Reminder to be vigilant when online

besafe

As some of you may be aware, the Los Angeles Unified School district was recently the victim of a cyber security attack which left several of their systems unusable for an extended period of time. Unfortunately, this is not an isolated incident in the education sector. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) have been issuing warnings that several ransomware organizations are specifically targeting the educational sector due to the vast amount of personally identifiable information (PII) available in the EDU space and the fact that the EDU space typically is the ‘lowest hanging fruit’ in the cyber world. Indeed, in 2021, U.S. schools lost $3.56 billion to ransomware attacks, and saw two educational institutions “shut down for good,” said Aaron Sandeen, CEO at Cyber Security Works (CSW).

While the Technology department does our best to reduce our “attack surface” and mitigate against attacks, it is also imperative that staff remain vigilant. Cyber criminals will attempt to compromise staff credentials to get “a foot in the door”. The most common method of obtaining credentials is through phishing attacks. As a reminder, phishing is when a malicious actor attempts to trick you, the user, to divulge personal information, such as passwords or financial information. Unfortunately phishing campaigns are becoming more and more convincing as time goes on. Malicious actors are becoming quite efficient at perfectly replicating emails to look like they are coming from legitimate sources such as Amazon, Netflix, Apple, etc.

Pictured below are some tips to identify phishing emails. Feel free to save or even print and hang it in your room/office as a daily reminder for you and our students on how to stay vigilant against someone out to take advantage of you:

Flags

Another method malicious actors use is pop-up messages while you are browsing the web. They will typically tell you that your computer is compromised and that you NEED to contact them for remediation. Please remember that NOBODY – not P-CCS Technology, Microsoft, Apple, etc. will ever display a pop-up on your computer asking for you to contact them. These are ALWAYS a scam. Here is an example of such a scam:

scam

If you believe you have been the victim of a phishing attack, please submit a service ticket as soon as possible. We will not pass judgment as everybody makes mistakes. Our priority is to safeguard student/staff data and secure district resources such as the impacted technology equipment. Without knowledge, we cannot take the necessary steps to protect student and staff data from being exfiltrated and sold on the dark web. 

As stated previously, we are continuously monitoring for malicious behavior and working towards improving our cyber security posture. If you have any questions or concerns, please submit a service ticket. And remember: Think before you click.

Below are some additional resources to help protect yourself from cyber criminals:

PayPal – Learn About Fake Messages

CISA – 4 steps for online safety

Ready.gov – Prepare yourself for cybersecurity attacks

Thank you for doing your part,

P-CCS Technology Department

 

New Features with Clever!

Clever is a customizable portal for teachers and districts to curate a list of links for easy access for students. When you customize a Teacher Page for your classes, your students will be able to find all of the resources they need in one place! Log in at https://clever.com/in/pccs

NEW FEATURES

This year, to help you stay organized with your shared resources, when you log in to Clever, you will see 3 new tabs: My Teacher Pages, District Page, and Shared with Me. All district-added resources will appear on the District Page. Any favorited resources or resources that you add will appear on My Teacher Pages. And any teacher pages shared with you will sppear on the Shared with me Page.

 

And, just in case you need a quick reminder, here’s a guide to help you create a Teacher Page. Additional resources can be found at tech.pccsk12.com/clever or from Clever Academy.

Also, want to hear about how other teachers are using Teacher Pages? Hear from Rosemary and Shawna.

​Google Doc edit notifications

Google doc notifications
In Google Docs, starting later this month, you will be able to choose to receive email notifications for document changes (comments and/or edits) on a per file basis. Edit notification emails will detail what changes were made, when the changes were made, and who made them. (Google Sheets already has this notification feature.)
You will be able to configure these notifications in multiple places:
  • Gmail
  • In Docs via the Notification settings drop down (bell icon) or Tools > Notification settings.

 

Why you’d use it
Staying on top of relevant changes and comments across multiple documents can be difficult. By giving you the option to specify which comments and changes to be notified about, you can more easily stay on top of what needs your attention most and keep track of collaboration. You will be able to configure these settings from Gmail using the new “Notification settings” drop down:
Google doc notification
They will also be accessible within Docs in the “Notification settings” drop down (bell icon). This will open a dialogue box with the notification settings options, which you can adjust as needed. Please note that edit notifications will be off by default and can be enabled on a per-document basis. When enabled, you will be notified when anyone adds or removes content from the document.
notification
You can also access these settings in Tools > Notification settings.
Edit notifications will be OFF by default and can be enabled on a per document basis. Visit the Help Center to learn more about turning edit notifications on or off for your account.

Action Required: Enroll in Google Two-Factor Authentication

image showing 2-factor warning

New Requirement – Two-Factor Authentication – Coming to All Staff P-CCS Google Accounts.

 

Starting August 15, 2022, each time staff initially log into their district Google, they will see the prompt above to enroll in 2-factor authentication until they do so.
It’s simple!
Just follow the prompts to either use the Google (Gmail) app you might already have installed on your cell phone, or enter a phone number to get a text or phone call with your code.
Follow THIS TUTORIAL for guidance
(Interested in written step-by-step directions: click here). 

 

Please note, if you do not enroll in two factor authentication by September 30, 2022, you will be locked out of your account starting October 1, 2022.

 

“I didn’t see the prompt, but I don’t want to get locked out.”
“I clicked ‘Do this later‘, now what?”
Easy! Just follow the steps in THIS TUTORIAL to turn on your
Two-Factor authentication now! 
(Interested in written step-by-step directions? Click HERE.)

 

THE WHAT

P-CCS staff already use Two-Factor Authentication when logging into MISTAR and Wayne Resa’s eEmployee portal SMART (where P-CCS staff access payroll information). Two factor authentication is an added layer of security to an online account. It can prevent 98% of hackers from accessing your account information. Two factor authentication is a system which after you login with your username and password you receive a code to verify it really is you trying to enter your account. Upon entering that code, you will then be able to access your account.  And by October 1, 2022, all Faculty/Staff P-CCS Google accounts will be required to use two-factor authentication.  

 

THE WHY

2-factor authentication drastically reduces the chances of having the personal information in your Google account stolen by someone else. If interested, this video shows more information about how Two-Factor Authentication keeps your account more secure. And though an extra step to log in may feel frustrating, it’s less frustrating than dealing with the repercussions of a compromised account. Additionally, school districts purchase cyber insurance which requires a regular review of security-related best practices/continuous improvement, and requiring an additional authentication method for account access is the next big push for districts to be compliant with cybersecurity risks/best practice.

 

THE WHEN

Beginning Monday August 15 All PCCS staff will be prompted to turn on 2-factor authentication. When you log in, the image above will prompt you to enroll. Staff must turn on two-factor authentication by September 30, 2022.

It is important to note the following 

  • If you do not enroll in two-factor authentication prior to October 1, 2022, you will be locked out of your account, on or after that date.
  • You will not have to log in to Google with 2-factor authentication every day when using the same device if you opt to “remember” the device.. 
  • Once you authenticate and complete the 2-step verification process and make sure to “remember this device” (their verbiage is Don’t ask again on this computer), Google will not require 2-step verification every time you log in. From that point on, Google will not prompt you to perform 2-Step verification on that device unless you clear your browser’s cache, change your password, it’s been around 30 days since your last verification and/or if Google suspects that your account has been breached.
  • This two factor authentication will not be required for students and will not change how students log in to their P-CCS accounts.
  • If you prefer to not use a phone, or when it might not be available, consider retrieving backup codes for access. See this support article 
  •  for details.

This prior blog post also offers some news of this upcoming requirement.

Questions? Need help? Submit a help desk ticket!

Canvas Updates You May Have Missed

Canvas update summary

Canvas is always striving to make improvements for users. Just this week they are offering teachers the option to “Message OBSERVERS of Students Who…” Canvas has always had the option to message students who had missing work or scored more/less than, but now teachers will be able to have greater control of the students and observers that get the message.

workflow for messaging observers

Wondering what other cool updates you may have missed from Canvas in 2022? Here’s a quick look:

Next Fall, 2-Step verification expected for Google account access

2-Step

By early next fall our district will begin to require staff users to use 2-Step verification in order to access their district Google accounts. A bit of background on what that is and an invitation to enable it prior to enforcement is the gist of this blog post.

[Note, the “2-Step verification” process may be known by other names like, “two-factor authentication” (2FA), or “multi-factor authentication (MFA)”.]

What is 2-Step verification?

2-Step verification adds a second layer of protection during the login process. Currently, your Google login is tied to “something you know” (your password). 2-Step verification adds a second layer of “something you have”, i.e., a mobile device, a phone number where you can be reached, a physical security key.

Why will we be implementing 2-Step verification?

Times are changing and hackers are finding new and creative ways to acquire user passwords: cyber hackers are buying lists of usernames and passwords on the dark web, they are using social engineering and email phishing tactics to steal passwords, they are also using something called “dictionary attacks” as a brute force method to guess weak passwords. Adding a second form of verification dramatically decreases the likelihood of your password, and consequently your account, being compromised. Additionally, school districts purchase cyber insurance which requires a regular review of security-related best practices/continuous improvement, and requiring an additional authentication method for account access is the next big push for districts to be compliant with cybersecurity risks/best practice.

How often will I need to use 2-Step verification?

Once you authenticate and complete the 2-step verification process and make sure to “remember this device” (their verbiage is Don’t ask again on this computer), Google will not require 2-step verification every time you log in. From that point on, Google will not prompt you to perform 2-Step verification on that device unless you clear your browser’s cache, change your password, it’s been around 30 days since your last verification and/or if Google suspects that your account has been breached.

How do I enable 2-Step verification?

For guidance on how to enable 2-Step verification for your district account, visit http://links.pccsk12.com/2stepdirections

See also https://support.google.com/accounts/answer/185839 AND https://safety.google/authentication/

————–

To make more secure other accounts you have (banking, Apple, Amazon, any other online retailers, especially ones with your credit card info, personal email, etc.), consider also enabling 2-Step verification if it isn’t already in place. Basically any account that would be a real bummer to have someone else you don’t sanction gain access to.

————–

Expect more details in future blog posts around this topic.

Wayne RESA’s Summer Learning Blitz

[vc_row][vc_column][vc_column_text css=”.vc_custom_1654132386571{margin-bottom: 0px !important;}”]Wayne RESA is again offering one hour online sessions Mondays through Fridays from 3 -4 pm throughout August. They are FREE and cover a variety of worthwhile topics. Check out the calendar below and register for whatever you’d like. They will record them and email a link to the recording to those that register, whether they attend ‘live’ or not.

WayneRESASummerLearning
``

 

[/vc_column_text][/vc_column][/vc_row]

REMC June free PD opportunities

REMC June PD

June REMC Courses are a great way to kick-off your summer learning 

June courses are a great way to build new skills and get a jump on your summer learning. Interested in a new technology tool? Need to earn SCECHs? Look no further than a June REMC Course!

Registration deadline is Friday, June 3rd, each course begins on Monday, June 6th. Through the support of REMC SAVE’s vendor partners, all courses are FREE and there are no SCECH fees. Don’t miss out on the opportunity to learn, connect, collaborate and grow from the convenience of your home.

Check out June 2022 courses here:

Sharing Digital Resources with Colleagues

If you are retiring from teaching, changing roles, or changing grades, you might be wondering how you can best share some of your teaching materials with colleagues from your department or team.  This post will offer some suggestions. If you are retiring or leaving the district, a separate email will be sent to you regarding how you can use Google’s services to make copies of some of your materials for your personal Google account and return district technology at the end of the school year. Please be on the look out for that email if it applies to you.

Share Google Content with Colleagues

You will want to make sure that a colleague you want to share files with is made the owner of a document or folder. You can change this if you are the current owner.

image showing where to update the owner
This option is best if you are leaving the district. Change this setting after you have used Google Transfer or Download.

If you are not leaving the district and want your files shared, but not altered, you might download a folder and then re-upload it to your Drive naming it “3rd Grade Originals.” This will allow you to maintain a copy of your versions of the documents.

Please be mindful about checking folders before you share them to ensure confidential, student information is not shared.

Share Canvas Course Content

You are able to export your Canvas course as an IMSCC ZIP file that can be uploaded into many Learning Management Systems (if you are leaving the district) or shared via a thumb drive.

image showing course copy optionIf you want to share your course with another teacher, you can make a copy of your course (found in Settings). When you make the copy you can select the specific content you are willing to share, give it a name (i.e. Bullock Shared US History) and then add your colleague(s) as a teacher in the course.  Finally, to make your course more widely available to others at P-CCS you can export your course to Canvas Commons, when you export you can choose to make it viewable to the public or only to P-CCS teachers. 

Share Video Content

While it is best practice for instructional videos to be made by the existing teacher, it might be helpful for others to reference your video lessons. If you would like to share your video lessons, we recommend this workflow:

Please submit a tech ticket if you have additional questions about sharing content.

Easy Digital Business Cards with HiHello

free digital cards

image of digital business card from hihello

We are excited to share the tool, HiHello. Spend about 5 minutes getting signed up and entering in your information and you get a professional looking email signature and Zoom background. The Zoom backgrounds (pictured below) are especially helpful because they can display your name, position, and pronouns which is helpful if you are in a lot of meetings with families and community members. You can also upload the P-CCS logo or your school logo. Get the mobile app and have access to a digital business cards that can easily be shared. Check it out!

image with hihello zoom background