Information Technology Spring 2024 IT Update for the Community

Greetings all,

I hope the Spring semester is off to a great start for everyone. I'm writing to provide some notable updates from IT:

Phone system replacement

As I shared in the fall, the College is moving to Zoom for its office phone system. At the time of this writing, several hundred College numbers have already transitioned to the service, so far relatively smoothly and with a positive reception. Once your College-issued number has been moved to Zoom, you can receive calls at that number on any device on which you install the Zoom software, including your computer/laptop, mobile device, and tablet. You'll also have much better control over when and on which devices your phone rings, from whom you accept calls, and more, all from within the Zoom software interface most are already familiar with. While we're a little behind schedule on this transition, we're on track to have most College numbers moved to Zoom this academic year. Please watch your email and the Daily Mammoth for information about when your number will be moved.

Cell phone issuance and cell phone stipend

As previously noted, these programs will come to an end once we have migrated all landline numbers to Zoom; we anticipate this change taking place this spring. Many have already moved their College-issued cell phone number onto their personal plan. If you want to get a head start on this, please use this form ( https://askit.amherst.edu/catalog_items/1938456-college-issued-cell-service-transfer-of-liability/service_requests/new.portal ) to get the process started.

LinkedIn Learning

We've received a lot of feedback about the loss of LinkedIn Learning. Any Massachusetts resident can sign up for a Boston Public Library card, which provides access to LinkedIn Learning. Many at the College are already taking advantage of this resource. You can find out how to apply for a card ( https://www.bpl.org/faq/getting-a-library-card/ )  or access the service if you already have one ( https://www.linkedin.com/learning-login/go/bostonpubliclibrary ).

Classroom podium computer retirement

This summer, in an effort to enhance flexibility and improve reliability, IT will decommission podium computers in most classrooms, and the College will transition to a model where most teaching that uses computing will rely on using the devices issued to individuals instead of to spaces. Podium machines will have a splash screen this month which links to information about this transition, which you can find here: https://www.amherst.edu/mm/728804, including a list of spaces where the podium machines will remain in place. IT is offering consultations and training material to assist with this transition and will be issuing laptops to desktop computer users. It may be useful to know that an analysis of podium usage shows that about 80% of classroom AV tech usage is already via individuals’ devices and not via the classroom computers.

Access to artificial intelligence (AI) tools

We have launched a new AI at Amherst ( https://www.amherst.edu/offices/it/academic-technology-services/tlt/amherst-ai) online resource that many will find useful. We receive numerous inquiries about access to ChatGPT and other AI tools. We encourage everyone to read the  AI Task Force’s Fall 2023 guidelines report, ( https://drive.google.com/file/d/1635_vYXeU_yUW89c9EHCuBwW6hEmuHGR/view?usp=sharing ) which makes recommendations about next steps for our community, many of which the College is currently working through. In the meantime, if you are a staff member and are already paying for services or would license them if you could, please contact us so we can better measure the level of funding required to meet these needs. If you're a member of the faculty who would use GPT+ for your teaching or research, please contact us by emailing askit to determine if our current resources can help.

Workday

It seems hard to believe, but our initial five-year contract with Workday ends in May. While this project brought many improvements to our community, we're keenly aware of places where it's falling short, notably in the Student module. These issues are at the core of our contract negotiations with Workday that include a team of folks from the Provost, Registrar, and IT teams conveying our dissatisfaction and expectations. Please know that we hear your concerns and are trying to improve things as quickly as we can. We've also heard the calls for more communication about what projects are being worked on and on what timeline. More consistent communication and access to the project management dashboard are coming this spring.

Cybersecurity update

We remain in a period of heightened risk of cybersecurity incidents, and higher education remains the industry with the worst track record. We are working diligently to mitigate these risks. Sometimes this means changing processes at the College, which we know can be inconvenient. We are presently mitigating 3-5 significant attacks a week, and sometimes that many in a day. 

Our most recent successful attack may help relate the gravity of the circumstances, the importance of being extremely wary of unsolicited email and shared documents, and the reason that sometimes how we do things connected to our accounts and services becomes harder. A phishing attack in January led to the compromise of a number of accounts. Some of the individuals who were victims of the incident now need identity theft protection services, some have had to reset all of their banking and credit passwords, and all had to experience a period of anxiety as we resolved the matter. The incident cost the College tens of thousands of dollars and dozens of hours of staff time to resolve. The timeline of the most recent incident is also instructive: within 15 minutes of the individuals having fallen victim to the attack, the attacker was inside College systems, reviewing and, in some cases, changing job histories and resumes, as well as reporting relationships, bank routing information, paystubs, and more. These are sophisticated attackers who are interested in compromising each of us for their financial gain. 

I wish we could seamlessly protect all of us from these risks, but IT cannot do it alone, and we need your help. Please:

• Be extremely cautious and skeptical of unusual, unexpected emails.
• Don't click on links in emails you receive unless you are absolutely positive it is legitimate correspondence.
• Never log into anything unless you are certain it's safe to do so.
• Be wary of shared Google or Office 365 documents or forms unless you have verified the author and purpose of the document.
• And always feel free to ask first. Forward anything you suspect to phishing@amherst.edu. Doing so helps us protect dozens and sometimes hundreds of people each week. We're grateful for all the help we get and encourage everyone to send items to us if you have any doubts. And please don’t blame the victims of these attacks — we certainly don’t. The risk environment is fraught and becoming worse as attackers increasingly utilize AI tools to elevate the sophistication of their attacks.

As always, if you have questions, send them along to me or, as appropriate, askit@amherst.edu, and watch the Daily Mammoth as we communicate regularly about all of the topics in this update and more.

David Hamilton
Chief Information Officer
Amherst College