Issue 26, October 26, 2021

UTHSC’s Office of Cybersecurity has been selected as a finalist for the 2021 Cyber Outstanding Security Performance Awards (OSPAs) in the category of Outstanding Cyber Security Team. The Cyber OSPAs recognize and reward companies, teams, individuals, products, and initiatives globally across the cybersecurity sector. The criteria for these awards are based on extensive research on key factors that contribute to and characterize outstanding performance. A list of all categories and finalists can be found on the Cyber OSPAs webpage.

Winners will be announced on Tuesday, December 14, 2021.

If you are hosting a campus event where you need an attendance record of UTHSC attendees, you can use the ID badge scanning app (owned by Human Resources). The app allows one or more people to scan attendees’ UTHSC ID badges, recording attendance in a database where reports can then be created.

HR can provide training and assistance for the app as well. To see a list of what resources you need to use the app, please visit our TechConnect Event Attendance: ID Badge Scanning knowledge base article.

How to Get Started

If you are interested in scanning badges for your next event, please send the following information hr@uthsc.edu:

• Event date, start time, and end time
• NetIDs of attendance-takers
• # of laptops needed (if borrowing from HR)
• # of barcode scanners needed (if borrowing from HR)

Despite using Zoom for over a year now, do you still feel like you're just getting by with the basics? Or maybe you are new to the university and struggling with learning Zoom.

Available Zoom Webinars

• Getting Started with Zoom Meetings
• Zoom Meetings, Advanced
• Zoom Meetings for Education
• Breakout Rooms
• Zoom Desktop and Mobile Client

Ready to start sending surveys? It's easy to request a Qualtrics account.

All you need to do to get started is visit our Qualtrics Account Request and request the service.

Qualtrics is no cost to you powerful online survey research tool that is supported (training available), secure (HIPAA and FERPA compliant), and powerful (powerful functionality and available 24/7 from anywhere). For more information on Qualtrics and other survey software, visit our Survey Software category in the TechConnect knowledge base.

Are you a researcher that collects data from people? If so, you are probably aware that collecting this type of HIPAA, PHII, etc. data requires strict levels of protection.

To assist with the security of this data, UTHSC has a security program and published Cybersecurity Standards and Practices. UTHSC has defined a number of data classifications, documented in Standard-InfoSec-GP-002-Data & System Classification. For our research community dealing with human subject data, Controlled Unclassified Information (CUI), HIPAA data, or Classified federal data, the important definitions are:

• Classified: Data in any format that has been determined: (i) pursuant to Executive Order 12958 as amended by Executive Order 13526, or any predecessor order, to be categorized national security information; or (ii) pursuant to the Atomic Energy Act of 1954, as amended, to be Restricted Data (RD).
• Confidential: Data in any format collected, developed, maintained, or managed by or on behalf of the UTHSC, or within the scope of UTHSC activities that are subject to specific protections under federal or state law or regulations or under applicable contracts, and/or cause significant financial, reputational loss, or legal liability. Examples include, but are not limited to medical records, social security numbers, financial account covered by the Payment Card Industry Data Security Standard, driver's license numbers, non-directory student records, data used to authenticate or authorize individuals, federal data categorized as Controlled Unclassified Information (CUI), and export-controlled technical data.

Systems containing data categorized as Classified require special attention and are not allowed to be connected to the UTHSC network. Contact the UTHSC Cybersecurity team for more information.

Most of the data UTHSC's research community handles is categorized as Confidential. To ensure that these data or information are adequately protected, specific administrative, physical, and technical protections need to be implemented. If a researcher is unable to comply with any of these requirements, a request for exception may be submitted, Practice-Infosec- GP-001.02-Security Exceptions and Exemptions to ITS Standards and Practices. However, adequate alternative measures must be in place and properly documented before an exception will be granted.

Microsoft has some excellent training courses we recommend:

Use Chat and Calling Features in Microsoft Teams
Join us to learn how to extend your circle of communication and collaboration with Microsoft Teams. Easily connect with your colleagues anywhere, anytime and manage all your conversations from one central platform. Register

• Oct 28 - 4:00 - 5:00 pm

Introduction to Microsoft Excel
Join us for a free, 60-minute training on Microsoft Excel for the new or novice user. The training will focus on overall navigation, formatting, simple formulas, charts and tables and an overview of printing. Register

• Oct 29 - 9:30 - 10:30 am

Microsoft Planner L100
Understand Planner navigation and Microsoft 365 integrations • See how to create and organize a plan • Share a plan and assign tasks • Learn to stay on top of tasks assigned to you • Learn to stay on top of the project using charts, calendars, and specialized views Work with Planner in Teams or SharePoint. Register

• Nov 01 - 12:00 - 1:00 pm

Manage your Business appointments with Microsoft Bookings
This course introduces Microsoft Bookings to help you simplify how you manage and schedule appointments. Register

• Nov 02 - 11:00 - 12:00 pm

Lists and Planner and Teams - oh my! Microsoft gives us access to so many incredible tools that sometimes, it can be tricky to know what to use when!

This 11-minute video by jumpto365 may be able to help you navigate the sea of Microsoft 365 productivity tools.

Overview

Email is still one of the primary ways we communicate, both in our personal and professional lives. However, quite often we can be our own worst enemy when using email. Here are the most common mistakes people make with email and how to avoid them.

Auto Complete

Auto-complete is a common feature in most email clients. As you type the name of the person you want to email, your email software automatically selects their email address for you. This way you do not have to remember the email address of all your contacts, just their names. The problem is when you know people that share similar names, it is very easy for auto-complete to select the wrong email address for you. For example, you may intend to send a very sensitive work email to “Janet Roberts”, your co-worker, but instead, auto-complete selects the email address for “Janice Rodriguez”, your child’s basketball coach. You end up sending a sensitive work email to someone you barely know. Always double-check the name and the email address in any sensitive email before you hit send. Another option is to add the recipient’s email after you have drafted your message, ensuring you selected the intended individual.

Reply-All

In addition to the “To” field when you create an email you also have a “CC:” option. “CC:” stands for “Carbon Copy”, which allows you to copy additional people on your email and keep them informed. When someone else sends you an email and has CC’ed people on the email, you have to decide how you want to reply: just to the sender or to everyone that was included on the email via Reply-All. If your reply is sensitive, you most likely want to reply only to the sender. However, be careful as it’s very easy to mistakenly hit “Reply-All,” which means you would reply to everyone on the email. Once again, whenever replying to a sensitive email, always double-check who you are sending the email to before you hit send.

Emotion

Never send an email when you are emotionally upset--it could harm you in the future, perhaps even costing you a friendship or a job. Instead, take a moment and calmly organize your thoughts. If you need to vent your frustration, open up a new email (make sure there is no name or email address in the TO section) and type exactly what you feel like saying. Then get up and walk away from your computer, perhaps make yourself a cup of coffee or go for a walk.

When you come back, delete the message and start over again. It may even help to have a friend or co-worker review your draft response objectively before you send it. Or better yet perhaps once you have calmed down, pick up the phone and simply talk to the person, or speak face to face if possible. It can be difficult for people to determine your intent with just an email, so your message may sound better on the phone or in person. Remember, once you send that email, it exists forever.

Privacy

Finally, email has few privacy protections. Your email can be read by anyone who gains access to it, similar to a postcard sent in the mail. Your email can easily be forwarded to others, posted on public forums, released due to a court order, or distributed after a server was hacked. If you have something truly private to say to someone, pick up the phone and call them. If you are using your work computer for sending emails, remember that your employer may have the right to monitor and perhaps even read your email when using work resources.

Attachments

If you’re attaching documents to your message, double-check that you’ve attached the correct versions of the correct files before sending.

Antonese James
In each issue, we feature one of our amazing ITS team members. We learn more about Antonese James with our Administrative team in this segment.

What is your role and how long have you been in ITS at UTHSC? I am an Administrative Secretary, and I have been in ITS at UTHSC for four years.

What is a day in the life of Antonese like? The day in the life for me varies. When I am not bringing sunshine to the lives of others, I am serving as the telephone operator for campus and the Admin Support and gatekeeper for the ITS department. I am the first smiling face staff, students, and visitors see when stepping off the elevator, and I am also the person that calms others on the other end of the phone before they reach the department or person they are looking for (Yes, dealing with irate callers so others do not have to is my job). There is never a dull moment in the day for me. When I am not fulfilling these duties, I am assisting others within the department with anything I could assist with (That’s me bringing more sunshine.). I believe we rise by uplifting others. You have to find something bigger than yourself

What is your favorite thing about working at UTHSC? One of the biggest reasons I love working at UTHSC is the environment and the people I have been so blessed to meet. When I am here, I feel like I am with family and not just co-workers. I lost my dad unexpectedly on September 25, 2021, and the outpour of love and support I have received has been astonishing. I am blessed to be part of a department that celebrates each other’s success, as well as uplifts each other when it’s needed the most.

What’s something most people don’t know about you? Most people do not know that when I am not working, I am always working on personal development, I am either taking some sort of training, obtaining another degree, or I am enjoying the sun with my kids and family. Since I have been at UTHSC, I have obtained my undergraduate degree in Child Development, my graduate degree in Strategic Leadership, and I am currently working on my second graduate degree in Healthcare Administration. I am excited to see where my journey leads.