Please keep Duo Mobile updated. Make sure your device’s operating system (OS) is up to date so that you can update Duo Mobile to its latest version, and so that your device can receive Duo’s security and maintenance fixes.
When you update your OS, please check that Duo Mobile updated as well, as this may not occur automatically — you may need to manually update Duo Mobile.
Android devices using OS 10 and earlier will no longer be able to download the latest version of Duo Mobile nor receive Duo Mobile maintenance fixes and security updates, starting Feb. 8, 2024; the same issue will be true for Apple devices using iOS version 14 or earlier.
UW-IT recognizes there may be hardship situations and other reasons why you cannot update your current device’s OS; there are other options, including that you can:
On Feb. 8, 2024, Duo Mobile will continue to work and provide 2FA protection for those who do not or cannot update their device’s OS. However, both Duo and UW-IT recommend using 2FA via updated/compatible device OSs and the fully updated Duo Mobile app.
Note: For phone-based use of 2FA on the older OSs, Duo-generated passcodes through SMS/texting will not work. While Duo’s documentation mentions the SMS/texting option, UW-IT does not support this form of authentication via Duo. Passcodes must be generated through the Duo Mobile app.
Contact the UW-IT Service Center at help@uw.edu or (206) 221-5000. Please put Duo Mobile in your email subject line.
]]>
UW-IT’s annual cybersecurity message for 2023 was sent to all University of Washington students, faculty and staff and UW Medicine employees with approval from the Interim Chief Information Security Officer:
As National Cybersecurity Awareness Month (NCSAM) draws to a close, we are writing to remind you about ways to be safer and more secure online. Besides sharing the following cybersecurity tips, we want you to know that we have changed our name from Office of the Chief Information Security Officer to Office of Information Security to better describe the focus of our work. We look forward to working with you to protect personal data and UW institutional information.
1. Recognize phishing and scams.
Scammers commonly use phishing emails to trick you into giving them your personal information, such as passwords or credit card numbers, and they’re often successful. Be skeptical of any email that urges you to click on links or download attachments.
Phishing emails may appear to come from a recognizable person or organization, such as your supervisor, UW organizations, or the health department. Be suspicious of unsolicited job opportunities, offers of financial aid, requests to purchase gift cards or opportunities that seem too good to be true.
2. Secure your UW NetID and other accounts.
Be careful not to use your UW NetID password with any other account. Multi-factor authentication (MFA) helps prevent others from signing in as you, even if they know your password. Duo, a two-factor authentication (2FA) service, is widely used at UW for MFA and we recommend that you also use some form of MFA (or 2FA) for other accounts and services, such as personal email, social media, and bank and financial accounts.
3. Secure your computer and other devices.
Keep computers, devices and all applications — including antivirus software — updated and patched. Encrypt computers and devices, and keep track of the encryption key.
4. Secure UW institutional data.
Learn what types of data you are responsible for and take steps to secure data appropriately in applications. Four* data classifications are described on the UW Privacy Office website: UW Confidential, Restricted, Public, and Special Categories of Personal Data. Certain data types are protected by laws and regulations. Back up your data in at least two different ways, including one offline version.
5. Secure your Wi-Fi communications.
Configure your devices to use eduroam — a free, encrypted Wi-Fi network available at the UW (and at any eduroam-enabled institution throughout the world). There are instructions for how to set up your device to access eduroam on IT Connect.
6. Secure communications while working remotely.
Use a virtual private network (VPN), such as Husky OnNet, when working at home or remotely to access resources on the UW network. Take steps to secure your home Wi-Fi network by using strong passwords and the strongest encryption possible on home routers.
7. Know the rules.
State law prohibits the use of UW computing resources, tools or services for commercial or political purposes. Follow copyright laws for software, images, music or other intellectual property, such as books and videos. For more information, review the Appropriate Use web page on IT Connect.
If you have any questions or concerns, please contact help@uw.edu.
Thank you for helping to secure your personal and UW data.
Mark T. Nardone CISSP, CISM, CIPM
UW Interim Chief Information Security Officer
Office of Information Security
*Note: The email version of this message erroneously referred to three UW data classifications. There are four.
]]>
The kick-off will include information stations focused on six key themes and you’ll learn about events, training, and awareness contests planned throughout the month of October. And you can also spin the wheel for OIS-branded prizes and enjoy coffee and refreshments.
Check out all the activities now, and what you can do to stay safe in the cyberworld!
]]>