News

The Nest: Definitions and FAQs – Employee Version

1.) What is a portlet?

Portlets are the small sections within pages.  A portlet usually contains several items that are fall under a particular topic. For example, Faculty Registration Tools or Employee Resources.

 

2.) What is a page?

A page in The Nest is basically the tabs you see across the top when you log in. Depending on your roles at SJU you may have more or less pages than your colleagues.  All employees and faculty will have the following pages:

Home

Employee

School Services

Campus Life

Faculty (for Faculty only)

 

3.) What is a quicklink?

Quicklinks are the tiny icons at the top of the Home page when you log into The Nest.  They are designed to represent the tools you access most frequently within The Nest. Clicking a Quicklink will take you directly to that tool or section.  Your Quicklinks may include:

Blackboard Learn

Library

DegreeWorks

My Schedule

what is a quicklink

4.) Where can go to access my Time Sheet, Pay Stub, etc.?

These tools can now be found under the Employee page in The Nest. Look for a portlet called Administrative Services and follow the same steps you are used to.

 

5.) Where are the university announcements?

University Announcements have been replaced by “Nestlist”. Nestlist serves as the new SJU classifieds. In Nestlist, you can post about campus events, items for sale, classes. and more.

In the event of a true university emergency, the notification will be displayed prominently at the top of The Nest.

nestlist

 

6.) I clicked a link and was given a “Session Expired” error. What do I do?  

session expired error

 

 

Clear cookies, cache and restart browser

If you have gotten this error at some point while working in The Nest, you simply need to clear your browser’s cache. Find your browser below with instructions on how to do so:

Internet Explorer

To check what version of Internet Explorer you are using, go to Help – About Internet Explorer.

If you are using Internet Explorer (11.0), you will go to Tools – Delete Browsing History and check the boxes for Temporary Internet Files and website files and Cookies and website data. Hit Delete.

If you are using Internet Explorer (10.0), you will go to Tools – Delete Browsing History and check the boxes for Temporary Internet Files and website files and Cookies and website data. Hit Delete.

If you are using Internet Explorer (9.0), you will go to Tools – Delete Browsing History and check the boxes for Temporary Internet Files and Cookies. Hit Delete.


Mozilla Firefox

If you are using Firefox version (3.0) or earlier, please update your browser by going to www.mozilla.com

In Firefox 30, click on History – Clear Recent History.  Choose the time range of Everything.  Make sure at least the top 5 boxes are checked and hit Ok.

Google Chrome

Click on the three horizontal lines in the upper right hand part of the browser. Click on settings. Click on “Show advanced settings…” at the bottom of the page. Under privacy click on “Clear browsing data”. Check the boxes for “Cookies” and “Cached images and files”. Finally click “Clear browsing data”.

Safari 7.0 – MAC OS

Go to Safari – Preferences.  Click Privacy then click Remove All Website Data…click Remove Now.

 

7.) Could you give me more information about The Nest project?

The new portal project was first introduced to campus in Fall 2013; campus community participated in “Name the Portal” contest In October 2013. Over 800 responses were submitted and The Nest was ultimately voted the winner.

The Office of Information Technology successfully launched the pilot of The Nest (with MySJU in parallel) on 3/17/14. The main focus of the pilot was on enhancing the student experience. Additional features and content for faculty and employees were added during Phase 2, which began in April 2014 and will finish up this month.  Phase 2 also including removing access to the old MySJU portal, which was accomplished on 1/7/15.

The project team has weekly meetings and our main focus is on creating a better user experience for all students, faculty and employees. We engage departments around campus and meet with faculty, staff and students to hear what they would like to see in a portal.  If you would like to be included in any future meetings, please email The Nest project manager, Lauren Adams (ladams@sju.edu).

 

8.) What’s next for The Nest?

While we are excited to deliver a new portal to the university, we are not done yet!  Phase 3 will start in February.  Some of our initial objectives are to better enhance the content by soliciting feedback as well as continuing to improve the user experience.

9.) Why did OIT decide to replace MySJU?

We wanted to launch a stable, content-rich portal running the latest version of the Luminis software, which is owned by Ellucian. Our current portal, MySJU, is running on legacy software, which will soon be discontinued by Ellucian support. This project was created to address that issue by upgrading old outdated hardware and software in order to implement a secure, dynamic environment that provides students, faculty and employees with a single point of access to web services customized to their university account.

We used input and feedback from many campus constituents, including many students and campus offices, to build a system that gives you quick access to the things you need most, including registration tools, class schedules, e-mail and calendar, and grade information.

 

10.) Where do I go if I need help/ cannot find something/ have additional feedback?

If you have questions, comments, concerns about The Nest – contact us! You can reach us via email at techhelp@sju.edu, by phone at 610-660-2920, or in person at the Technology Service Center in the Science Center, room 129.  We also have an active social media presence so if you would rather Facebook or Tweet us, please do so.

www.facebook.com/sjutsc or @sjuit

 

 

The Nest: Definitions and FAQs – Faculty version

1.) What is a portlet?

Portlets are the small sections within pages.  A portlet usually contains several items that are fall under a particular topic. For example, Faculty Registration Tools or Employee Resources.

2.) What is a page?

A page in The Nest is basically the tabs you see across the top when you log in. Depending on your roles at SJU you may have more or less pages than your colleagues.  All employees and Faculty will have the following pages:

  • Home
  • Employee
  • School Services
  • Campus Life
  • Faculty (for Faculty only)

3.) What is a quicklink?

Quicklinks are the tiny icons at the top of the Home page when you log into The Nest.  They are designed to represent the tools you access most frequently within The Nest. Clicking a Quicklink will take you directly to that tool or section.  Your Quicklinks may include:

  • Blackboard Learn
  • Library
  • DegreeWorks
  • My Schedule

what is a quicklink

4.) Where can I find my Class Schedule in The Nest?

Your Class Schedule can now be found in The Nest under the Faculty Page in a portlet called “Faculty Registration Tools”.

5.) Where are the university announcements?

University Announcements have been replaced by “Nestlist”. Nestlist serves as the new SJU classifieds. In Nestlist, you can post about campus events, items for sale, classes. and more.

In the event of a true university emergency, the notification will be displayed prominently at the top of The Nest.

nestlist

6.) I clicked a link and was given a “Session Expired” error. What do I do?

session expired error

Clear cookies, cache and restart browser

If you have gotten this error at some point while working in The Nest, you simply need to clear your browser’s cache. Find your browser below with instructions on how to do so:

Internet Explorer

To check what version of Internet Explorer you are using, go to Help – About Internet Explorer.

If you are using Internet Explorer (11.0), you will go to Tools – Delete Browsing History and check the boxes for Temporary Internet Files and website files and Cookies and website data. Hit Delete.

If you are using Internet Explorer (10.0), you will go to Tools – Delete Browsing History and check the boxes for Temporary Internet Files and website files and Cookies and website data. Hit Delete.

If you are using Internet Explorer (9.0), you will go to Tools – Delete Browsing History and check the boxes for Temporary Internet Files and Cookies. Hit Delete.

Mozilla Firefox

If you are using Firefox version (3.0) or earlier, please update your browser by going to www.mozilla.com

In Firefox 30, click on History – Clear Recent History.  Choose the time range of Everything.  Make sure at least the top 5 boxes are checked and hit Ok.

Google Chrome

Click on the three horizontal lines in the upper right hand part of the browser. Click on settings. Click on “Show advanced settings…” at the bottom of the page. Under privacy click on “Clear browsing data”. Check the boxes for “Cookies” and “Cached images and files”. Finally click “Clear browsing data”.

Safari 7.0 – MAC OS

Go to Safari – Preferences.  Click Privacy then click Remove All Website Data…click Remove Now.

 

7.) Could you give me more information about The Nest project?

The new portal project was first introduced to campus in Fall 2013; campus community participated in “Name the Portal” contest In October 2013. Over 800 responses were submitted and The Nest was ultimately voted the winner.

The Office of Information Technology successfully launched the pilot of The Nest (with MySJU in parallel) on 3/17/14. The main focus of the pilot was on enhancing the student experience. Additional features and content for faculty and employees were added during Phase 2, which began in April 2014 and will finish up this month.  Phase 2 also including removing access to the old MySJU portal, which was accomplished on 1/7/15.

The project team has weekly meetings and our main focus is on creating a better user experience for all students, faculty and employees. We engage departments around campus and meet with faculty, staff and students to hear what they would like to see in a portal.  If you would like to be included in any future meetings, please email The Nest project manager, Lauren Adams (ladams@sju.edu).

 

8.) What’s next for The Nest?

While we are excited to deliver a new portal to the university, we are not done yet!  Phase 3 will start in February.  Some of our initial objectives are to better enhance the content by soliciting feedback as well as continuing to improve the user experience.

 

9.) Why did OIT decide to replace MySJU?

We wanted to launch a stable, content-rich portal running the latest version of the Luminis software, which is owned by Ellucian. Our current portal, MySJU, is running on legacy software, which will soon be discontinued by Ellucian support. This project was created to address that issue by upgrading old outdated hardware and software in order to implement a secure, dynamic environment that provides students, faculty and employees with a single point of access to web services customized to their university account.

We used input and feedback from many campus constituents, including many students and campus offices, to build a system that gives you quick access to the things you need most, including registration tools, class schedules, e-mail and calendar, and grade information.

 
10.) Where do I go if I need help/ cannot find something/ have additional feedback?

If you have questions, comments, concerns about The Nest – contact us! You can reach us via email at techhelp@sju.edu, by phone at 610-660-2920, or in person at the Technology Service Center in the Science Center, room 129.  We also have an active social media presence so if you would rather Facebook or Tweet us, please do so.

www.facebook.com/sjutsc or @sjuit

 

 

The Nest: Definitions and FAQs – Student Version

1.) You keep saying portlet. What is a portlet?

Portlets are the small sections within pages.  A portlet usually contains several items that fall under a particular topic. For example, Registration Tools or Financial Literacy.

 

2.) What is a page?

Pages in The Nest are basically the tabs you see across the top when you log in. As a student you will have the following pages:

Home

Classes & Registration

Tuition & Aid

School Services

Campus Life

what is a page

 

3.) What is a quicklink?

Quicklinks are the tiny icons at the top of the Home page when you log into The Nest.  They are designed to represent the tools you access most frequently within The Nest. Clicking a Quicklink will take you directly to that tool or section.  Your Quicklinks may include:

Blackboard Learn

Library

DegreeWorks

My Schedule

what is a quicklink

 

4.) Where do I find my courses in The Nest?

In The Nest, you will no longer see a page called “My Courses”.  Based on feedback we received from SJU students, we have created a page called Classes & Registration.  At the top of this page, students will find direct links to Blackboard Learn where they can access their courses. Additionally, the Classes & Registration page contains direct access to Hawk Central resources, Registration Tools, Exam Schedules, Student Grades, and graduation information.

You can also access your course via the Blackboard Learn quicklink on the Home Page.

 

5.) How do I pay my tuition?

Similar to the Classes & Registration page, we’ve created the Tuition & Aid page based on student feedback.  The entire Tuition & Aid page is dedicated to your financial matters as a student.  Check your account balance, review your work study balance, accept financial aid, and get educated on financial literacy all in one location.  Do you still have questions after visiting the Tuition & Aid page? Contact Hawk Central directly from a portlet on the page. They are happy to assist.

 

6.) Where are the university announcements?

University Announcements have been replaced by Nestlist. Nestlist serves as the new SJU classifieds. In Nestlist, you can post about campus events, items for sale, classes, and more.

In the event of a true university emergency, the notification will be displayed prominently at the top of The Nest.

nestlist

 

7.) Now that I’m done finding my courses and paying for my tuition, where is the fun stuff?!

We have designed the Campus Life page to be the social center of The Nest. Here you will find links to sports on campus, Radio 106.1, events hosted by Student Life, NestFlix, the Chapel schedule, and of course SJU’s official Facebook, Instagram, and Twitter (if you don’t follow those three things, you’re missing out).

fbportlet

8.) I clicked a link and was given a “Session Expired” error. What do I do?

session expired error

 

Clear cookies, cache and restart browser

If you have gotten this error at some point while working in The Nest, you simply need to clear your browser’s cache. Find your browser below with instructions on how to do so:

Internet Explorer

To check what version of Internet Explorer you are using, go to Help – About Internet Explorer.

If you are using Internet Explorer (11.0), you will go to Tools – Delete Browsing History and check the boxes for Temporary Internet Files and website files and Cookies and website data. Hit Delete.

If you are using Internet Explorer (10.0), you will go to Tools – Delete Browsing History and check the boxes for Temporary Internet Files and website files and Cookies and website data. Hit Delete.

If you are using Internet Explorer (9.0), you will go to Tools – Delete Browsing History and check the boxes for Temporary Internet Files and Cookies. Hit Delete.

Mozilla Firefox

If you are using Firefox version (3.0) or earlier, please update your browser by going to www.mozilla.com

In Firefox 30, click on History – Clear Recent History.  Choose the time range of Everything.  Make sure at least the top 5 boxes are checked and hit Ok.

Google Chrome

Click on the three horizontal lines in the upper right hand part of the browser. Click on settings. Click on “Show advanced settings…” at the bottom of the page. Under privacy click on “Clear browsing data”. Check the boxes for “Cookies” and “Cached images and files”. Finally click “Clear browsing data”.

Safari 7.0 – MAC OS

Go to Safari – Preferences.  Click Privacy then click Remove All Website Data…click Remove Now.

 

9.) Why did we make the switch to The Nest?

We wanted to launch a stable, content-rich portal running the latest version of the Luminis software, which is owned by Ellucian. Our old portal, MySJU, was running on legacy software, which is discontinued by Ellucian support. This project was created to address that issue by upgrading old outdated hardware and software in order to implement a secure, dynamic environment that provides students, faculty and employees with a single point of access to web services customized to their university account.

10.) Could you give me more information about The Nest project?

The new portal project was first introduced to campus in Fall 2013; campus community participated in “Name the Portal” contest In October 2013. Over 800 responses were submitted and The Nest was ultimately voted the winner.

The Office of Information Technology successfully launched the pilot of The Nest (with MySJU in parallel) on 3/17/14. The main focus of the pilot was on enhancing the student experience. Additional features and content for faculty and employees were added during Phase 2, which began in April 2014 and will finish up this month.  Phase 2 also including removing access to the old MySJU portal, which was accomplished on 1/7/15.

The project team has weekly meetings and our main focus is on creating a better user experience for all students, faculty and employees. We engage departments around campus and meet with faculty, staff and students to hear what they would like to see in a portal.  If you would like to be included in any future meetings, please email The Nest project manager, Lauren Adams (ladams@sju.edu).

11.) What’s next for The Nest?

While we are excited to deliver a new portal to the university, we are not done yet!  Phase 3 will start in February.  Some of our initial objectives are to better enhance the content by soliciting feedback as well as continuing to improve the user experience.

12.) Where do I go if I need help/ cannot find something/ have additional feedback?

If you have questions, comments, concerns about The Nest – contact us! You can reach us via email at techhelp@sju.edu, by phone at 610-660-2920, or in person at the Technology Service Center in the Science Center, room 129.  We also have an active social media presence so if you would rather Facebook or Tweet us, please do so.

www.facebook.com/sjutsc or @sjuit

Cybercrime and Law Enforcement

The focus of the final week of National Cyber Security Awareness Month centers around the education of local law enforcement officers to enable them to help their communities deal with the effects of cybercrime and providing the general public with ways to protect themselves from becoming victims of identity theft, fraud, phishing and other forms of cybercrime.

A recent article on the website Politico states, “Cybercrime costs the global economy up to $575 billion annually, according to a new report, with the U.S. taking a $100 billion hit, the largest of any country. That total represents up to 0.8 percent of the global economy, according to the report out Monday from McAfee, now known as Intel Security, and the Center for Strategic and International Studies, a Washington think tank. For the U.S., the estimated $100 billion cost means 200,000 lost jobs and is almost half of the total loss for the G-8 group of Western countries.” (Kopan, 2014)

But the effects of cybercrime aren’t limited to financial damages incurred by companies alone. An article on CNNMoney tells us that “Every two seconds, another American becomes a victim of identity fraud.
The number of identity fraud victims jumped to 13.1 million in 2013, a new report from Javelin Strategy & Research finds. That’s an increase of 500,000 from 2012 and the second highest number of victims since Javelin began conducting its annual study in 2004.Identity fraud occurs when someone’s personal information is used to access money, while identity theft is when personal information is accessed, even if it isn’t used for financial gain. “(Ellis, 2014)

So what can the average consumer do to protect themselves from becoming a victim of cybercrime? The following are some very useful tips for keeping yourself – and your data – safe:

1. Use anti-virus software: Your net-savvy friend may tell you that he doesn’t have anti-virus on his computer because it slows things down. But look at it this way, one wrong click and he may have to make the entire college project from scratch.
2. Didn’t expect, don’t click: The golden rule: Hackers infect PCs with malware by luring users to click on a link or open an attachment. Social media has helped criminals profile individuals. They can see what you’re interested in or what you [post] about and send you crafted messages, inviting you to click on something. Don’t.
3. Different site, different passwords: Keeping a common password for all online accounts is a lot like having the same key for all locks. Only difference being that it is a lot easier to get hold of the online key. Also never reuse your main email password. But most online users own accounts in over a dozen sites. So either try and use clever variations or start doing some really heavy memory-enhancement exercise.
4. If in doubt, block: Just say no to social media invitations (such as Facebook-friend or LinkedIn connection requests) from people you don’t know. It’s the cyber equivalent of inviting home the guy with an eye-patch who stares at you at the bus stop.
5. Don’t bank on public wi-fi: Most Wi-Fi hotspots do not encrypt information and once a piece of data leaves your device headed for a web destination, any ‘packet sniffer’ (a programme which can intercept data) can intercept your unencrypted data. If you choose to bank online on public Wi-Fi, that’s very sensitive data you are transferring.
6. Only shop online on secure sites: Before entering your card details, always ensure that the locked padlock or unbroken key symbol is showing in your browser. Additionally, the beginning of the online retailer’s internet address will change from “http” to “https” to indicate a connection is secure. Be wary of sites that change back to http once you’ve logged on.
7. Lock down your FB account: Remove your home address, phone number, date of birth and any other information that could used to fake your identity. Similarly you might want to delete or edit your “likes” and “groups” – the more hackers know about you, the more convincing a phishing email they can spam you with. Change your privacy settings to “friends” from “friends to friends”.
8. Don’t store your card details on websites: Err on the side of caution when asked if you want to store your credit card details for future use. Mass data security breaches (where credit card details are stolen en masse) aren’t common, but why take the risk? The extra 90 seconds it takes to key in your details each time is a small price to pay. (TNN, 2013)

Resources
Ellis, B. (2014). Personal Finance. Retrieved from CNNMoney: http://money.cnn.com/2014/02/06/pf/identity-fraud/
Kopan, T. (2014). Cybercrime costs $575 billion a year, $100 billion to US. Retrieved from Politico: http://www.politico.com/story/2014/06/cybercrime-yearly-costs-107601.html
TNN. (2013). Work&Life. Retrieved from iDIVA: http://idiva.com/news-work-life/12-ways-to-protect-yourself-from-cyber-crime/21449

Hardware Failure at Internet Service Provider

Today, at approximately 1:15PM the Office of Information Technology (OIT) was made aware of a hardware failure by our Internet Service Provider (ISP).  The ISP is an external company that provides internet connectivity to SJU.

Due to this hardware failure we are currently running at one-third of our normal bandwidth. This means that you will experience extreme slowness and sometimes lack of connectivity. OIT has been in frequent communication with our ISP and will notify the campus community at the time of a resolution.

If you have any questions about this outage, please contact the Technology Service Center at 610-660-2920.

Thank you for your patience.

MySJU is Retiring!

The Nest, SJU’s information portal, launched during the Spring 2014 semester as the replacement for our legacy portal, MySJU.  The Office of Information Technology (OIT) has continued to add functionality and improve The Nest based on feedback received from campus constituents so we may begin the process of phasing out MySJU as our primary portal.

 

On Tuesday, November 18th, we will be redirecting the MySJU portal to instead go to The Nest portal.  This means that when you click on my.sju.edu, you will be automatically be taken to nest.sju.edu in your browser.  You will still be able to gain access to MySJU once you log into The Nest.  We do not plan to completely remove access to MySJU until January 2015, when we are certain all necessary content has been moved to The Nest.

 

We will also begin transitioning links on SJU websites to point to The Nest, rather than MySJU.  For example, if you go to www.sju.edu, the MySJU link at the top of the page will say The Nest as of November 18th.

 

mysju to nest

Additionally, we have now redesigned a portlet under the Employee Page in The Nest called “Useful Links and Tools”. This portlet gives employees direct access to:

 

 

useful links and tools

If you have any questions about the transition from MySJU to The Nest or have any concerns about content from MySJU not being available in The Nest, please contact the Technology Service Center.

 

We welcome your feedback!

 

 

Online Security for Small to Medium-sized Businesses

While cybersecurity is an important issue for both small and big businesses alike, larger companies have a marked advantage when it comes to purchasing and implementing the systems necessary to keep their data safe. Even so, the little guys face the same critical concerns when it comes to warehousing sensitive customer information.

According to the National Small Business Association, 44 percent of small businesses say they’ve been victimized by a cybercrime of some kind at least once. And the cost of those crimes averaged nearly $9,000 each to rectify. Part of the cost is notifying customers of a data theft that might compromise their personal credit or other information. Nearly every state now requires businesses to tell customers if personal data has been lost or stolen. (Kehrer, 2014)

A recent study of cyber crime by the Ponemon Institute reflects the staggering costs inflicted upon businesses due to Illegal data breaches in 2013. German and US companies had the most costly data breaches($199 and $188 per record, respectively) These countries also experienced the highest total cost (US at $5.4 million and Germany at $4.8 million). (Ponemon Institute, 2013)
And while the cost of preventing or repairing the damage caused by cyber attacks can be expensive, the aftermath of the attacks can be devastating. Customers may be less inclined to patron an online business knowing that their personal information has been stolen in the past.

In a recent article published on the Department of Homeland Security’s website, implementation of the following practices was suggested for businesses looking to beef up their data security:
• Use and regularly update anti-virus and anti-spyware software on all computers; automate patch deployments across your organization to protect against vulnerabilities.
• Secure your Internet connection by using a firewall, encrypting information and hiding your Wi- Fi network.
• Establish security practices and policies to protect sensitive information; educate employees about cyber threats and how to protect your organization’s data and hold them accountable to the Internet security policies and procedures.
• Require that employees use strong passwords and regularly change them.
• Invest in data loss protection software for your network and use encryption technologies to protect data in transit.
• Protect all pages on your public-facing websites, not just the checkout and sign-up pages. (Department of Homeland Security, 2014)

As the Internet of today continues to replace the brick and mortar of yesterday, businesses of all sizes continue to search for ways to utilize the global market and unlimited sales and growth potential online commerce has to offer. Their success hinges not only on their ability to supply goods and services to their customers, but to keep sensitive customer information secure as well.

Resources:

Department of Homeland Security. (2014). Cybersecurity for Small and Medium-Sized Businesses and Entrepreneurs. Retrieved from Homeland Security: http://www.dhs.gov/national-cyber-security-awareness-month-2014-week-four

Kehrer, D. (2014, July). Cyber security growing problem for small business. Retrieved from AZCentral: http://www.azcentral.com/story/money/business/abg/2014/07/27/cyber-security-growing-problem-small-business/13242313/

Ponemon Institute. (2013). 2013 Cost of Data Breach Study: Global Analysis. Retrieved from Ponemon Institute: http://www.ponemon.org/local/upload/file/2013%20Report%20GLOBAL%20CODB%20FINAL%205-2.pdf

Securing Infrastructure and the “Internet of Things.”

This year the third week of National Cyber Security Awareness Month focuses on critical infrastructure and The Internet of Things. “The Internet underlies nearly every facet of our daily lives and is the foundation for much of the critical infrastructure that keeps our nation running. The systems that support electricity, financial services, transportation, and communications are increasingly interconnected. The Internet of Things—the ability of objects and devices to transfer data—is changing the way we use technology. “(About Us, 2014)

As connectivity expands beyond computers and handheld devices to include things like household appliances, home safety systems, and even the cars we drive, the need for security – and the degree of impact should that security fail – becomes increasingly obvious…and personal. “Securing the Internet of Things represents new challenges in terms of the type, scale and complexity of the technologies and services that are required. The Internet of Things means sensitive information, such as device operation details and personal data, transitions from moving within secure networks to moving between third parties. The risks of having information travel between externally controlled appliances, customers and sensory-based technology challenges traditional, layered-protection security management.” (Peter Sondergaard – Gartner, Inc, 2014)

What Are the Challenges?

Protecting a vast infrastructire that’s constantly growing and changing to meet the needs of a population of users becoming more dependant upon it necessarily involves a certain degree of difficulty. Navigating this type of terrain obviously comes with its own set of challenges.

1. There’s often no consistent or official software update process or mechanism.
Malware on a Windows machine eventually gets discovered, but Marc Maiffret, CTO at BeyondTrust, says there is little or no visibility into IoT devices. ‘Nobody has visibility into these devices or what is the authenticity of the firmware” if there’s an update to them.

Since many of these devices run on Linux-based platforms, he suggests that their software be managed by the open systems community, which can handle vulnerability and security updates. An IP camera or an SAN storage system, for instance, should have a regular Linux update mechanism. “They should be opened up so they are truly treated as Linux OS. Allow me to SSH into it securely” and manage it like any other Linux OS, he says.

Chris LaPoint, vice president of product management at SolarWinds, says he has three home IP cameras that aren’t running up-to-date firmware. It’s unclear if they contain vulnerabilities. “Even the setup instruction for a lot of these devices, and the configuration of security controls around them, and patching… How does that get managed?”

2. Many consumer product and other nontraditional IT vendors have little or no understanding of the cyberthreats embedded in their systems.
There’s a major disconnect between many of these embedded device manufacturers and the security community. Take the satellite terminal vendor community. Ruben Santamarta, a principal security consultant at IOActive, has found hardcoded passwords, backdoors, and insecure protocols in these devices that could allow attackers to hijack and disrupt communications links to ships, airplanes, and military operations.

3. There’s often a lack of accountability for device security.
For many consumer devices, “there isn’t a clear ownership on who owns the security,” LaPoint says. “Device manufacturers say, ‘We don’t know.’ They’ve hardly thought about it.”

Some just post firmware updates on their websites, and it’s up to the consumers or users to download and update the products. “Some come with obscure instructions, and that you have to do so with a USB cable,” for example, he says. “I don’t think the manufacturers are taking ownership” of securing their devices.

4. Many devices have been improperly configured or have purpose-built features that equate to security flaws.

Many of these devices run on the same network as IT systems. “How do these devices ultimately bridge to other things on my network?” LaPoint says. “If someone sees me in my underwear” via my webcam, that’s not ideal. “But if they are able to gather personal information about me or other systems on my network… What other things can you do?” (Higgins, 2014)

Regardless of the security challenges faced literally on a minute by minute basis, one thing is certain: the Internet of Things – with its ability to provide instantaneous information to a growing number of data-hungry users – is here to stay. Protecting that data and the people who traffic it will continue to be of paramount importance in the years to come.

Resources
About Us. (2014). Retrieved from StaySafeOnline.org: http://www.staysafeonline.org/ncsam/about
Higgins, K. J. (n.d.). 4 Hurdles To Securing The Internet Of Things. Retrieved from InformationWeek: http://www.darkreading.com/informationweek-home/4-hurdles-to-securing-the-internet-of-things/d/d-id/1306978
Peter Sondergaard – Gartner, Inc. (2014). Securing the Internet of Things. Retrieved from Forbes: http://www.forbes.com/sites/gartnergroup/2014/09/25/securing-the-internet-of-things/

Tips and Tricks for Travelers

Whether you’re headed on a vacation or studying abroad, there are some basic necessities to bring with you. But as any frequent traveler knows, there are also tricks, gadgets, and apps to make your experience 10x better:

A universal power adapter should be the first thing you pack if you’re going out of the country. Find one that is all-in-one like this so that you don’t have to worry about losing or forgetting the adapter part that you need for the country you’re visiting.

1 universal-ac-travel-adaptor

Invest in a luggage lock; they can give you peace of mind when you’re out of your hotel for the day but need to leave your valuables in your room.

2 luggage lock One common household item that can prevent travel disasters is a Ziploc bag. Always bring extras! They will prevent spills in your luggage and help keep items separate. Also look for travel space saver bags that roll up to reduce the air in your belongings so you can bring twice as much if needed!

3 pack-mate-suitcase-space-saver-roll-bag-sets-2-medium-1-large--[2]-182-p Noise cancelling headphones can give you peace of mind during a road trip or on a flight. Look for ones that eliminate sound instead of just reducing it so you don’t have to listen to the screaming baby in front of you during those long flights.

headset

If you’re looking at purchasing new luggage for your trip, be sure to look at 4 wheel suitcases. Studies have shown that baggage handlers at airports don’t throw these bags around as much because they’re easier to handle. Plus 4 wheels means no more twisting your wrist pulling your bag over the curb! Look for one with a unique pattern or color to stand out and save time at the baggage claim.

5 trave640829_205674_jbConcerned about having your bag lost or stolen? Trakdot luggage tracker can put your mind at ease. This gadget uses microelectronics and ground based cellular technology to pinpoint the location of your bag.

6 TrakdotLuggageTracker_Globtrac If you’re going somewhere exotic, consider investing in a SteriPEN, especially if you frequent places with unsafe drinking water. This handy gadget uses UV light to disinfect water! It’s also great for camping and long backpacking trips.

7 steripenApps to look out for

AirBnB: Whether you’re backpacking through Europe with friends or couch surfing across the US, AirBnB is your friend. If you’ve never heard of it before, AirBnB matches trustworthy hosts with travelers willing to stay in one of their rooms for a couple of nights. Listings vary by location and range from a living room to an entire apartment. The locations are generally nicer than hostels, but can be a lot cheaper than staying in a hotel, which is great for students.

9 Airbnb-4.0-for-iOS-app-icon-is-smallEntrain: If you have trouble adjusting to your new time zone, try Entrain to reduce jet lag. It uses light to set your internal clock to the new schedule and gets you back on track faster.

entrain

Foodspotting: Whether you’re looking for a place to satisfy your cravings, or just a good restaurant near your hotel, Foodspotting is a visual guide to good eats in your area.

11 CR082K14-Foodspotting_AppGoogle Maps: Many of you may question why this one is on the list because either you already have it, or you use the maps app already on your phone. But there is a secret trick to Google Maps! When you know you’re going to be out of service or in spotty wifi areas in the future, zoom to the area you’ll need to reach your next destination and type “ok maps” into the search bar. This saves the map that’s on your screen so that you can follow it without service!

12 google mapsJetsetter: You may think that travel apps like this are pointless because you can do it all online anyway, but jet setter has a special feature that allows you to book 4 and 5 star hotels for a very low price on the day of your stay. If you’re in the city and can’t decide whether to go home, or if your hotel turns out to be a cockroach filled dump, check the tonight tab to see what else is available. Even though rooms are posted at noon, and can fill up pretty quickly, it’s a great option for impromptu trips to NYC or other local cities.

13 jetsetter_iconPackpoint Packing List Travel Companion: This app helps you remember what you need to pack based on where you’re going and what activities you’ll be doing. You can also customize your list based on the weather and check out suggestions from other travelers.

14 Packpoint Packing List Travel Companion

Rick Steve’s Audio Europe: Don’t waste money on buying an audio guide in the museum or sightseeing center. With this app, you can download an audio guide the night before (so you don’t have to worry about a spotty connection) and listen to the history and significance of your destination. I used Rick Steve’s guides in Athens and Rome and learned so much more about the cultural heritage sites than I would have just reading the brochures! I’d definitely recommend at least trying it when you travel.

17 rick-steves-audio-europe-iphone-app-2012-iconUber:Quickly gaining in popularity, this app is expanding and the service is currently operating in 45 countries. Uber is a transportation service that schedules a driver approved by the company (but not a professional) to get you from your location to your destination. It’s similar to calling a taxi, but can be a lot more enjoyable.

18 uberWhat’sapp, Viper, and Skype:These apps are perfect for keeping in touch with friends and family while traveling. Viber and Whatsapp are great messengers if you’re abroad and don’t want to end up with an exorbitant bill at the end of your trip for texting or calling home. Skype is geared more towards video chat, if you prefer talking “face to face” but also can be used as a messenger if you don’t get service.

3appsXE Currency App: If you’re going to another country that doesn’t take dollars, download XE Currency. This app converts prices from one currency to another so you don’t have to worry about exchange rates. It also helps you realize how much money you’re spending and whether some of your purchases are really worth it!

22 xe currency