IT News

Online Security

Duo Risk-Based Authentication

  • In our effort to continuously enhance our security measures and stay up to date with the latest cybersecurity technology trends, we are introducing Duo Risk-Based Authentication (RBA). This new login security feature will start on Wednesday, Feb. 14, 2024. Duo RBA will help improve cybersecurity across all University of Miami campuses by assessing the risk of each login attempt to University of Miami systems beyond just passwords, considering factors like location, device, and login history.

Duo Universal Prompt

  • As of January 11, 2024, if you use any UM Single Sign-On (UMSSO)-enabled applications like email, Blackboard, CaneLink, myUM, or Workday, you'll now encounter the Duo multi-factor authentication (MFA) prompt in a different way.

Cyber Bowl

  • Help us beat FSU, UF, and other rival schools by playing in Cyber Bowl! As part of Cybersecurity Awareness Month, the University of Miami is challenging rival Florida schools in Cyber Bowl, an online cybersecurity awareness game taking place on the virtual playing field.

New Threat to Microsoft Teams – Criminals Using "External" Contact to Attach Malicious Files in Messages

  • A new tool, dubbed "TeamsPhisher," gives cybercriminals a way to leverage a security vulnerability in Microsoft Teams and automatically deliver malicious files to targeted Teams users in an organization. By impersonating legitimate external contacts or creating fake accounts, cybercriminals are sending messages containing infected attachments, aiming to deceive users into opening them—potentially leading to malware infections and data breaches. At this time, we highly discourage communications with external users/tenants, if not expected and/or required.

Changes to Default Sharing Options in Microsoft 365 Cloud Services – OneDrive, SharePoint, Teams

  • In August 2023, University of Miami Information Technology (IT) changed the default sharing option in Microsoft 365 cloud services—OneDrive, SharePoint, Teams—to "Specific people" to ensure the security of our digital information. When choosing to share a file or folder, you can manage the share settings as needed; however, IT highly recommends NOT using "Anyone with the link" as the sharing option. Instead, limit sharing to either "Specific people" or "People in your organization."

New CaneID Self-Service Portal Look and Password Reset Feature

  • The CaneID Self-Service portal displays a new look and feel, and University passwords are reset via the new CaneID identity management solution.

Stay Secure: Change Your CaneID Password Online

Update Your Chrome Browser to Address High Severity Vulnerabilities

  • Google released an updated Chrome browser in response to various, new high severity vulnerabilities. If you're a Chrome user on Windows, Mac, or Linux, please update your Chrome browser to version 99.0.4844.84 as soon as possible.

Duo Implemented Restrictions on Authentications in OFAC-regulated Countries

  • To comply with U.S. regulations, Duo implemented a change in their company policy. On May 5, 2022, Duo began blocking authentications from users whose IP address originates in a country or region subject to economic and trade sanctions by the U.S. Office of Foreign Assets Control (OFAC), including Cuba, North Korea, Iran, Sudan, Syria, and regions in Russia and Ukraine.

Access UM's Network via UMIT's Approved Remote Access Tools

  • In an effort to reduce potential security risks, UMIT has turned off the ability to log in to the UM network through the use of unsupported remote access tools.

New Email Security Feature: File Attachments Commonly Used to Transmit Viruses or Malicious Software have been Blocked

  • Please be advised that a new email security feature has been implemented to block file attachments that are commonly used to transmit viruses or malicious software in an effort to further protects the University's email system and individual mailboxes.

Enroll in Multi-Factor Authentication (MFA) Today!

  • Multi-Factor Authentication (MFA) is now required for all University of Miami faculty, staff, and student employees. MFA uses a second factor, e.g., mobile phone or tablet, to authenticate your login—in addition to your CaneID credentials. Since hackers don't have physical access to these devices while attempting to compromise your account, your information is secure.

Visit the Information Security Office's website for additional online security articles.