminal, vulgar, or inappropriate images or chat messages.

These incidents are unacceptable at UCI. If you experience Zoombombing, please report it to techprep@uci.edu. Yesterday’s event was suspended immediately, and the recording was turned over to law enforcement for criminal investigation.

As COVID-19 pushes classes to remote learning environments, incidents of Zoombombing have occurred across the country. Usually, the perpetrators are seeking to spread hate and intimidate targeted communities.

It is important to note that UCI has procedures in place to secure remote meetings, and everyone is encouraged to use them. Moreover, the campus acts to prevent and remedy the disruption of presenters, speakers, instruction, and other university activities. Please see UCI’s guidance for the disruption of university activities for more detailed information.

I encourage you to visit UCI’s interdisciplinary virtual workshop, Racial Violence and Restorative Engagement in a Time of Pandemic, as a resource to explore divisive issues amplified in a pandemic environment and how we can be responsive in ways that promote collaboration and understanding.

#ActforInclusion

Douglas M. Haynes (Preferred Pronouns: he/him/his)
Chief Diversity Officer
Vice Chancellor for Equity, Diversity and Inclusion
Professor of History