Category: Staff

Remain vigilant against online scams and phishing attempts

Just a little reminder, ’tis the season for on-line shopping…which also means ’tis the season for on-line scams.

Remember – Stay Vigilant:

1. If it looks too good to be true…it probably is.

2. Never type in your email address and password (or any other information) unless you are 100% sure it’s ok. If in doubt, stop, and ask questions.

3. Be careful downloading applications that promise awesome savings/gift cards or other such silly stuff…..(see #1).

4. Amazon doesn’t give away $500 gift cards just because they like you, or for filling out a survey (same with Walmart… see #1 ).

5. If there is ANY doubt in your head……submit a tech service ticket. We’d much rather spend 30 seconds answering your ticket than reimaging your laptop and seeing you upset and/or taken advantage of.

6. Don’t click on FedEx / UPS / USPS links in emails that come out of the blue ….. and if you do follow a link…remember # 2
(FedEx / UPS don’t need your Credit Card number or your Social Security number to verify your identity and shipping address.
Some of the emails the scammers send are *pretty* convincing, and they make them seem urgent, so pay attention and be EXTRA aware when dealing with any email about packages).

7. READ and LOOK at emails before you do anything…is the grammar just a little “off” ? Is the graphic kind of cheesy looking ? Who is the email from (does the address match who the person says they are)?

8. Some of the scammers have started setting up web sites that look very real / legit…but they are selling items at 1/4 the going rate…… do some shopping…is anyone else in the world selling the item that cheap ?….(see #1 )

9. Microsoft (or other computer companies) will NOT call you if your computer is having issues. They also do not have random Internet pages pop up telling you that your computer needs work.

10. If you have even the slightest doubt…. you can always just copy the text of the email into a google search. If it’s a scam, you’ll usually get lots of hits.

Happy holidays. Let’s be careful out there.

PCCSK12-Staff wireless network change to occur December 5th

In the advent of increased cybersecurity threats to educational institutions and at the insistence of our firewall support team, the P-CCS Technology Department will be adjusting access permissions for devices connected to the PCCSK12-Staff wireless network. This network was established so that staff could connect their personally-owned devices to our district network. P-CCS does not own or manage these devices, therefore, we have limited ability to monitor or protect them from digital and online threats. By restricting the access of personally-owned devices to internal network resources, we can significantly reduce the chances of potential equipment and data compromise.

Starting December 5, 2022, devices connected to the PCCSK12-Staff network will only be able to access the internet; access to internal network resources, such as network drives and printers, will no longer be permitted. Network drives and printers will only be accessible to district-owned devices on the PCCSK12-Devices or PCCSK12-Secure networks. We recognize that this may be an inconvenience for some, but it is a necessary step to help secure our district network equipment and data.

If you are impacted by this change and need assistance with accessing internal network resources, such as network drives and printers, from your district-owned device, please submit a service ticket.

Zoom Breakout Room features and the mmhmm app

Here are a few Zoom BREAKOUT ROOM reminders, a recent feature add AND an app that works within Zoom to possibly make it more engaging….

As the host of a meeting, you can still communicate and share information with participants from the main session even after you have assigned and moved participants to breakout rooms. This includes sharing your screen, sending a message, or broadcasting your mic audio to all open rooms. See this help guide to learn how to broadcast your microphone audio to all breakout rooms in a meeting. This setting is controlled separately from the broadcast message option.

The adjustment is now meeting hosts can view activity statuses of participants in breakout rooms (e.g. share screen, reactions).

If you’re a regular Zoom user, especially if working with students, and looking to enhance how you are seen in it, consider signing up for a free-to-educators premium mmhmm account (premium for 12 months, then reverts to basic version). The mmhmm app works with Zoom and lets you choose from a variety of virtual backgrounds or add your presentation slides as your background. There are also a variety of special effects that let you grow, shrink or turn yourself invisible.

from https://www.mmhmm.app/blog/mmhmm-premium-is-free-for-students-and-educators-for :

How to register as an educator (or high school student)

1. If you’re new to mmhmm, download the app and create an account. (it’s now available on Macs and Windows – and there’s even a web version.)

2. Once you have an account, or if you’ve already signed up, go to account.mmhmm.app/education and log in to your account with your e-mail and password.

3. To verify your eligibility, add your school e-mail address and tell us what you do.

4. Verify your e-mail by following the link we send.

5. Approvals can take up to five business days to complete. Once approved, your account will reflect the additional 12 months of Premium.

A couple of videos on how you might use the app.

Reminder to be vigilant when online

As some of you may be aware, the Los Angeles Unified School district was recently the victim of a cyber security attack which left several of their systems unusable for an extended period of time. Unfortunately, this is not an isolated incident in the education sector. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) have been issuing warnings that several ransomware organizations are specifically targeting the educational sector due to the vast amount of personally identifiable information (PII) available in the EDU space and the fact that the EDU space typically is the ‘lowest hanging fruit’ in the cyber world. Indeed, in 2021, U.S. schools lost $3.56 billion to ransomware attacks, and saw two educational institutions “shut down for good,” said Aaron Sandeen, CEO at Cyber Security Works (CSW).

While the Technology department does our best to reduce our “attack surface” and mitigate against attacks, it is also imperative that staff remain vigilant. Cyber criminals will attempt to compromise staff credentials to get “a foot in the door”. The most common method of obtaining credentials is through phishing attacks. As a reminder, phishing is when a malicious actor attempts to trick you, the user, to divulge personal information, such as passwords or financial information. Unfortunately phishing campaigns are becoming more and more convincing as time goes on. Malicious actors are becoming quite efficient at perfectly replicating emails to look like they are coming from legitimate sources such as Amazon, Netflix, Apple, etc.

Pictured below are some tips to identify phishing emails. Feel free to save or even print and hang it in your room/office as a daily reminder for you and our students on how to stay vigilant against someone out to take advantage of you:

Another method malicious actors use is pop-up messages while you are browsing the web. They will typically tell you that your computer is compromised and that you NEED to contact them for remediation. Please remember that NOBODY – not P-CCS Technology, Microsoft, Apple, etc. will ever display a pop-up on your computer asking for you to contact them. These are ALWAYS a scam. Here is an example of such a scam:

If you believe you have been the victim of a phishing attack, please submit a service ticket as soon as possible. We will not pass judgment as everybody makes mistakes. Our priority is to safeguard student/staff data and secure district resources such as the impacted technology equipment. Without knowledge, we cannot take the necessary steps to protect student and staff data from being exfiltrated and sold on the dark web.

As stated previously, we are continuously monitoring for malicious behavior and working towards improving our cyber security posture. If you have any questions or concerns, please submit a service ticket. And remember: Think before you click.

Below are some additional resources to help protect yourself from cyber criminals:

PayPal – Learn About Fake Messages

CISA – 4 steps for online safety

Ready.gov – Prepare yourself for cybersecurity attacks

Thank you for doing your part,

P-CCS Technology Department

New Features with Clever!

Clever is a customizable portal for teachers and districts to curate a list of links for easy access for students. When you customize a Teacher Page for your classes, your students will be able to find all of the resources they need in one place! Log in at https://clever.com/in/pccs

NEW FEATURES

You can share your Teacher Page with other teachers at your school.
You can also hide categories on your Teacher Page from students until you are ready for them to see the resources in that category.

This year, to help you stay organized with your shared resources, when you log in to Clever, you will see 3 new tabs: My Teacher Pages, District Page, and Shared with Me. All district-added resources will appear on the District Page. Any favorited resources or resources that you add will appear on My Teacher Pages. And any teacher pages shared with you will sppear on the Shared with me Page.

And, just in case you need a quick reminder, here’s a guide to help you create a Teacher Page. Additional resources can be found at tech.pccsk12.com/clever or from Clever Academy.

Also, want to hear about how other teachers are using Teacher Pages? Hear from Rosemary and Shawna.

Google Doc edit notifications

In Google Docs, starting later this month, you will be able to choose to receive email notifications for document changes (comments and/or edits) on a per file basis. Edit notification emails will detail what changes were made, when the changes were made, and who made them. (Google Sheets already has this notification feature.)

You will be able to configure these notifications in multiple places:

Gmail
In Docs via the Notification settings drop down (bell icon) or Tools > Notification settings.

Why you’d use it

Staying on top of relevant changes and comments across multiple documents can be difficult. By giving you the option to specify which comments and changes to be notified about, you can more easily stay on top of what needs your attention most and keep track of collaboration. You will be able to configure these settings from Gmail using the new “Notification settings” drop down:

They will also be accessible within Docs in the “Notification settings” drop down (bell icon). This will open a dialogue box with the notification settings options, which you can adjust as needed. Please note that edit notifications will be off by default and can be enabled on a per-document basis. When enabled, you will be notified when anyone adds or removes content from the document.

You can also access these settings in Tools > Notification settings.

Edit notifications will be OFF by default and can be enabled on a per document basis. Visit the Help Center to learn more about turning edit notifications on or off for your account.

Action Required: Enroll in Google Two-Factor Authentication

New Requirement – Two-Factor Authentication – Coming to All Staff P-CCS Google Accounts.

Starting August 15, 2022, each time staff initially log into their district Google, they will see the prompt above to enroll in 2-factor authentication until they do so.

It’s simple!

Just follow the prompts to either use the Google (Gmail) app you might already have installed on your cell phone, or enter a phone number to get a text or phone call with your code.

Follow THIS TUTORIAL for guidance

(Interested in written step-by-step directions: click here).

Please note, if you do not enroll in two factor authentication by September 30, 2022, you will be locked out of your account starting October 1, 2022.

“I didn’t see the prompt, but I don’t want to get locked out.”

**“I clicked ‘Do this later‘, now what?”**

Easy! Just follow the steps in THIS TUTORIAL to turn on your

Two-Factor authentication now!

(Interested in written step-by-step directions? Click HERE.)

THE WHAT

P-CCS staff already use Two-Factor Authentication when logging into MISTAR and Wayne Resa’s eEmployee portal SMART (where P-CCS staff access payroll information). Two factor authentication is an added layer of security to an online account. It can prevent 98% of hackers from accessing your account information. Two factor authentication is a system which after you login with your username and password you receive a code to verify it really is you trying to enter your account. Upon entering that code, you will then be able to access your account. And by October 1, 2022, all Faculty/Staff P-CCS Google accounts will be required to use two-factor authentication.

THE WHY

2-factor authentication drastically reduces the chances of having the personal information in your Google account stolen by someone else. If interested, this video shows more information about how Two-Factor Authentication keeps your account more secure. And though an extra step to log in may feel frustrating, it’s less frustrating than dealing with the repercussions of a compromised account. Additionally, school districts purchase cyber insurance which requires a regular review of security-related best practices/continuous improvement, and requiring an additional authentication method for account access is the next big push for districts to be compliant with cybersecurity risks/best practice.

THE WHEN

Beginning Monday August 15 All PCCS staff will be prompted to turn on 2-factor authentication. When you log in, the image above will prompt you to enroll. Staff must turn on two-factor authentication by September 30, 2022.

It is important to note the following

If you do not enroll in two-factor authentication prior to October 1, 2022, you will be locked out of your account, on or after that date.
You will not have to log in to Google with 2-factor authentication every day when using the same device if you opt to “remember” the device..
Once you authenticate and complete the 2-step verification process and make sure to “remember this device” (their verbiage is Don’t ask again on this computer), Google will not require 2-step verification every time you log in. From that point on, Google will not prompt you to perform 2-Step verification on that device unless you clear your browser’s cache, change your password, it’s been around 30 days since your last verification and/or if Google suspects that your account has been breached.
This two factor authentication will not be required for students and will not change how students log in to their P-CCS accounts.
If you prefer to not use a phone, or when it might not be available, consider retrieving backup codes for access. See this support article
for details.

This prior blog post also offers some news of this upcoming requirement.

Questions? Need help? Submit a help desk ticket!

Canvas Updates You May Have Missed

Canvas is always striving to make improvements for users. Just this week they are offering teachers the option to “Message OBSERVERS of Students Who…” Canvas has always had the option to message students who had missing work or scored more/less than, but now teachers will be able to have greater control of the students and observers that get the message.

Wondering what other cool updates you may have missed from Canvas in 2022? Here’s a quick look:

Gradebook/Speedgrader:
New Quizzes
Rich Content Editor
- Icon maker added to the Rich Content Editor making it much easier to add buttons and visuals in your Canvas content.

Next Fall, 2-Step verification expected for Google account access

By early next fall our district will begin to require staff users to use 2-Step verification in order to access their district Google accounts. A bit of background on what that is and an invitation to enable it prior to enforcement is the gist of this blog post.

[Note, the “2-Step verification” process may be known by other names like, “two-factor authentication” (2FA), or “multi-factor authentication (MFA)”.]

**What is 2-Step verification?**

2-Step verification adds a second layer of protection during the login process. Currently, your Google login is tied to “something you know” (your password). 2-Step verification adds a second layer of “something you have”, i.e., a mobile device, a phone number where you can be reached, a physical security key.

**Why will we be implementing 2-Step verification?**

Times are changing and hackers are finding new and creative ways to acquire user passwords: cyber hackers are buying lists of usernames and passwords on the dark web, they are using social engineering and email phishing tactics to steal passwords, they are also using something called “dictionary attacks” as a brute force method to guess weak passwords. Adding a second form of verification dramatically decreases the likelihood of your password, and consequently your account, being compromised. Additionally, school districts purchase cyber insurance which requires a regular review of security-related best practices/continuous improvement, and requiring an additional authentication method for account access is the next big push for districts to be compliant with cybersecurity risks/best practice.

**How often will I need to use 2-Step verification?**

Once you authenticate and complete the 2-step verification process and make sure to “remember this device” (their verbiage is Don’t ask again on this computer), Google will not require 2-step verification every time you log in. From that point on, Google will not prompt you to perform 2-Step verification on that device unless you clear your browser’s cache, change your password, it’s been around 30 days since your last verification and/or if Google suspects that your account has been breached.

**How do I enable 2-Step verification?**

For guidance on how to enable 2-Step verification for your district account, visit http://links.pccsk12.com/2stepdirections

————–

To make more secure other accounts you have (banking, Apple, Amazon, any other online retailers, especially ones with your credit card info, personal email, etc.), consider also enabling 2-Step verification if it isn’t already in place. Basically any account that would be a real bummer to have someone else you don’t sanction gain access to.

————–

Expect more details in future blog posts around this topic.

Wayne RESA’s Summer Learning Blitz

[vc_row][vc_column][vc_column_text css=”.vc_custom_1654132386571{margin-bottom: 0px !important;}”]Wayne RESA is again offering one hour online sessions Mondays through Fridays from 3 -4 pm throughout August. They are FREE and cover a variety of worthwhile topics. Check out the calendar below and register for whatever you’d like. They will record them and email a link to the recording to those that register, whether they attend ‘live’ or not.

WayneRESASummerLearning
``

[/vc_column_text][/vc_column][/vc_row]