I’ve been thinking over the past couple of days what I might write about for this edition of “A View from the Support Desk”. There never is a lack of content. One of the challenges of working IT Support (like any support unit) is that questions are always coming in. These can range from simple requests, like making changes to support a new hire to more complicated questions related to unexpected behavior of computers, programs or functions. This is just the nature of the beast – there is a continual churn that comes with the territory of running a large IT operation within an academic environment.
But within these normal requests, comes ones that can occasionally stand out. I’m going to talk about two, very briefly….
The work you don’t see
One of the things that I’ve learned to appreciate while working more closely with IT Support has been the invisible work that you don’t see. This kind of invisible work exists all throughout the libraries. Take a simple example, like finding a book. For the user, this is a success if they can go to the website, do a search, find the item, and check it out. Simple, right? It should be – but the reality is, this process only works if the invisible work that needs to happen behind the scenes occurs. Acquisitions needs to order and process the book, technical services needs to describe the book and load it into our systems, our catalog and discovery tools need to make locating the content reliable, and our circulation systems need to be connected to the patron’s university information to allow checkout. That’s a lot of dependencies, and the truth is, that’s just a snapshot of what really happens.
The same is true in IT Support. I take for granted that when I turn on my machine, it will startup, print, be updated, join the network. These are common tasks that require significant moving parts and dependencies to work together to create a seamless experience. But what happens when things don’t work right? Well, that happens more often than you might think, but you often don’t see it. We have been dealing with something like this right now. I’ll save the gory details for another time, but IT Support has been working closely with Dell to correct a bad driver update that made some of our server infrastructure unstable. And by unstable, I mean, you would have noticed….
However, largely, you haven’t. Gaymon has been working closely with Dell, and furiously babysitting servers to ensure that when things crash or stop working as Dell troubleshoots, that he can have it back up. That’s meant that he may be up at 2 am checking on the server or spending all night with Dell engineers helping them troubleshoot their driver issues. And for the most part, you wouldn’t see that, because in the mist of the chaos, he’s worked to keep user services protected.
In technology support, these kinds of things happen. Like the example of finding a book – we have a lot of dependencies; vendors we rely on to update software and manage services. When one of these dependencies have issues, we work harder to make sure that the gap doesn’t affect users.
Recognizing Phishing
The second story happened just last night, and isn’t necessarily an IT Support issue, but one that should remind us that we all need to remain vigilant to phishing scams. Two weeks ago, OCIO made departments aware of a phishing campaign targeting the University. In fact, the University Libraries’ Cybersecurity Awareness Team blogged about it on Sept. 7th (https://library.osu.edu/site/it/beware-of-phishing-campaign-targeted-at-the-university/) and digital signage has been circulating this information through the libraries. Who knew how timely this information would be…
Last night, many in the Library community received a phishing attempt in Damon’s name. This was not an account connected with Damon, but one that someone (or someones) had created to look like the message had been sent from him. Did you get this message? I did…and here’s how it started…
There are a couple of immediate tells that should make someone immediately question this particular message.
- Why would Damon be emailing me from a gmail account?
- Would there be any reason, why Damon would be asking if I was available at 7:48 PM?
- If he wanted to get a hold of me, could he do it a different way?
I get these kinds of messages (though, using Damon was a nice touch) all the time. We probably all do. And the reality is, most folks will look at this, and immediately know that this likely isn’t an authentic message. But, if you are like me, when you seen Damon’s name, you gave this a second look.
In light of the phishing messages from OCIO, this was a great reminder to remain vigilant and demonstrates how attackers try to leverage social programming (i.e., you see Damon’s name, so you want to respond) in order to get users to compromise information.
So what are you to do? In this case, I would have written back to Damon using his Ohio State email if I believed that he really needed to get a hold of me. By following this protocol, you do two things:
- If this was a legitimate message, the follow-up would be seen and responded to.
- If this was a phishing attempt, the sender would be notified that their name had been co-opted by a rogue account…once made aware, they could contact appropriate agencies.
I think this might have been what happened, because Damon let the organization know that an email from a fake account had circulated. So, by the time I saw the phishing email, I knew that I didn’t have to let him know. But again, it’s a good reminder to always use a critical eye when looking through email – especially the message received seems out of character for the sender.
Reminders….
Finally – after talking to a few folks over the past couple weeks, it came to my attention that some in the organization don’t realize that the Libraries Technology team (AD&S, Digital Initiatives, and IT Support) maintain a comprehensive IT Help documentation page. This information provides a wide range of documentation to help users troubleshoot problems. While a user should always feel empowered to submit tickets to Hub (https://go.osu.edu/hub) to request help on a problem, I wanted to make sure that my library colleagues were aware of this rich resource as well. We maintain the IT Help on the Wiki – which you can find at: https://library.osu.edu/portal/confluence/display/IH/IT+Help.
Best,
–tr
