ANR's IT team has seen an increase in the number of spoofed emails, a form of phishing or spam email.
Email spoofing is the forgery of an email so that the message appears to be from someone or somewhere other than the actual source.
The goal here is to persuade you to assist the “supervisor” in purchasing some gift cards. The email is structured in a sense that indicates the supervisor is not available, there is a certain sense of urgency and validity, and it is sent from a mobile device.
There are also other clues within the email. Even though the name of the supervisor is correct, the email address is not and is not part of the organization. Scratching the back of the card to get the code doesn't make sense, especially if you are planning to give it to your clients, customers, etc.
The best thing to do with these types of phishing emails is simply to call or text your supervisor's known cell phone number and confirm before making a purchase.
- Author: Pamela Kan-Rice
UPDATE: The deadline to enroll in Duo has been extended to March 31, 2019.
To maintain access to critical systems such as the Time Reporting System (TRS), AggieTravel and AggieBuy, enroll in Duo by Feb. 13.
Before you enroll in Duo, make sure that your email system is supported to avoid service interruption. Visit Email Compatibility for a list of supported email systems.
The device you use with Duo can be a smartphone, tablet, cellphone or traditional landline. You should choose the device you are most likely to have close at hand when you want to access your UC ANR email.
- Visit https://computingaccounts.ucdavis.eduand choose “Duo Multifactor Authentication”.
- Sign in with your campus account.
- Follow the on-screen prompts to enroll a device.
Detailed step-by-step instructions are available at UC Davis IT Help.
If you encounter difficulties during enrollment, please contact the UC ANR Help Desk at help@ucanr.edu or (530) 750-1212. You can also visit the “Duo Clinic” between 9 a.m. and 11 a.m. on Monday, Wednesday and Friday by logging onto Zoom at ucanr.zoom.us/s/491057944.
Security tokens
The preferred method for accessing Duo is via smartphone or landline. If neither of these options is viable, a Duo security token can be purchased through AggieBuy for $29.99. Units will be responsible for the cost, which is an allowable expense for Program Support Funds.
To purchase Duo tokens, visit https://AggieBuy.ucdavis.edu and search for either part number or keywords under “Product Search”:
- Part number: 2046355
- Keywords: Duo Security Token
A comprehensive description of Duo is available at http://ucanr.edu/mfa.
The formation of UC ANR as a stand-alone financial structure provides us a remarkable opportunity to improve efficiency, and strengthen compliance, accountability and security. Additionally, UC ANR is responsible for protecting a vast amount of electronic information ranging from personal data to highly valuable original research.
In order to protect personnel payroll records that will enable UCPath, as well as critical research data, we have collaborated with UC Davis to implement a multi-factor authentication (MFA) service called Duo. Duo adds a new layer of security to your online accounts. A more comprehensive description of Duo is available at http://ucanr.edu/mfa.
To support ANR-wide adoption of Duo MFA, I want to encourage all managers, supervisors and directors to make staff aware of the Duo initiative and actively encourage them to enroll. Your participation in this initiative will help protect UC ANR information assets and help us comply with laws and regulations pertaining to the protection of personal and confidential information. Thank you for your support as UC ANR implements this critical cybersecurity initiative.
Sincerely,
Tu M. Tran
Associate Vice President, Business Operations
- Author: Pamela Kan-Rice
Starting Monday, Dec. 17, ANR's help desk team will begin offering virtual “office hours” to answer questions about the multifactor authorization app Duo.
The Zoom link to the “Duo Clinic” is ucanr.zoom.us/s/491057944.
Join any time between 9 and 11 a.m. on Monday, Wednesday or Friday to ask Duo- and MFA-related questions.
To support ANR-wide adoption of Duo MFA, Tu Tran, associate vice president for Business Operations, asks all managers, supervisors and directors to make everyone in their offices aware of the Duo initiative and actively encourage them to enroll in Duo.
Everyone's participation in this cybersecurity initiative will help protect UC ANR information assets and help us comply with laws and regulations pertaining to the protection of personal and confidential information.
Questions may also be emailed to help@ucanr.edu.
- Author: Pamela Kan-Rice
When ANR joins UCPath in the spring, it will introduce new technology that will ultimately unify and standardize payroll, benefits and human resources systems for all UC employees. As we adopt new technology to modernize ANR business systems, we are strengthening our online security measures.
In a recent webinar to prepare ANR office managers and others for the transition to UCPath in the spring, John Fox, Human Resources executive director, brought in Dave Krause, manager of web development and applications programming, to discuss multi-factor authentication to access online systems, and Emily LaRue, associate director of the Business Operations Center, to discuss the impact of UCPath on the Business Operations Center.
Multi-factor authentication
To use an online system that is operated by UC Davis for ANR, such as the time reporting system, KFS, Aggie Buy or AggieTravel, an ANR employee logs into a form. Historically, once your credentials are “authenticated” against a database hosted by UC Davis, you are redirected to the system and off you go. Another step is being added to protect the system from hackers. A tool called “Duo” will ask you for a second form of authentication.
“Duo seamlessly adds this second form of authentication right in the login form,” Krause said. “For this example, I have preset Duo to send the second authentication to my phone as a 'push notification' (a mobile phone alert that appears onscreen while the phone is still in locked mode). Duo will also happily call you or send you a code to use instead.”
Once the user clicks “approve,” the website immediately accepts the second authentication and opens the site.
Mobile phones, tablets and Apple watches are among the devices supported by Duo. “It doesn't take up much space on your device,” Krause said.
For employees who don't have mobile devices for authentication, physical tokens that connect directly to your computers will be available. Currently, only mobile devices are eligible for enrollment. More information about tokens will be available soon.
If you lose or forget your device or token, UC Davis IET Express help desk can send you a temporary access code.
UC ANR will be rolling out Duo for its identity management system next year. Volunteers, affiliates and collaborators will have unchanged access.
“We are now inviting all UC ANR employees who use UC Davis systems to enroll in Duo via a smartphone or tablet,” Krause said. “Be sure you use a device that is with you when you work!”
For details on Duo enrollment and setting it up, go to http://ucanr.edu/mfa.
Impact of UCPath on Business Operations Center
Becoming its own business unit with UCPath will increase ANR's visibility as equivalent to the 10 campuses and change its business relationship with UC Davis. In addition, ANR's responsibility for compliance and accountability will take on even greater importance. Implementation of UCPath will create some changes to ANR's Business Operations Center, including the location of ANR's UCPath payroll team, work assignments and responsibilities, and systems and processes.
“For the first several weeks, everything will seem different!” LaRue said.
Personnel action entry functions for new hires, terminations and pay changes will be performed by ANR HR or the UCPath Central Team. A single ANR BOC Payroll unit composed of a payroll manager and three staff members will be located in Davis. The BOC will be responsible for audits and additional reporting and there will be new terms, different business processes, and different routing of forms and documentation.
LuRue expects the following to remain the same:
- Payroll (time and leave reporting) processing
o Timely submission for all organizational units
o Time Reporting System review and corrections as needed
- Service level
o ANR UCPath Hypercare Team – Group devoted to resolution of ANR employee issues
- Processing of financial transactions
o BOC-Kearney – UCCE (Gifts excluded)
o BOC-Davis – Statewide programs, Research and Extension Centers and administrative units
For more information about UCPath changes, visit the website at https://ucanr.edu/ucpath.