The Curative Analysis team in IT is tasked with finding the causes of significant IT issues that affect campus. In this news update, we draw your attention to some of the problems being investigated or issues handled recently.

Phishing Attempts: Spring semester 2018 saw a 250% increase of phishing campaigns coming to WCU.  Several steps have been taken to provide a more secure environment for our users.  The first step was to turn on Multi-factor authentication (MFA) off-campus access to most IT resources for all employees. MFA for student accounts was turned on September 10, 2018.  Along with requiring MFA for off-campus access, we turned on Modern Authentication on April 9, 2018 for all faculty and staff. Modern Authentication, when combined with MFA, provides an additional level of security.  To implement this security layer, WCU has adopted the Microsoft Outlook app as the only supported mobile Email app. This requires mobile devices to apply security features and also requires MFA to setup access to an account on a mobile device. In July, all WCU accounts have also been added to Avanan, a new email filtering tool which provides further protection against phishing attempts.

Windows Computers:  An issue was discovered after a recent Windows Feature Update causing several computers running the Windows operating system to attempt to log in to the Azure AD domain instead of the WCU domain.  Clients can still log in to their computers by using wcu\ before the username (i.e. wcu\username) at which point a technician can unbind the computer from the Azure AD domain and rebind it to the correct WCU domain. IT staff are working with Microsoft to determine the cause of the issue.

Banner 9 Admin:  IT recently received several reports referencing slow performance using Banner 9 Admin.  IT staff worked with the Banner-hosting vendor to add additional memory to the Banner 9 application server.  We continue to monitor and see improved performance after adding additional resources.

Email:  A recent issue with the Avanan email filter caused a delay for external emails coming in to @email.wcu.edu and @catamount.wcu.edu accounts.  The vendor’s servers became overloaded with emails coming in from Office 365, and they were able to resolve the issues and analyze emails before releasing them to clients.  All email services are now back to normal operation.

Equitrac:  A recent Microsoft update to Windows removed the Equitrac client from several Windows 7 and Window 10 computers.  The update affected approximately 150 out of the 2,500 WCU-owned Windows computers.  IT is currently in the process of evaluating our current Managed Print Service and began a pilot of the updated Managed Print Service on September 17, 2018.

Banner Report Portal:  Three separate issues occurred in July when trying to access various reports in the Banner Report Portal.  Investigation showed that the SQL server was running on an ‘iSCSI network’ instead of the Data Center network.  An update has been scheduled to update the SQL server to use the Data Center network.

Brute Force Attack:  A recent brute force attack originating from several US and foreign computers including China and Indonesia caused several user accounts to become locked out repeatedly.  As the log in attempts were tried multiple times, our password policy provided additional security by locking out the accounts after multiple failed log in attempts.  We have updated our firewall rules to deny access from these external computers to prevent further attempts.

Student Vault Storage:  An issue was discovered for students attempting to edit some files saved in Vault storage.  The files could be saved locally (to the VM or physical computer), then edited and copied back to Vault. IT worked with the Vault storage vendor, 45Drives to resolve the issue.

Office 365:  A recent Microsoft issue prevented any new activations of MS Office.  A portion of Microsoft’s infrastructure responsible for Office 365 client sign-in and subscriptions became degraded, resulting in the impact to Microsoft’s customers. Microsoft resolved the issues, and the service has returned to normal operation.

VCAT:  VCAT clients began receiving connection issues when attempting to launch a desktop or application.  Investigation determined that all VCAT traffic was being routed through one connection server.  Additional load balancing was implemented to balance the traffic across four connection servers instead of one, and the service has been restored.

Sharelink:  An update to the firmware for Sharelink in conference rooms is causing an issue with Extron audio transmissions.  IT staff are working with the vendor to obtain an update.  As a workaround, we are rolling back to firmware version 2.0.2.5 and adjusting the digital audio gain or attaching an audio cable in the

September 2018
Global Problems: (Total 4)

Vault Student Storage:  1
Email:  1
Wireless Network Connectivity:  2

The Division of IT is committed to adopting a proactive, process-oriented approach to prevent problems before they arise. We will continue to keep you informed on our progress.