- Cannot access article full text
- Cannot access an ebook
- Cannot login to UEF Primo
- Assistance in sign Teams and Zoom
- Using Office apps
- Installing progammes
- Creating pdf files
IT Services (Tipa)
- Changing password
The security of Zoom, used in online teaching and meetings, has been much discussed in media recently. UEF has taken a closer look at the discussion and sorted out the security implications.
The Zoom service used in UEF is offered and implemented by CSC through NORDUnet. The service is located in Sweden and it’s used by Nordic education and science communities. Security and privacy statements of the service are in line with both European and national information security legislations.
The Zoom service offered by CSC is technically different from the free to use American Zoom service offered by Zoom Video Communications, Inc. The leaked phone numbers and credit card numbers mentioned in media do not apply to the Zoom service offered by CSC. The cloud storage feature has been disabled in the Zoom service used in UEF. Any recordings made of online teaching sessions or meetings have not been stored outside the EU, they have been stored in the users’ devices only.
Media has reported that the Attendee attention tracking feature in Zoom can be used by the organizer to track the activity of participants. This feature can only be used to see if a participant’s Zoom session is active not. This feature has been turned off by default in UEF and is now disabled completely, so the organizer cannot activate it anymore.
Media has also reported that the Zoom iOS app (iPhone, iPad), leaks device data to Facebook, and that Zoom has failed to mention this feature in its App Store EULA. The leaks were related to the app’s Facebook login feature, which passed on device data to Facebook when launching or closing the app. Zoom has removed this feature from the iOS app in the updated version 4.6.9., so updating the app from App Store is recommended. The device data passed on to Facebook contains only device technical information, which is by itself not enough to recognize a single user.
Furthermore, media has spotlighted an old vulnerability in Zoom, allowing an attacker to spy on the cameras and microphones in Apple MacBooks. The vulnerability was published in July 2019 and patched by Zoom in July 2019. It’s recommended to always use the latest versions of apps and install any security updates without delay.
It has also been reported that some Zoom meetings have received uninvited guests or been disrupted with inappropriate video clips. This is a common problem with online meetings. Anyone with the invite link may participate in open online meetings. The organizer can control participation with password or login requirements and choose if joining is allowed to anyone or registered users only.
If you have further questions regarding the security of Zoom, please contact: email@example.com
SPSS licenses for home computers are valid until 1.3.2020. New codes that are valid until 31.7.2020, can already be ordered from asiointi.uef.fi.
The UEF computers use a license server that has already been updated and don’t need actions from the users.
License term will be changed to be 1.8.-31.7. The change causes a shorter than normal validity period for the new licenses.
The version will be changed to SPSS 26 on 1.8.2020. More information about the change will be available when the change is near. The version change means that the codes work for only SPSS version 26 after 1.8.2020, the version 25 cannot be used.
We will inform in Yammer when the new version is available (in July).
University of Eastern Finland is again a target of active phishing. IT Services seeks to develop actions again phishing and now we are deploying a Microsoft O365 information security feature, Safe Links. IT Services’ staff has used it already for some time and it seems to work effectively against phishing links.
Safe Links protects against phishing links in email messages and Office documents. For example, when the user clicks a link in an email message, the service checks the link’s UEF address before opening it. If the URL is blocked or determined to be malicious, the user gets a warning page, eg. “This website was blocked by your Office 365 administrator”.
Safe Links protection adds a certain starting string in the front of the link (eg. ”https://eur03.safelinks.protection.outlook.com/”). For now we have not noticed that Safe Links protection had caused any negative effects to the use of the services. However, if you notice a case, where Safe Links prevents the use of some IT service, please contact Service Desk.
There are 10 HP laptops and 2 iPads for short term loans available on both UEF campuses. The devices are meant to be borrowed only for a short term, up to 4 hours at a time.
To borrow a device, register as a user for the Optima vending machine, located in the Joensuu university library and the Kuopio Oppari facilities.
For more information about borrowing the devices, see asiointi.uef.fi (eServices) or Kamu https://kamu.uef.fi/en/student-book/oppari-services-for-students/
Beware of any, even a little bit suspicious emails. Notice that the emails can come from addresses belonging to UEF staff or students. Do NOT click any links or give your username and password even if the page seems to be valid. Usually the address of the webpage reveals that the page is not a valid UEF-page (eg. xxx-weebly.com).
If you are not sure about the validity of the email, please contact IT Services: abuse [at] uef.fi.
If you get a phishing email:
1. If you don’t see a similar message in Yammer, forward the example message to abuse [at] uef.fi
2. Delete the message without clicking any links
If you have clicked the links or have suspicions regarding your information safety:
1. Change your UEF-password to a NEW one in uef.fi/en/tipa/unohditko-salasanasi or by visiting the Servicedesk with your ID in Carelia library or Canthia 2nd floor
2. If you cannot send messages to external addresses, please be in contact with servicedesk [at] uef.fi. Microsoft has then banned you as a spammer
3. The phishers have also created rules to the Inbox: you can delete the rules from the settings of the mail or ask for help from the Servicedesk