Pretexting is when the bad guys create a false scenario using a made-up identity or pose as someone you know. They can even pose as employees of bank or credit card companies to manipulate you into divulging personal or sensitive information.
How it Works: Common Tactics of Influence The bad guys will try to persuade you into giving them sensitive information. Oftentimes, the information that they need is not specific to your organization. Below are examples of two common tactics used to influence victims in pretexting scenarios:
Pretexting with Authority You receive a call at work from someone demanding immediate assistance. They are speaking in an aggressive and authoritative tone. This person establishes their authority by using an executive-level or official-sounding job title. They may even insult you for not being familiar with “who they are”. These scare tactics often persuade victims into giving away sensitive information or complying with the cybercriminal’s request. It’s human nature to act in a responsive manner around someone of authority, but don’t fall victim to false claims of authority!
Pretexting with Obligation You receive a call from someone posing as a member of your IT department. The bad guy tells you they’ve found malicious activity on your work computer and begin questioning your recent browsing history. The fake IT employee implies that you’ve accessed a malicious website and have put the company in danger as a result. They demand you update your password with a more “secure” password which they provide. Would you feel obligated to comply with their instructions? Many unsuspecting people would, but don’t fall victim to a false sense of obligation!
How Can I Avoid Falling Victim to Pretexting Scenarios? Use the tips below to help protect your organization against pretexting scenarios: Never give out sensitive information over the phone, online, or in email, unless you are absolutely sure you know who you’re dealing with, or you initiated contact with the individual. If the caller claims to be an employee but their request seems suspicious, verify their identity through a trusted party and let them know you’ll call them back. If the caller questions the need for your verification efforts, explain that you’re following the process required for sharing the type of information they are requesting. Maintain a respectful but forceful attitude.
Make sure you’re familiar with your organization’s protocols for handling requests for information or ask your supervisor if you need assistance.
The KnowBe4 Security Team KnowBe4.com
Security Hints + Tips
May 6, 2024
Don’t Be Fooled by Workspace Tools
Many organizations use platforms such as Microsoft Teams, Google Drive, or Zoom to stay connected. Unfortunately, these trusted communication tools can lead to a false sense of security. Just like with traditional email, bad guys can use these platforms to launch a cyber attack.
Below are three examples of how cybercriminals use these platforms for phishing—and what you can do to keep your organization safe
Lurking
Recently, a cybercriminal gained access to an organization’s Microsoft Teams channel, which is similar to a group message or a chat room. The scammer lurked in the channel for nearly a year, reading messages, collecting data, and waiting for the perfect time to strike. Finally, someone asked that a file be shared to the channel and the bad guy used this opportunity to send a malicious ZIP file. When opened, the file installed malware that gave the scammer full access to the victim’s computer.
Remember: If someone sends you a link or an attachment, verify that you know and trust the sender before you click.
Playing Tag
On Google Drive, anyone can be tagged in a file, so long as their Gmail address is valid. This means that if a bad guy tags you in a Google document, you will receive a legitimate notification from Google that includes a link to the bad guy’s file. If you view the bad guy’s file, you’ll likely find that it tells you to click another link. This second link is actually a malicious attempt to steal your sensitive information.
Remember: If you receive a suspicious notification, contact your IT department or follow the specific security procedure for your organization.
Phony Notifications
Attending meetings on Zoom is as simple as clicking a button within an email. Unfortunately, getting phished is just as easy. Cybercriminals send out fake Zoom notifications that claim you missed an important meeting. They use a sense of urgency to get you to click on a link to view the meeting schedule. But don’t be fooled! The link actually sends you to a phony login page designed to steal your username and password.
Remember: If an email asks you to log in to an account or online service, log in to your account through your browser—not by clicking the link in the email.
For over 45 years, WVNET has strived to connect the people of West Virginia. For decades we’ve worked hard to stay at the forefront of bringing fast, reliable internet across the state. We take pride in managing the networks that link West Virginia’s schools, universities, agencies and non-profits.
In this winter newsletter, we’re excited to update you on new strides we’re making to expand connectivity in the Mountain State. We’ve outlined major infrastructure upgrades that will increase available bandwidth and accelerate speeds – critical advances to meet our state’s growing digital needs. As our Executive Director Steven White explained, “Our continuous network evolution showcases our enduring commitment to the students, educators, agencies and residents who rely on us.”
However, greater connectivity also brings greater vulnerability. We’re working hand-in-hand with state and national cybersecurity leaders to anticipate emerging threats and harden defenses. As threats like phishing and ransomware attacks grow in scale and sophistication globally, we urge our customers to join us in remaining vigilant. Please consider implementing protocols like DKIM and DMARC to secure email domains, conduct phishing awareness training, and require multifactor authentication. Together we can keep West Virginia safe.
We’re also excited to share the work our development team is doing to make our online systems more accessible across generations. As more services and learning shift digital, we aim to ensure all Mountaineers can stay connected.
The past four decades have seen immense technological change. But our mission remains the same – serving the people of West Virginia through technology. We at WVNET take pride in the pivotal role we play in empowering education, powering government, and connecting communities across the Mountain State.
UPdate From the Executive Director!
A major focus area constantly under review is continuing to be cybersecurity diligent. WVNET continues to work with multiple agencies to ensure that information is shared. This is being achieved by working with Chief Information Officers (CIO’s) across the state and Cybersecurity and Infrastructure Security Agency (CISA) representatives to collaborate and provide cybersecurity reports, especially for those threats that have been actively seen across the state. This sharing among peers helps to ensure we all learn from each other and grow stronger.
This year is also looking promising for continued upgrades. In January, thanks to congressional funding, we were able to install a new uninterruptable power supply for the WVNET datacenter which ensures that systems remain operational in the event of power loss. We are also in the process of finalizing upgrades to our network connectivity that will provide an exponential increase over the current configuration. As we start the new year, it is important that we continue to embrace new goals and strive to ensure that WVNET is providing the best possible services for our customers.
And on a final note, communication is a vital key to daily operations. This includes conversations occurring at every level within our organizations. We all rely heavily on email for communication. This year, several entities (Google, Yahoo) are working to ensure emails are not being hijacked by implementing DomainKeys Identified Mail (DKIM) and Domain-based Message Authentication (DMARC) as requirements for email domains. WVNET has been deploying these requirements for multiple domains and we recommend our customers consider implementing them as well for applicable systems.
JOIN OUR TEAM!
WVNET is seeking to hire a new TELECOMMUNICATIONS NETWORK SPECIALIST 3(on-site work required, hybrid eligible) to analyze, design, configure, install, deploy and troubleshoot LAN, WAN, Campus networks (mainly Cisco routers, switches, firewalls), associated wireless infrastructure (Extreme, Meraki), VOIP solutions (CUCM, SIP trunks, UCaaS), System Monitoring (SolarWinds NPM) and remote access (VPN ASA, AAA, TACACS, RADIUS), cloud (OCI, Azure, AWS) and associated ongoing maintenance and updating of related hardware and software. Salary range is $70,000 – $80,000 and commensurate with experience. For full job details, qualifications, etc. and to apply, visit: https://wvnet.edu/news/careers/telecommunications-network-specialist-3/
The Client Services department at WVNET is here to help you with Banner, DegreeWorks, Brightspace, Web and Development services. Our dedicated staff is here to answer questions, as well as to solve problems. We strive to provide a high level of service. To ensure we are doing our best, we have a survey available to enable you to share your experience with us and let us know what we are doing well and what we could be doing better.
Your satisfaction is very important to us. WVNET has implemented a customer satisfaction survey link in our OZ ticketing system. When a help ticket is closed, the reporter will receive an email update with a link to allow customers to fill out the survey, and, if desired, request a call from a manager. To access the form in the OZ email, click on the link.
If you’re not using OZ and you wish to take the survey, please feel free to complete the survey at https://wvnet.edu/satisfaction-survey/. We look forward to hearing from you. Have questions? Contact Harmony Garletts at hgarletts@staff.wvnet.edu.
As the new year gets under way, the Distance Learning team is launching a new tool in Brightspace called Creator +. This tool is a seamless add-in to the Brightspace Learning Management System (LMS). As many of our Brightspace schools prepare for this implementation, we are excited for the opportunity to work with our customers to transform course content into dynamic content that will boost student engagement. Between now and June 30th, we will be holding working sessions for faculty to learn to use the new tools included in Creator +. For additional information, please contact Harmony Garletts at hgarletts@staff.wvnet.edu.
DEVELOPMENT UPDATE
Serving Older Users: Why Web Accessibility Matters for Education and Government
When providing online services and web-based learning, education and government institutions must ensure they don’t exclude older adults. Age-related declines in vision, hearing, dexterity, and cognition can pose barriers to accessing digital content, and the 65+ demographic continues to grow rapidly as people live longer.
Following web accessibility standards proactively makes websites, applications, and authoring tools usable for more people.
It is vital for public services like healthcare, taxes, and social welfare, to consider these segments of the population in digital systems design. All taxpayers should be able to utilize government resources online regardless of ability or age.
Similarly, education strives for inclusion. Distance learning continues to expand and offer greater opportunities throughout the state; however, ensuring learning management systems and online content follow accessibility principles enables older students to participate fully. Designing accessible websites and authoring tools allows older guest lecturers, teachers, and professors to contribute their expertise and remain professionally active.
Age diversity strengthens industries and communities. Following web accessibility guidelines helps education and government sectors live up to commitments to serve all citizens, making communities richer. Prioritizing accessibility for older users isn’t just considerate – it’s sound policy and practice.
Here are some helpful tips tailored for assisting age-related disabilities:
Support Aging Vision
Allow font size customization up to 200% without loss of content or function
Use high contrast colors and avoid purely visual cues
Provide adequate color contrast (WCAG conformant)
Design simple, clean page layouts that reduce visual clutter
Accommodate Declining Dexterity
Make clickable elements large and spaced apart
Ensure forms and other functionality work with keyboard access
Provide adequate time limits and ways to request more time
Compensate for Reduced Hearing
Allow audio and multimedia content volume control up to 200%
Provide transcripts for prerecorded audio content
Don’t rely solely on audio cues; use captioning and other redundancies
Address Cognitive Changes
Avoid long paragraphs and blocks of text
Break up complex processes into clear, logical steps
Use plain language and provide guidance within text
Minimize distractions and avoid crowding pages
Remind users of previous steps to aid memory
The Web Accessibility Initiative’s (WAI) guidelines address functional limitations associated with both disabilities and aging. Implementing criteria from Web Content Accessibility Guidelines (WCAG), User Agent Accessibility Guidelines (UAAG), and Authoring Tool Accessibility Guidelines (ATAG) improves access for older cohorts.
WCAG compliance tackles many barriers introduced by age-related disability. But consciously addressing common vision, motor, hearing and memory issues older adults face takes websites a step further in accessibility, ensuring education and government sites don’t leave them behind.
Since 1975, WVNET has played a pivotal role in providing centralized computing services to all public higher education campuses throughout West Virginia. Later expanding to support K12, state and local government bodies as well as non-profits; the evolution of WVNET Telecommunications continues to mirror the broader advancements in networking technologies.
In the 1970s, the landscape of networking underwent a significant transformation with the proliferation of Local Area Network (LAN) and Wide Area Network (WAN) technologies utilizing packet-switched methodologies. https://en.wikipedia.org/wiki/Packet_switching
LANs were initially designed to interconnect computers and peripherals within confined areas like schools, offices, or campuses. The subsequent connection of LANs through WAN technologies paved the way for the integration of these networks into the burgeoning Internet.
During this period, various LAN technologies vied for standardization, but Ethernet, developed around the same time as the Internet in 1973-74 at Xerox PARC, emerged as the dominant and ubiquitous LAN standard. https://en.wikipedia.org/wiki/Ethernet
For nearly 50 years, as technology advanced, WVNET Telecommunications adapted to the changing landscape and escalating data transmission speeds. In the early days, bandwidth and throughput was measured in bits per second (bps), and typical home and small office modems operated at speeds ranging from 300 to 56,000 bps. To serve WV’s rural communities, WVNET established a distributed statewide dialup modem pool, accessible to anyone with a telephone land line. At its height this modem service had over 18,000 customers. K12, College and University staff and students were, for the first time in history, able to access the Internet and school/work-related resources. This was truly the beginning of The Information Age for most West Virginians.
Technologies such as T1 through T5 (1.544 to 400Mbit/s) were created to push more and faster data across telephone lines, with DSL (Digital Subscriber Line) allowing up to 140 Megabit per second to home users. Channeling and multiplexing were introduced as methods to send multiple signals or streams of information over a single, shared medium. Eventually, phone lines were abandoned for dedicated point-to-point circuits using coaxial cables and fiber optics.
Today, the average WVNET customer typically connects via a 1 Gigabit per second (Gbps) connection (1,000,000,000 bps), with some utilizing multiple 10 Gbps (10,000,000,000 bps) connections.
To meet the ever-growing demand for bandwidth and improved throughput, WVNET is on the verge of completing its Transit Ring upgrade. This upgrade signifies a shift from multiple bundles of 10 Gbps circuits to multiple 100 Gbps circuits. This enhancement will ensure more bandwidth availability and faster throughput for data transmission. Having these larger data ‘pipes’ available will also mean increasing bandwidth to and from our dual upstream ISPs will take just hours instead of weeks.
The continuous evolution of WVNET’s infrastructure showcases its commitment to meeting the ever-expanding connectivity needs of its customers in West Virginia.
Systems Update
Cybersecurity Awareness
Phishing continues to be the top choice for cyber attackers.
Phishing involves deceiving people online to gain access to information. It tricks them into giving sensitive details using fake messages, often pretending to be important people or falsifying urgent situations. There are many different types of phishing but here are some top threats to look out for:
Spear Phishing: Spear phishing targets a specific group or type of individual such as a company’s Human Resources department.
Whaling: Whaling is like spear phishing but is an even more targeted type of phishing that goes after the “whales” of an organization such as the CEO, CFO, or any other CXX employee.
Smishing: Smishing is an attack that uses text messaging to execute the attack.
Search Engine Optimization Poisoning: With this method, hackers work to become the top result on a search engine. Clicking the link within the search engine then directs you to the hacker’s website where they can then steal your information as you interact with the site and/or enter sensitive information.
Some ways you can protect yourself:
Don’t rush to click on links or files. Review all links and files carefully.
Double-check messages with another means of verification such as contacting the supposed sender via another means of communication.
Don’t post too much information online.
Be very careful with emails you believe are suspicious.
Visit websites directly instead of clicking links received by email.
Use multi-factor authentication wherever possible.
Use a password manager for generating and storing unique passwords.
At WVNET we utilize a few additional methods for helping to keep ourselves protected from phishing attacks such as a robust email filtering system as well as doing regular simulated phishing attacks and training for all staff.
Thanksgiving, November 23-24, 2023 Christmas, December 25, 2023 New Years, January 1, 2024
WVSTC – Taking a Breather in 2024
In 2024, we’re hitting the pause button on the West Virginia Statewide Technology Conference. But hold on, it’s not a farewell; it’s more like a “see you later.” We’re taking time to recharge, regroup, and we hope to come back in the future with a conference that’s even better suited for our customers.
Your input and ideas are valuable, so don’t hesitate to share them with us.
Keep in Touch
We may be on hiatus, but we’re not disappearing. Stay connected with us through our email list and social media for updates and developments. We’ll keep you in the loop as we prepare for the future.
UPdate From the Executive Director!
As we bid farewell to Cybersecurity Awareness Month, it is imperative to recognize that our commitment to cybersecurity should not conclude with the passing of October. Cyber threats are persistent and ever-evolving, and now, as the holiday season approaches, our digital defenses must remain as vigilant as ever.
The holiday season is traditionally a time of joy and celebration, a time when we gather with family and friends to create lasting memories. However, it’s also a time when cybercriminals become more active, preying on the increased online activity and distracted individuals.
Here are some key points to consider as we navigate the holiday cybersecurity landscape: 1. Be Cautious of Phishing Scams: During the holiday season, phishing scams tend to surge. Cybercriminals often disguise their malicious emails as enticing holiday offers, e-cards, or fake shipping notifications. It’s vital to stay vigilant and double-check the legitimacy of every email you receive.
2. Secure Your Online Shopping: Online shopping becomes the norm during the holidays. Ensure you shop on reputable websites with secure payment methods. Look for the padlock icon in your browser’s address bar and use strong, unique passwords for each site.
3. Safeguard Your Personal Information: Be mindful of the personal information you share online. With increased online interactions during the holidays, ensure that you are not oversharing sensitive data on social media or other platforms.
4. Update and Secure Your Devices: Cybersecurity is only as strong as its weakest link. Make sure all your devices, including computers, smartphones, and IoT devices, have the latest security updates and patches installed.
5. Use Strong, Unique Passwords: Passwords are your first line of defense. Utilize strong, unique passwords for every online account, and consider using a password manager to keep track of them securely.
6. Educate Your Family and Friends: Share your knowledge about cybersecurity with your loved ones. Ensure they are aware of the risks and practice safe online habits.
7. Monitor Your Financial Transactions: Regularly review your financial statements and report any suspicious activity immediately to your bank or credit card company.
As the Executive Director of WVNET, I am proud of the work we do to enhance the cybersecurity posture of educational institutions and organizations throughout West Virginia. Our commitment to cybersecurity doesn’t wane with the end of Cybersecurity Awareness Month; rather, it grows stronger, more vigilant, and more proactive.
In this digital age, maintaining our cybersecurity is not a choice; it is a responsibility. We must remain vigilant year-round, not just for the security of our institutions but for the protection of our individual privacy and safety. Cybersecurity is not a destination; it’s a journey, one that requires continuous learning and adaptation.
By staying alert, informed, and cautious, we can celebrate the holidays with peace of mind, knowing that we are safeguarding our digital frontier.
Welcome New Employees!
Welcome Andrew Davis!
Andrew Davis is a recent graduate of West Virginia Junior College, with an Associate’s degree in Information Technology. He joined WVNET in September as a Network Operator at WVNET and has demonstrated a sincere dedication in learning his new role. His passion for technology serves as both a career drive and a personal interest, with a mission to forge a successful IT career while providing for his family. Outside of work, Andrew finds joy in gaming, avidly following TV and movies, immersing himself in music, and passionately following ‘One Piece.’
Your satisfaction is very important to us. WVNET has implemented a customer satisfaction survey link in our OZ ticketing system. When a help ticket is closed, the reporter will receive an email update with a link to allow customers to fill out the survey, and, if desired, request a call from a manager. To access the form in the OZ email, click on the link.
If you’re not using OZ and you wish to take the survey, please feel free to complete the survey at https://wvnet.edu/satisfaction-survey/. We look forward to hearing from you. Have questions? Contact Harmony Garletts at hgarletts@staff.wvnet.edu.
Artificial intelligence (AI) refers to computer systems that can perform tasks that typically require human intelligence, such as visual perception, speech recognition, and decision-making. AI systems are powered by algorithms that learn from data to improve at specific tasks over time without explicit programming.
AI is transforming industries from healthcare to transportation. However, the term is sometimes misused or exaggerated in popular culture, leading to misunderstandings about what today’s AI can and cannot do. So what are some key things to keep in mind when thinking about AI?
What AIis:
Algorithms that learn. AI systems use statistical techniques to “learn” from large amounts of data, allowing them to improve at tasks without traditional programming.
Pattern recognition. AI can perceive and understand inputs like images, audio, and text to complete tasks like image classification, speech-to-text, and language translation.
Predictive capabilities. AI can analyze current data to make predictions about potential future outcomes. This is used for things like predicting equipment failures or forecasting disease spread.
What AI isnot:
Sentient or conscious. Despite depictions in science fiction, real-world AI systems do not currently have human-like consciousness, emotions, or intent.
Infallible. AI systems can and do make mistakes if their training data or algorithms have biases or gaps. AI consistently requires monitoring and auditing for errors.
Magic. While impressive, AI capabilities have limitations and do not manifest intelligences from nowhere. AI is the product of human ingenuity, labor, and oversight.
Understanding what AI truly is – and is not – will be important as these technologies continue advancing and impacting our lives. By dispelling the myths around AI, we can have productive discussions about developing and regulating AI thoughtfully.
Welcome to the Future: There’s an AI for That!
In this age of rapid technological advancement, Artificial Intelligence (AI) has permeated every aspect of our lives, transforming the way we work, learn, and interact. We would like to introduce you to an innovative platform that stands at the forefront of this revolution: “There’s an AI for That“!
“There’s an AI for That” is a one-stop solution, bringing together a diverse range of AI applications designed to cater to various needs and interests. No matter what you are looking for, this platform has something for everyone. This tool has some intriguing opportunities for use in the education field, including resources for both students and faculty to enhance their learning journeys. Some examples of interesting resources found here are Excel formulas, explanations, and macro builders.
Ready to embark on your AI journey? Visit “There’s an AI for That” today to explore the limitless possibilities of AI and discover how it can transform your world.
CLIENT SERVICES-BANNER
FAFSA Simplification
The FAFSA Simplification Act of 2020 made many changes to the way students apply, how the data is processed, and how schools handle the data received, beginning with the 2024-2025 FAFSA. The FUTURE Act (Fostering Undergraduate Talent by Unlocking Resources for Education) also enhanced the exchange of data between the IRS and the FAFSA Processing System (FPS) in order to streamline the application process for students. The following is a basic summary of information found in the 2024-25 Draft Student Aid Index (SAI) and Pell Grant Eligibility Guide available at fsapartners.ed.gov.
The application has changed in that students, spouses, and both parents (all now known as “contributors”) will have separate FSA ID’s with which to log in and complete their portion of the FAFSA – necessary due to FUTURE Act requirements to authorize use of IRS data. The FUTURE Act also takes away the ability of a school to initiate the application FAFSA Partner Portal (was FAAAccess) due to needing authorization to match IRS data. Some questions have been removed, such as those pertaining to selective service and drug conviction. Demographic questions have been added and algorithms have been altered to better guide the family through the application.
The FAFSA collects data from the applicant and uses it to calculate their eligibility for federal financial aid programs. The FAFSA eligibility determination that was called an Expected Family Contribution (EFC) will be the Student Aid Index (SAI) beginning in 2024-2025. The Student Aid Report (SAR) the student receives is now the FAFSA Submission Summary. So far, the ISIR (Institutional Student Information Record) that the school receives from the processor is still an ISIR.
Determination of Pell Grant eligibility no longer directly applies the FAFSA result (EFC/SAI) to a Pell Grant Award and Disbursement Schedule. The new formula uses family size and income, which is compared to percent of poverty level income in the dependent student’s parent’s state of legal residence or the independent student’s state of legal residence. If the student is not eligible for Pell using this test, but they have an SAI that is between the minimum and maximum Pell amounts, they may still be eligible for an amount of Pell based on the difference between their SAI amount and the maximum Pell award amount. For example, let’s assume the maximum Pell award for the aid year is $7000 and the student’s family income is greater than the maximum allowed for a Pell Grant based on a comparison to poverty level in their state. The student’s SAI of $500 would be subtracted from the maximum Pell award of $7000 and a Pell Grant would be awarded for $6500. A student attending less than full time will get a reduced amount based on enrollment as a percent of full time (92% of the full time award would be awarded for a student carrying 11 credit hours, for example).
All of these changes have delayed the availability of the 2024-2025 FAFSA to December 1, 2023 from the usual October 1. Another complication for schools is that Ellucian will not be able to provide the 2024-2025 ISIR dataload software until mid-December. Testing will need to wait until the software is available. In the meantime, schools will be required to submit Federal Work Study (FWS) earnings data via Common Origination and Disbursement (COD) system so that it’s available when the student completes the FAFSA – students no longer need to enter the FWS amount onto the FAFSA. Ellucian delivered a process that will populate a new table with FWS earnings data and two new processes to extract the data for submission to COD and to import the acknowledgement back into Banner.
This isn’t the first major overhaul of the financial aid delivery process and it will probably not be the last. Some years require extra training and others leave scars. Let’s hope this one just involves some tweaks, a little extra training, and a few procedural changes.
SYSTEMS UPDATE
Introduction:
Nearly all essential business operations in the modern age hinges on the dependability and security of systems that operate behind the scenes, often imperceptible to the daily users. These systems are akin to a “blackbox” for most individuals. At WVNET, we boast a team of proficient system administrators, adept at leveraging modern techniques to bolster security, automate processes, implement updates, and meticulously monitor a multitude of critical systems that are crucial for the seamless functioning of organizations in West Virginia.
Automation:
WVNET’s system administrators employ a suite of automation tools that are widely recognized as industry benchmarks for proficient administrative teams. Manual execution of tasks such as server deployment and configuration not only introduce the possibility of minor discrepancies resulting from human error but is also more time-consuming and lacks a comprehensive overview of the system configurations from an abstract standpoint. The adoption of Infrastructure as Code tools enables our team to effect swift changes across all automated systems and serves as a documented record of these configurations. Terraform is the preferred tool for automating the deployment of virtual machines on our cloud-based hosting service, which plays host to web servers and other critical mediators for processing and transmitting data across the state. Puppet, on the other hand, is our favored choice for configuring and managing systems. The combined use of these tools centralizes deployment and configuration management in key locations, facilitating effortless system updates and security patching.
Monitoring System Health / Recovery Methods:
At WVNET, we deploy an array of tools to fortify data security and maintain a vigilant watch over the health and status of our systems. Central to our toolkit is Nagios, a versatile and widely adopted monitoring system that shoulders the responsibility of overseeing the majority of our servers. Nagios not only provides invaluable insights when errors occur but also promptly alerts us to instances of dwindling system resources, generates comprehensive uptime reports, and issues a diverse spectrum of alerts. Its real-time capabilities grant us immediate visibility into the status of servers, applications, and network devices, empowering our team to proactively address issues by delivering timely alerts and notifications. Nagios is our steadfast solution, whether we’re detecting server outages or closely monitoring resource utilization. Together with our Network Operations Center (NOC) staff, it serves as the cornerstone in upholding the dependability and stability of our server infrastructure at WVNET.
In conjunction with our robust monitoring efforts, we prioritize data security through the implementation of multiple backup techniques. These encompass file-level backups, which safeguard individual files, and daily disk snapshots with replication off-site. This multi-tiered approach ensures that critical data is protected, and system recovery remains reliable, fortifying our commitment to data integrity and system stability.
Internal Security and Threat Detection:
In addition to managing and automating our systems, WVNET places a strong emphasis on internal security to safeguard against potential threats. We employ a multi-faceted approach that includes the utilization of security assessment tools such as Nessus and OpenVAS. These tools are instrumental in scanning our network and systems for vulnerabilities, ensuring that we identify and address potential weaknesses before they can be exploited by malicious actors.
Nessus is renowned for its comprehensive vulnerability assessment capabilities. It scans our network infrastructure, servers, and applications to pinpoint potential security issues, assess their severity, and provide actionable recommendations for remediation. By regularly conducting Nessus scans, we bolster our proactive stance against vulnerabilities and ensure that our systems remain resilient against emerging threats.
OpenVAS, an open-source vulnerability assessment tool, complements our security strategy. It conducts in-depth scans to identify weaknesses in our systems and applications, providing us with detailed reports and risk scores. These insights allow us to prioritize remediation efforts and continually enhance our security posture.
To further strengthen our security and effectively manage the vast amount of security data generated by our systems, we’ve implemented the Wazuh Security Information and Event Management (SIEM) system. Wazuh is instrumental in real-time threat detection, incident response, and security monitoring. It aggregates and analyzes security events, identifies potential threats, and notifies our team of any suspicious activity. By centralizing and automating the analysis of security data, Wazuh helps us respond promptly to security incidents, minimizing potential damage and ensuring the integrity of our systems and data.
Incorporating Nessus, OpenVAS, and Wazuh SIEM into our security framework underscores our commitment to maintaining a robust and proactive internal security infrastructure. By continuously assessing and monitoring our systems for vulnerabilities and threats, we strive to provide our clients with the highest level of protection for their critical data and business operations.
Conclusion:
Preserving the security and accessibility of information with a high level of confidence is paramount to the operational success of our clients’ businesses. Deprived of reliable access to our systems for their data, the cost could extend beyond mere financial implications, impacting their public image as well. Moreover, the assurance of data recovery through our backup systems in times of catastrophe instills confidence that not all is lost during dire situations.
TELECOM UPDATE
Welcome to the WVNET Telecom team Kyle Atkins!
Kyle joined the team after previously working in WVNET’S Network Operations Center (NOC). Kyle is originally from Madison, WV and now lives in Arthurdale, WV. He graduated from West Virginia Junior College with an Associate Degree in Network Administration and Security. Before West Virginia Network, Kyle worked for AT&T. He is married to Samantha, and they have three adopted daughters – Rhi, Nevaeh, and Alexis, one son – Buster, and seven pets – three dogs (Jade, Dexter, and Kane), two cats (Jackson and Oscar), and two pot belly pigs (Dale and Julia).
Useful Cybersecurity Resources
Cybersecurity & Infrastructure Security Agency (CISA) works with partners to defend against today’s threats and collaborate to build a more secure and resilient infrastructure for the future. CISA offers cybersecurity essentials for small and local government agencies.
Launched in 1989 as a cooperative for information security thought leadership, and now the world’s largest cybersecurity research and training organization, SANS (SysAdmin, Audit, Network, Security) specializes in helping reduce organizational risk. Check out these helpful resources from SANS on password managers and online security for kids:
This summer hackers are believed to have targeted a wide range of organizations, including federal and state agencies as well as corporate entities by using flaws in popular file-transfer tool MOVEit. These helpful links provide ways organizations can work to protect their identities after the breaches:
The West Virginia Statewide Technology Conference Committee would like to express our gratitude and appreciation to our sponsors, exhibitors, and attendees for making the event a resounding success.
With your help, we brought together technology enthusiasts, professionals, and educators from all corners of West Virginia to foster knowledge, collaboration, and the exploration of cutting-edge technological innovations.
Without your invaluable support and active participation, this event would not have been possible.
To our sponsors, we extend our sincerest thanks for your generous contributions. Your support helped us cover essential costs, enhance the conference experience, and provide attendees with valuable resources and networking opportunities. Your commitment to advancing technology in our state is commendable and has a lasting impact on our community.
To the exhibitors, thank you for showcasing your products, services, and solutions during the conference. Your presence added immense value to the event, and attendees benefited from hands-on experiences and insights into the latest developments in the tech industry. Your engagement and willingness to share knowledge have left a positive impression on all who attended.
To our attendees, we extend our thanks. Your active participation, thought-provoking discussions, and eagerness to learn contributed significantly to the conference’s overall success. We hope that the knowledge gained and connections made during the event will inspire continued growth and development in the field of technology.
From the Executive Director!
Steven White, WVNET Executive Director
I am delighted to announce my official appointment as the new Executive Director for WVNET, following an extensive search conducted by the Higher Education Policy Commission and the dedicated members of the search committee. I am deeply honored to have been selected for this role, and I am committed to continuing my support on various initiatives across West Virginia.
I am also pleased to share that Jason Chastain has accepted the position of Manager of Telecommunications at WVNET. Given Jason’s extensive history with WVNET, his leadership and expertise will undoubtedly play a pivotal role in guiding the telecommunications department to success.
These leadership changes followed a successful West Virginia Statewide Technology Conference (WVSTC), which was held on July 19-20th, and covered a wide range of pertinent topics. While the Artificial intelligence (AI)-related sessions garnered significant anticipation and attendance, numerous other sessions also provided valuable insights for supporting our institutions. I want to extend my gratitude to all the presenters and attendees who contributed to the conference’s success as well as the Conference Planning Committee who poured a lot of hard work and dedication into making this year’s WVSTC a wonderful educational and networking event for West Virginia.
Lastly, I want to emphasize the importance of maintaining a high level of security awareness. With the increasing frequency of cybersecurity attacks, it is crucial for us all to take proactive measures. Implementing multiple layers of security can greatly reduce the risk of such attacks, but it all starts with individual users. By adhering to best practices such as using unique passwords, being cautious of unsolicited emails, and embracing multi-factor authentication, we can collectively make a substantial difference in enhancing our security posture.
I look forward to working with all our customers more in the future and I hope everyone has a great remainder of the summer and a successful fall term.
Welcome New Employees!
Eduardo Del Toro joined the DBA Group as the new Oracle DBA Senior on July 5, 2023.
Eduardo is a Senior Oracle Database Administrator (DBA) with more than 15 years of experience working with many Fortune 500 companies in sectors like health care, manufacturing, education, county/state/federal government, agrochemical biotechnology, shipping/logistics, banking, telecommunications, utilities, Federal Reserve Bank, and the Department of Defense, to name a few. After graduating from the University of Puerto Rico Mayagüez campus with a Bachelor’s degree in business administration, Eduardo started as a COBOL programmer, and then became Oracle DBA supporting the AT&T Universal Card product. He finds pleasure and excels in work environments that are open and collaborative. He also demonstrates strong communication skills, including the ability to create documentation and job aids. This is particularly valuable, as many business challenges arise from inadequate communication and a lack of information and procedural sharing.
Promotions
Steven White – Executive Director
Jason Chastain – Manager of Telecommunications
Kyle Atkins – Telecommunications Network Specialist I
Your satisfaction is very important to us. WVNET has implemented a customer satisfaction survey link in our OZ ticketing system. When a help ticket is closed, the reporter will receive an email update with a link to allow customers to fill out the survey, and, if desired, request a call from a manager. To access the form in the OZ email, click on the link.
If you’re not using OZ and you wish to take the survey, please feel free to complete the survey at https://wvnet.edu/satisfaction-survey/. We look forward to hearing from you. Have questions? Contact Harmony Garletts at hgarletts@staff.wvnet.edu.
WVNET offers an excellent State of WV Employee benefits package of health insurance, dental, vision, hearing, Health Savings Accounts / Flexible Spending Accounts, retirement investing, life insurance plans, short-term/long-term disability insurance, as well as generous amounts of vacation, sick, state & federal holidays, and professional development opportunities. To view full job details, check our website: https://wvnet.edu/about/careers/ and submit your resume to careers@staff.wvnet.edu. EOE/AA/ADA Employer
DATA CENTER MANAGER to maintain the smooth operation of our data center infrastructure and physical facility. Responsibilities will include ensuring the data center’s optimal performance, leading technical staff, maintaining service availability, managing environmental controls, and overseeing facility maintenance and security. Salary range: $75,000 – $85,000.
NETWORK OPERATOR to provide basic (Tier I) assistance and consulting to WVNET customers, including K-12 schools, higher educational institutions, libraries, state and county government, and various not-for-profit organizations. Network Operators are categorized as essential personnel as defined by WVNET policy, and the incumbent is required to work during declared emergencies. This position provides customer support, system monitoring, and problem escalation to advanced (Tier II) support on a 24-hour non-standard work hours basis. The position is required to work a 12.5-hour rotating shift to accommodate 24/7 services.
Department Updates
SYSTEMS UPDATE
Jobsub Update
WVNET has recently implemented important updates to the Jobsub web interface. These updates have two main objectives: enhancing security measures and improving the user experience for both individuals and school administrators. The primary focus is to provide better control over accounts and ensure the safety of personal information.
In response to the escalating frequency of malicious cyber-attacks on various systems, strengthening the security measures of our applications has become imperative. The National Institute of Standards and Technology (NIST) is a widely respected authority that establishes guidelines for password security. According to NIST recommendations, password changes are advised at least once a year, preferably every 180 days. In alignment with these guidelines, Jobsub account passwords will now expire 180 days after their creation. However, users will now have the convenience of easily resetting their passwords using the new ‘Forgot Password’ feature, which grants them increased control over their accounts.
To provide an additional layer of security, Jobsub will now require users to verify their email addresses before gaining full account access. This verification process empowers users to independently utilize account recovery options. In the event of password reset needs, the Help Desk will remain available for assistance.
Furthermore, the updated web interface enables accounts to directly view a broader range of file types without the need for downloading. Previously, users were required to download specific file types to verify their contents. However, now you can instantly access the contents of SQL files and numerous other types without the need to download them.
Considering the new requirement for users to verify their email addresses, we are introducing mass email notifications for specific announcements sent to all registered email addresses. This initiative aims to minimize confusion following significant updates to Jobsub. These email notifications will inform users about upcoming major updates that might impact their login process in the future. Since these announcements are accessible only after logging into the interface, receiving email notifications about such updates is expected to provide valuable assistance.
TELECOMMUNICATIONS UPDATE
During the summer, the Telecommunications Group at WVNET has undertaken a few projects to ensure the reliability of the network used by its customers. One example of this is the deployment of a Cisco 8200 series router for the Wood County Courthouse. This device replaced the aging Cisco 3945 router, which had served as the core network router for the Courthouse since September 2012.
It’s worth noting that the initial deployment of Cisco 3945 routers to all 55 County Courthouses was made possible through a BTOP (Broadband Technology Opportunities Program) Grant back in 2012.
As these routers are gradually phased out and replaced by the individual Courthouses, WVNET verifies that all information is cleared before sending them to surplus.
Responding to the growing demand for increased bandwidth in the southern half of West Virginia, WVNET took additional measures to enhance both Internet and Internet2 capacities at OARnet in Columbus, Ohio. An upgrade saw these capacities escalate from 30 to 40 Gbps. Notably, OARnet stands as one of the two upstream ISPs with which WVNET collaborates, ensuring resilient and redundant Internet/I2 connectivity.
The team has also started initiating a reconfiguration of parts of our network in preparation for the migration of the high-speed transit ring to Cisco NCS 5500 series routers. This advancement in technology will allow WVNET to incorporate 100Gbps WAVES, supplanting the current 10Gbps connections. Noteworthy is the fact that the existing transit ring was initially installed in 2012, underlining the transformative strides being made.
Highlighting their commitment to knowledge dissemination, the WVNET Telecommunications Group took center stage at this year’s West Virginia Statewide Technology Conference. Their insightful presentation provided a comprehensive overview of the current state of our network architecture, along with insightful previews of impending upgrades. These include the high-speed transit ring migration, advancements in the VPN server, fortifications in firewall capabilities, and the pivotal upgrade of backbone routers.
DEVELOPMENT TEAM UPDATE
This issue, we’re diving into the world of web typography. We all know how essential it is to make our content readable and visually appealing for our online audiences. To help you enhance the legibility of your content, we’ve gathered some insightful tips from Oliver Schöndorfer’s article on font size, line height, and line length. Let’s explore the key takeaways!
Font Size, Line Height, and Line Length: The Perfect Trio
When it comes to web typography, three crucial factors are closely intertwined: font size, line height, and line length. Remember these core principles:
Font size and line height go hand in hand. They impact the overall readability of your content.
Adjust line height according to line length. Longer lines require more line height, while shorter lines can do with less.
Utilize a type scale to establish a typographic hierarchy, ensuring a visually pleasing layout.
Optimal results are achieved by creating fluid line heights that adapt to column widths.
For a consistent experience between desktop and mobile, a line-height value of 1.5 is recommended.
Crafting Effective Display Text
Display text, particularly headings, plays a pivotal role in catching your readers’ attention. Here’s how to make them stand out:
For <h1> tags, the default choice is 40px/2.5em.
On desktop, consider increasing font size to a maximum of 64px/4em.
On mobile, opt for 32px/2em or smaller to avoid excessive space consumption.
Experiment with smaller line heights, like 1.1, for larger headings.
Sometimes, a line height smaller than the type size can enhance readability.
Mastering Body Text
The body text is where your content truly comes to life. Follow these recommendations for optimal results:
Default choice: 16px/1em (browser’s default).
On desktop, increase font size up to 24px/1.5em at most.
On mobile, stick to the defaults or occasionally go 10% smaller (min 14–15px).
Aim for 50–75 characters per line (25–37.5rem) with a line height of 1.5–1.6 on desktop.
Mobile-friendly text usually features 40–50 characters per line (20–25rem) and a line height of 1.3–1.45.
Fine-tuning Functional Text
Even functional text, such as captions and navigation elements, requires careful attention:
Default choice: 12px/0.75em – 14px/0.875em.
Feel free to increase font size up to 16px/1em on desktop.
Be cautious not to make text too small on mobile, as it’s already compact.
Harmonizing Typeface Attributes
Typeface attributes – font size, line length, and line height – interact harmoniously to create readable and engaging content. Start by selecting suitable typefaces and establishing a type scale for different text elements.
Achieving Fluid Typography with CSS Clamp()
Modern web design enables fluid typography using CSS clamp(). This technique interpolates between minimum and maximum values for font size and line height, adapting to container width and line length. While there’s no magic number for perfect typography, the guidelines mentioned above, along with the tools available, will undoubtedly steer you in the right direction.
Remember, when in doubt, err on the side of larger font sizes. After all, readability is key to a successful online presence.
For further insights, we recommend reading Oliver Schöndorfer’s comprehensive article “What’s The Right Font Size For the Web?”. Happy reading and happy typography tweaking!
To discuss web development projects or if you are looking for support for your current website, send an email to wvnet-support@staff.wvnet.edu to schedule a meeting and review your project requirements.
WVNET FINANCE UPDATE
The FY 23 audit has a new GASB requirement: GASB 96 – “Subscription-Based Information Technology Arrangements” (“GASB 96”)
In May 2020, the Governmental Accounting Standards Board (GASB) issued GASB 96 – Subscription-Based Information Technology Arrangements with the objective of enhancing transparency through the recognition of SBITA-related assets and liabilities on the balance sheet. The requirements of GASB 96 were effective for reporting periods beginning after June 15, 2022 (for many governmental organizations with a June 30th fiscal year-end, the adoption date would have been July 1, 2022, for the year ending June 30, 2023). GASB 96 requires a “full retrospective” adoption in which the standard is applied to all the periods presented in accordance with the guidance with the impact of adoption reported as a restatement of the beginning net position (or fund balance or fund net position, as applicable) for the earliest period restated. Accordingly, West Virginia Network for Educational Telecomputing (“WVNET”) is adopting GASB 96 effective July 1, 2022, for the year ending June 30, 2023. As a result of the adoption of the new standard, WVNET is recording the impact as of the July 1, 2021, adoption date.
Please contact the Finance and Business Office staff with any questions you may have:
