Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

Security

External emails not delivered

Thursday, May 6th, 2021

Since Friday, 30 April, many external emails have not been delivered to SU staff and student mailboxes. These messages have been placed under quarantine by Microsoft for security reasons.

The issue was reported to Microsoft earlier this week and is receiving urgent attention from both Microsoft’s engineers as well as our own system engineers. 

We realise that important messages might have been queued and therefore we will release all pending messages tomorrow ((Friday, 7 May) afternoon at 16:00 as a temporary solution to the problem.

Please take note that messages could include spam or phishing emails and you need to be extra careful when dealing with these particular messages.

We apologise for the inconvenience and hope that the situation will be resolved soon. 
Any enquiries regarding this can be logged on the ICT Partner Portal.

POPIA: How valuable is personal information?

Thursday, April 15th, 2021

Personal information has value—to the individual, to researchers, to the University, and to malicious attackers. The first step towards appropriately securing personal information involves building a proper understanding of the value of the personal information you use for institutional processes and research projects.

The Division for Information Governance has launched an online privacy impact self-assessment tool. The assessment allows you to quickly assess the value of personal information based on legislative definitions and how the information may be abused by malicious users. The assessment results provide further guidance on addressing the risks associated with working with higher value personal information.

For the more complex or higher value institutional processes and research projects, the Division offers facilitated impact assessments. For more details, visit www.sun.ac.za/privacy or contact privacy@sun.ac.za.

Also read our previous article, “Getting ready for the Protection of Personal Information Act”  here.

[Article provided by Division for Information Governance]

Change your password online

Thursday, February 25th, 2021

In the past, the IT Service Desk was your first stop when you forgot your password (we know, it happens to us too!) or had to change your password. Unfortunately, due to various security risks, as well as the very strict new data protection acts, the Service Desk is no longer allowed to change or reset your password for you. (You can read more about the university’s own Data Privacy Regulation here)

We would like to encourage staff and students to use the Password Selfhelp website in future. We realise that this might be inconvenient, but for your and our own protection, we will have to follow this procedure. 

 The Password Selfhelp website (www.sun.ac.za/password) offers two options: 

  1. Change Password for users who know what their password is and want to change it. 
  2. Reset Password for users who forgot their password. 

To use the online Password Selfhelp, your cellphone number or an alternative email address has to be on the HR records, otherwise, you will not be able to change your password. You can update this information by logging onto SUN-e-HR though the staff portal,  http://my.sun.ac.za or contacting your department’s HR contact person. 

Select the My Profile link – Personal Information

Log on to SUN-e-HR.

Select Basic Details – Update, Other, Personal Email Address 

or

Select  Phone Numbers – Update

During the password change process a PIN code, consisting of 8 numbers, will be SMSed or emailed to the user (depending on which option he/she selected) Please use this PIN to change your password on the self help website. As soon as the password has been changed, the user will be notified by means of SMS or email.

If you have not requested a password change, please notify the IT Service Desk immediately at 808 4367.

IMPORTANT!

If you are working from home you will also need to follow these instructions after you’ve changed your password to ensure that it sync properly across devices and accounts.

Getting ready for the Protection of Personal Information Act

Monday, February 22nd, 2021

The Protection of Personal Information Act (4 of 2013) (POPIA) goes into full effect on 1 July 2021.  A brief summary of the POPIA Act is available here.

To support the University community’s readiness for POPIA, the Division for Information Governance has launched a series of guides and tools at www.sun.ac.za/privacy, including our institutional privacy regulations, an online privacy impact self-assessment, and channels for reporting incidents or breaches of personal information.

The Division for Information Governance also offers awareness sessions, facilitated privacy impact assessments, and internal advisory and consulting services by request. For more details, contact privacy@sun.ac.za

“PLEASE SUPPORT STIAS…” email causes a mail storm

Friday, February 19th, 2021

There is no reason to be worried or concerned about a mail that is being circulated with the subject line starting with “PLEASE SUPPORT STIAS…”

Although it is definitely spam (defined as unsolicited commercial e-mail) it does not appear have any dangerous content and was sent out by a university user to over 300 addresses one of which was the general IT Service Desk email address. Because it was sent to the address which automatically logs service requests the account automatically emailed all the recipients with “Cancellation” e-mails, who then replied, etc. This was no fault on the side of the IT Service desk as it is an automatic process of the Jira logging software that IT uses to track its calls.

This is known as a mail storm in IT jargon when somebody replies to a single e-mail sent to a mailing list and inadvertently replies with a personal message to the entire mailing list leading to a snowball effect or a mail storm. It is like a dog chasing its own tail!

If you receive a mail with the subject line ICT-338035 FW: PLEASE SUPPORT STIAS – PLAN YOUR NEXT MEETING, WORKSHOP AND OR CONFERENCE WITH US”  or “PLEASE SUPPORT STIAS – PLAN YOUR NEXT MEETING, WORKSHOP AND OR CONFERENCE WITH US” just delete it. 

If you want to take it further and set up a mail filter to delete all mails with that particular Subject, then you can do so. However do not blacklist the sender or report it to the help@sun.ac.za address or it will just perpetuate the spam, and you could block legitimate e-mails from IT or the original sender.

Stay safe out there and thank you to everyone who flagged this email. It is encouraging when we have such observant and enthusiastic users.

[ARTICLE BY DAVID WILES]

 

 

© 2013-2021 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.