• Bulletin Board

    Technology Announcements, Programs and Services
     

    Phishing/spam email awareness training

    Employees are encouraged to participate in email awareness training to learn how to identify and deal with potentially harmful and malicious emails. These emails mislead employees into sharing login credentials or other sensitive information which may compromise personal records or employee identities.
     
    The training is available on the staff and administrator training app modules on Blackboard.
     
    Email awareness training
     
     

    Sending encrypted emails with Outlook or Office 365

    City Schools employees can now securely send encrypted emails to external or internal recipients by including the "BcpssSecure" tag in the subject line of an email. For example, if a subject line is written as "Update to dress code policy - BcpssSecure," the related email will automatically be encrypted and will require a pass code or secure sign-in to be read.

    Click here for more information about sending and receiving encrypted emails.

    For questions, contact the IT Service Support Center at 443-642-3000 or ServiceDesk@bcps.k12.md.us


    Annual technology inventory

    The annual technology inventory begins on Monday, January 8. This year, there will be a few changes to the process to improve the accuracy of records documenting the district’s technology devices. As in the past, school leaders must identify inventory managers responsible for updating the inventory; the deadline for doing so via Principal’s Dashboard is Friday, January 19. A team from the Information Technology Office will be scheduled to visit each school to assist inventory managers with data collection, verify accuracy, and answer any questions.

    Please review this milestone chart, which also includes information on the process and instructions regarding identification of inventory managers.

    For questions, contact the IT Service Support Center at 443-642-3000 or ServiceDesk@bcps.k12.md.us


    Reducing the risks of online shopping

    At this time of year when online shopping hits its peak, it’s important to remember that when you shop online, you may attract phishing attempts, expose yourself to identity theft, and raise the risk of cyberattacks on network systems.

    Please follow these recommendations to protect yourself at all times of year, and particularly in this season if you are increasing your online shopping activity.

    • Manage your online privacy and passwords.During the online shopping season, you are more likely to open emails, create new accounts, share your email address, or reuse a password. This can result in your receiving and opening emails that you do not realize are malicious and you may then inadvertently share password information with cyber criminals. For this reason, you should use different passwords for different accounts. Note that your City Schools password should not be used for anything other than logging into your City Schools network accounts.
    • Do not use your work email address when online shopping. Never register for online accounts with your City Schools email address. This discloses where you work and may increase your risk of being targeted and City Schools’ chance of being targeted by cyberattacks. Note that the district’s Internet Safety/Acceptable Use of Technology policy indicates that use of City Schools’ email system is limited to City Schools’ business purposes only.
    • Use caution when opening unfamiliar emails or visiting unfamiliar websites. Opening suspicious emails and attachments, clicking on links to infected websites, or clicking on malicious advertising (“malvertising”) can introduce malware into your account and into the network. When in doubt, delete and don’t click.
    • Use your home computer or personal mobile device for online shopping. Help protect the City Schools network by doing your online shopping at home or on your own mobile device. Note that the Internet Safety/Acceptable Use of Technology policy allows only limited personal use of district systems.

    Scam alert [Posted: November 13, 2017]

    A phishing attempt is using a screen-shot of a City Schools web page to lure employees to enter their user ID and password (log-in credentials) in order to gain access to other sensitive information. This is a fictitious website.  Individuals may email you this link in an email as an attempt to lure you into entering your credentials. This is simply a screen shot of our web page (with the hackers web address) in an attempt to gain private credentials. ITD has blocked this site, but all users must be mindful of web addresses when accessing  City Schools resources from external devices or computers.
     
    As a reminder, ALWAYS access City Schools’ resources via our main page
     
    Fake web page example
     
     
    Baltimore City Public Schools does not solicit personal information (e.g., social security numbers) from employees over the phone or through email. Employees should not participate in any call which seeks this type of personal information or respond to any email seeking the same. 

    Click here for more information on how to protect yourself from these attacks.

    If you see any suspicious activity, contact ITD Service at (443) 642-3000.
     
     

    Computer safety alert [Posted: October 25, 2017]

    A new ransomware outbreak ("Bad Rabbit") is spreading across the globe. The Information Technology department is working to ensure that all systems are protected, we want to show you what to look for in case you encountered it here at work or at home.

    The ransomware is often delivered via a compromised (and possibly legitimate) webpage. If you see a pop-up message about updating Adobe Flash like the one below, do not click anywhere on it. Instead, call the IT support desk immediately at 443-642-3000.

     Malware image

     

     

     

     

     

     

    Clicking on the above will load the malware may onto your system where it could encrypt/destroy files. If you encounter this at home, log out without interacting with your browser, log back in, and immediately clear the browser history. You should also avoid the infected website for a few days.

    If your machine is encrypted after the malware process completes, you will see:

    Malware example

     

     

     

     

     

     

     

     

    Followed by a payment page:

    Malware example  

     

     

     

     

     

     

     

     

     

     

     

    NOTE: If you see either of the two images above on your system, immediately shut down your computer and call the IT support desk at 443-642-3000.

    The malware will sometimes attempt to connect with the following passwords. If you’re using one of these anywhere, change it to something else immediately.

    Poor passwords

     

    Password resets

    City Schools employees are encouraged to use the password reset tool to reset Network passwords and Employee Self Service passwords. Network passwords are used for features such as logging into workstations and Office 365. Employee Self Service passwords are used to access paycheck statements, for open enrollment, to register for professional developments, or to apply for new positions.

    The password reset tool can be accessed by visiting https://reset.bcps.k12.md.us or by clicking on the password reset icon found on most school computer desktops.

    For assistance, view this tutorial video.
     
    Deadline: Ongoing
     

    Protecting against "ransomware" attacks

    Criminal hackers recently released a strain of ransomware, WannaCry, that spreads itself automatically across all workstations on a network. As of mid-May, this attack had impacted approximately 150 countries. Although the initial spread of the virus has slowed, modified versions are still being released across the globe.

    Be very suspicious when you get an email from an unknown sender or when you get an unexpected attachment. If you accidentally open one of these phishing email attachments, you might infect not only your own workstation, but other workstations as well. If there is a .zip file in the attachment, do not click on it: Delete the whole email. Remember, "When in doubt, throw it out!" Also, be careful with any external devices (i.e. thumb drives, storage devices, etc.) that you plug into your workstation. These external peripherals can carry viruses that easily migrate to your workstation.

    Please watch this video which outlines fraudulent emails and steps to take to ensure security. Additional helpful information can be accessed using the links below:
    As a reminder, City Schools' IT department does not initiate contact with staff via email to change passwords, obtain social security numbers, dates-of-birth, or other information that would be considered personally identifiable information (PII).
     

    Phishing attacks

    Email phishing attacks are attempts to steal personal information, such as usernames and passwords, and can appear to come from legitimate email accounts. Recent phishing messages have included the below examples:
    • “This is your last warning. You will not be able to receive or send mail in the next 8 hours. Click here to increase your Outlook mail box quota limit.”
    • “Your SD has exceeded its storage limit. CLICK HERE and click on FINISH to get more space or you won’t be able to send mail.”
    • “Kindly send list of W-2 (tax and wages) copy of all employees for 2016 in PDF here.” 
    Please note that the district office never sends messages such as these.

    Because City Schools’ email servers have been experiencing increased phishing attacks, staff members are encouraged to delete all suspicious email messages and avoid opening attachments from unknown sources. They are also encouraged to watch this video, which outlines fraudulent emails and steps to take to ensure security. (Click here if you experience technical difficulties when viewing the video.) 
     

    How to Access and Use the Guest Wireless Network

    Visitors to City Schools schools and offices can now access the internet by connecting to the BCPSS-GUEST wireless network. After connecting to the network, visitors will be redirected to a registration page. Guest access requests will be approved by a City Schools staff member who is a wireless approver.


    Using public wi-fi safely

    Local coffee shops, airports, or public gathering places that provide free wireless networks are convenient, but are often not secure. Follow these guidelines when using public wi-fi.
    1. Use caution and be aware that public wi-fi is inherently insecure. Laptops, smartphones, and tablets are all susceptible to wireless security risks.
    2. Treat all wi-fi links with suspicion and avoid connecting to unknown or unrecognized wireless access points.
    3. Use a virtual private network (VPN) when you connect to a public wi-fi network to encrypt all of your data that passes through the network.
    4. Avoid logging into websites which put your identity, passwords, financial or any other personal information at risk.
    5. Protect your devices against cyber attacks with a rigorous anti-malware and security solution and ensure that it’s updated regularly.

     For more information, visit www.staysafeonline.org.


    5-Digit Dialing

    When placing phone calls between schools and district buildings and vice versa, callers may have to use 10 digits instead of 5 because district phones were recently upgraded. All schools can be reached using 10-digits.
     
    (Expires: Ongoing)