ÒÁÈ˾þÃ

IMPORTANT ÒÁÈ˾þà IT SECURITY & USABILITY IMPROVEMENTS

Categories: Students   Faculty   Staff  

April 28, 2020 - As we continue to operate remotely, ÒÁÈ˾þà has recently improved information security and usability on the university’s systems and services. Please take the time to review these updates:

Zoom Security for Main Campus & Branches

ÒÁÈ˾þà Information Security and Privacy Office worked with IT service owners to review how Zoom would be used at ÒÁÈ˾þÃ, and to help ensure that appropriate safeguards were in place to protect ÒÁÈ˾þà data in use through the ÒÁÈ˾þà Zoom service.

ÒÁÈ˾þà has also recently provided all meeting hosts with recommendations how to secure Zoom sessions and protect the privacy of meeting participants without limiting the ability of ÒÁÈ˾þà community members to have open meetings with colleagues at other institutions. This information can be found at

External Email Notification Banner and Message Preview in LoboMail

On Dec. 12, 2019, a banner was added to all e-mails sent from outside ÒÁÈ˾þÃ’s e-mail system. This was in response to the detection at ÒÁÈ˾þà of a virus that proliferated through external email phishing and had previously caused a peer institution in New Mexico to physically shutdown for 3 weeks last fall. While this banner has been an important step in mitigating dangerous phishing attacks, we acknowledge that the existing banner minimizes the ability for users to see a preview of the email message content.

After business hours on April 28, 2020, we will alter the text used for flagging e-mails sent from outside the ÒÁÈ˾þà e-mail system so that the banner alert is smaller and message content is viewable in preview windows. We will continue to whitelist external entities that have a need to send emails on behalf of ÒÁÈ˾þÃ.

Here are some important tips to protect your account from phishing:

• Always be cautious with externally flagged e-mails and especially when opening attachments or following links from unverified or external sources.
• Never provide your password through e-mail, even for a password reset.
• If you receive phishing email, any e-mail asking for your password or for Personally Identifiable Information (PII), please forward the e-mail as an attachment to security@unm.edu. For instructions on how to forward email as an attachment, or to see whether ÒÁÈ˾þà IT is already aware of specific phishing email, please visit phishbowl.unm.edu. Additional information on reporting incidents to ÒÁÈ˾þÃ’s Information Security and Privacy Office is available at ISPO.unm.edu.

The goes into greater detail on these improvements and provides additional areas where IT has increased security and usability for us.