Good afternoon, everyone.

Today I want to tell you about a recurring threat that I am sure everyone has seen at one time or another. I would like to remind you about the UT Systemwide transition for purchasing and renewing software. I also want to remind you about completing the UT Compliance Training, if you haven’t already done so. And finally, in this last week of Cybersecurity Awareness Month, I have two easy tips to help keep your computer more secure.

Current Threat

• Undeliverable Message Email
  • I have been asked by several users lately why they are getting an undeliverable message notification when they know they did not send the email in question.
  • The sender varies, but it is not from UT.
  • The subject is usually Undeliverable Message or something similar.
  • Scammers are spoofing legitimate email addresses and will send the fake delivery failure notice to try to get the recipients to either reply or to click malicious links.
  • The real email account has typically not been compromised in these instances, but the real email address may have been used to send mass spam emails.
  • If you get one of these undeliverable message emails, please don’t reply or click, just use the red Report button to report as phishing.
  • In addition, while your account was likely not compromised, I highly recommend changing your password to be safe.
  • You can refer to Reporting Phishing Attempts & Other Email Scams to ensure you are reporting properly.

Important Reminders

• UT Systemwide Transition to New Data & Technology Risk Review
  • Last Friday I sent an email telling you about UT System transitioning to a new systemwide process for technology and data-related risk reviews.
  • This will go into effect for UTIA, IPS, UTK, UTS and UTSA on Friday, 10/31/2025.
  • All requests that involve software purchases or renewals will use the TDX Data and Technology Risk Review Intake Form.
  • The intake form should be completed before submitting a requisition or contract.
  • The intake form replaces the current IT Questionnaire you have been using.
  • Once the form has been reviewed, you will receive an Authorization to Proceed, which must be attached to your requisition or contract. For RFP and RFQ requests, please continue to use the DASH Requisition Intake process.
  • Please note that the intake form is also required for UTIA software purchases and renewals using p-cards, as it helps with our software inventory, but more importantly it ensures that we are installing only approved software that has the necessary security controls in place to protect both our data and our network.
  • This change is expected to improve efficiency, consistency, and turnaround across all UT campuses and institutes.
    
• 2025-2026 UTK Compliance Training
  • Please remember to complete your 2025-2026 UTK Compliance Training.
  • This annual training is required for all UT employees.
  • The assignment includes the IT Security Awareness Training.
  • For UTIA employees, the IT Security Awareness Training course must be completed by 12/31/2025, or the user’s NetID will be temporarily disabled, causing the inability to connect to anything using the NetID for authentication, including email, DASH, Banner, Microsoft 365, K@TE, etc.
  • I highly recommend completing the training by 11/30, since things tend to get pretty busy prior to our holiday/administrative closing in December.
  • I have asked UTSA HR multiple times about the TSU employees who need the assignment and have been assured it would be assigned, although I don’t believe everyone has it yet.

Cybersecurity Awareness Month Tips for Keeping Your Computer Secure

• Reboot Your Computer
  • Please reboot your computer regularly.
  • Rebooting your computer helps improve its performance.
  • When you reboot, you stop unnecessary processes from running in the background, freeing up memory and improving system speed.
  • A reboot is also necessary to resolve glitches and conflicts that are often caused by a stalled or malfunctioning process.
  • And most of all, a reboot will help make your computer more secure.
  • Some updates and security patches require a reboot for them to be fully applied.
  • This helps resolve bugs and vulnerabilities and helps prevent new ones.
  • I do understand that you can’t always reboot the computer when it prompts you after patches and updates due to processes that are running and must be completed, but please remember to reboot as soon as those processes are finished.
  • And make sure you reboot your computer at a minimum of once a week but daily is even better.

• Lock Your Computer Screen
  • Please lock your computer screen anytime you walk away from it.
  • Even if you are just going to the restroom or the other side of the office, you need to lock that screen.
  • For Windows users you can press Ctrl + Alt + Delete, then select “Lock,” or you can press the Windows key + L for an instant lock.
  • For Mac users you can press Control + Command + Q.
  • Locking the screen protects sensitive data from unauthorized access.
  • As incentive for making sure you lock your screen instead of allowing it to “timeout” just remember that if anyone does anything bad on your computer, either accidentally or intentionally, while you are logged into it, you will be the person on record as being the user.

Thank you for all you do to protect the Institute and its data, students, employees, clients, and yourself. Please let me know anytime you have any questions or concerns.

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is, and I can include it. I do this as a blind copy so student names and addresses will not show up!