AV¶¶Òõ

IMPORTANT AV¶¶Òõ IT SECURITY & USABILITY IMPROVEMENTS

Categories: Students   Faculty   Staff  

April 28, 2020 - As we continue to operate remotely, AV¶¶Òõ has recently improved information security and usability on the university’s systems and services. Please take the time to review these updates:

Zoom Security for Main Campus & Branches

AV¶¶Òõ Information Security and Privacy Office worked with IT service owners to review how Zoom would be used at AV¶¶Òõ, and to help ensure that appropriate safeguards were in place to protect AV¶¶Òõ data in use through the AV¶¶Òõ Zoom service.

AV¶¶Òõ has also recently provided all meeting hosts with recommendations how to secure Zoom sessions and protect the privacy of meeting participants without limiting the ability of AV¶¶Òõ community members to have open meetings with colleagues at other institutions. This information can be found at

External Email Notification Banner and Message Preview in LoboMail

On Dec. 12, 2019, a banner was added to all e-mails sent from outside AV¶¶Òõ’s e-mail system. This was in response to the detection at AV¶¶Òõ of a virus that proliferated through external email phishing and had previously caused a peer institution in New Mexico to physically shutdown for 3 weeks last fall. While this banner has been an important step in mitigating dangerous phishing attacks, we acknowledge that the existing banner minimizes the ability for users to see a preview of the email message content.

After business hours on April 28, 2020, we will alter the text used for flagging e-mails sent from outside the AV¶¶Òõ e-mail system so that the banner alert is smaller and message content is viewable in preview windows. We will continue to whitelist external entities that have a need to send emails on behalf of AV¶¶Òõ.

Here are some important tips to protect your account from phishing:

• Always be cautious with externally flagged e-mails and especially when opening attachments or following links from unverified or external sources.
• Never provide your password through e-mail, even for a password reset.
• If you receive phishing email, any e-mail asking for your password or for Personally Identifiable Information (PII), please forward the e-mail as an attachment to security@unm.edu. For instructions on how to forward email as an attachment, or to see whether AV¶¶Òõ IT is already aware of specific phishing email, please visit phishbowl.unm.edu. Additional information on reporting incidents to AV¶¶Òõ’s Information Security and Privacy Office is available at ISPO.unm.edu.

The goes into greater detail on these improvements and provides additional areas where IT has increased security and usability for us.