Security

FDU’s Acceptable Use Policy prohibits running software that accepts incoming connections from other computers. Programs such as BitTorrent or other P2P file sharing hosting program all contain server components that allow others to connect to your computer and retrieve files off of your system. In addition to the legal implications of sharing copyrighted materials, file sharing software creates a security concern. Improper use of these programs could result in the compromise of your private files and may leave your system open to attacks from other computers.

To view FDU’s stance on this issue in its entirety, please view the document below.

Two-factor Authentication

Two-factor authentication also referred to as multi-factor authentication, provides an additional layer of security when logging in to a website. Two-factor authentication is becoming the standard in cybersecurity. Google, Apple, and other services all have their two-factor authentication methods. In short, passwords are no longer sufficient in protecting our sensitive data; we’ve got to add another layer of security to our accounts.

Common FAQ’s for Duo Authentication

• What are my authentication options?
  • DUO Push – if you have the DUO Mobile App installed on your smartphone or tablet, you can receive a push notification. From the app, you can approve or deny the login attempt.
  • Passcodes via DUO Mobile App – If you have the DUO Mobile app installed, you can receive a single passcode by tapping the FDU logo in the mobile app. This code must be used immediately.
  • Passcodes via SMS (Faculty/Staff Only) – users can receive a one-time use code via text message. To get you a one-time code, click Enter Passcode, then click on the blue button “Text me new codes.”  These codes do not expire, and they are valid until used.    You do not have to have a smartphone for this option.
  • Phone Call
  • (Faculty/Staff Only) – you can receive a phone call on your mobile phone or landline phone. The call will give instructions on approving or denying the login attempt.
• Is DUO Mandatory?

  DUO is required for all FDU Staff, Faculty, and Students.

• What are Passcodes?

  If you opt-out of the DUO Mobile Application push notifications, there are a variety of passcode options to utilize as your second verification method.

  • Passcodes via DUO Mobile App – If you have the DUO Mobile app installed, you can receive a single passcode by tapping the FDU logo in the mobile app. This code must be used immediately.

   

  • Passcodes via SMS (Faculty/Staff Only) – users can receive a one-time use code via text message. To get you one-time code click Enter Passcode, then click on the blue button “Text me new codes.”These codes do not expire, and they are valid until used. You do not have to have a smartphone for this option.

   

  • Temporary Passcodes – If you do not have your device with you, you can obtain temporary passcodes by calling the Fairleigh Dickinson University Technical Assistance Center (UTAC). Each of the passcodes can only be used once, and will expire in 7 days.
• What does “Remember This Device for 60 Days” mean?

  Selecting this option will allow you to bypass DUO authentication for the next 60 days. This only works if cookies are enabled, and you are logging in from the same computer and browser. You will still be prompted to verify once – with your username and password. You will not be able to access your settings on that particular browser during the 60 days. Please note that if you have tools or policies running that regularly delete or clean cookies, the remember me feature will not work. If you do need to access your settings (perhaps to add another device), just try another browser or visit the FDU Self-Service Portal. Remember me will not work if your browser is set to private browsing mode.

• How does “Remember This Device for 60 Days” work?

  The remember me feature relies on browser cookies. For remember me to work, your Internet browser must allow cookies to be stored. Visit your browser content settings to ensure cookies are being stored. Some departments on campus do not allow cookies to be stored. If the remember me feature does not work on your browser, check with desktop support in your area.

• Forgot your device?

  If you do not have your device with you, you can obtain a batch of temporary passcodes. To obtain a temporary passcode, call the Fairleigh Dickinson University Technical Assistance Center (UTAC).  Each of the passcodes can only be used once and will expire in 7 days.

  NOTE: If you have lost your device, please report it to the Fairleigh Dickinson University Technical Assistance Center (UTAC).  We want to ensure someone else does not maliciously authenticate your account with your device.

• Who can use DUO?

  DUO is available to all faculty,staff, and Students. At this time, DUO is not available to FDU retirees, past employees, or alumni.

• Can I use DUO without using Wi-Fi or Cellular data?

  Yes, the passcode option on the DUO app does not require WiFi or cellular connectivity, it even works on airplane mode. To use this option, visit the DUO app on your smartphone, and tap the key icon to obtain a passcode. Enter the passcode into the DUO prompt when logging into any website that requires DUO authentication.

• What Applications are Using DUO?

  DUO Authentication is required by any application the utilizes the university Single Sign-On (SSO) service.  Examples of some websites that require DUO authentication are listed below.

  • WebAdvisior
  • WebCampus
  • Office365 (Office365.fdu.edu)
  • Blackboard
  • Zoom
• I have stopped receiving push notifications on DUO Mobile.

  You may have trouble receiving push requests if there are network issues between your phone and Duo’s service. Many phones have difficulty determining whether to use the Wi-Fi or cellular data channel when checking for push requests and simply turning the phone to airplane mode and back to normal operating mode again often resolves these types of issues, if there is a reliable internet connection available. Similarly, the issue may be resolved by turning off the Wi-Fi connection on your device and using the cellular data connection.

  Check the time and date on your phone and make sure they are correct. If the date and time on your phone are manually set, try changing your device’s configuration to sync date and time automatically with the network.

  iOS users can run a troubleshooting tool from within Duo Mobile version 3.32.0 or later. To run the tool:

  1. Open the Duo Mobile app on your iOS device and tap the Edit button in the top left of the accounts list screen, then tap the name of the account for you aren’t receiving push requests.
  2. Next, tap the Get Started button in the “Missing Notifications?” section of the “Account Details” screen.
  3. Duo Mobile performs the test. If any step fails, you’ll receive further troubleshooting suggestions. After taking the suggested actions, press “Run test again” to retry.

  The steps that Push Troubleshooting performs automatically are as follows:

  • Check device settings.
  • Check internet connectivity.
  • Check that the device can contact Duo’s cloud service.
  • Attempts to send a test Duo Push notification.

  Should none of these actions help, see the Duo Knowledge Base for additional iOS and Android troubleshooting steps.

  If you can’t get Duo Push working on your own, you can log in with a passcode generated by the Duo Mobile app and send a new activation link to your phone.

  If you’ve tried the suggestions here but can’t get Duo Push working or reactivate your device yourself, please contact the Fairleigh Dickinson University Technical Assistance Center (UTAC).

• What if I get a notification that someone is trying to access my account, but I didn’t request it?

  Press the red “X“ to deny access to your account, then promptly change your FDU NetID password.

• Is the DUO smartphone app available for iOS (iPhone / iPad) and Android devices?

  Yes! Visit the app store on your smartphone to download DUO Mobile.

  DUO for iOS >

  DUO for Android >

  NOTE: Google Play Services are required to receive push notifications on Android. Users without Google Play Services installed will have to “fetch” by swiping down in the DUO Mobile app.

• What if I get a new smartphone or device?
  1. If your phone number has not changed, login to FDU Self-Service Portal then choose the “Call my Phone” option.
  2. Choose your device from the list, and then click “Device Options” next to your phone.
  3. Next click the “Reactivate Duo Mobile” button (you will need to install the Duo app on your phone to proceed). Then follow the instructions to activate DUO Mobile on your new device.

  If you have a new phone number, you will first need to obtain a temporary passcode (see the ‘What are Passcodes?’ section above).

  1. Login to FDU Self-Service Portal and enter the temporary passcode.
  2. Click on “Add a new device.”
  3. Once you complete adding your new device, please delete the device you are replacing.
• Can I have DUO on more than once device?

  Yes, you can add devices by visiting your DUO settings. When you see the DUO prompt with the three notification options, click “Settings” at the top right.

  NOTE: If you are using the Remember Me for 60 days feature, you will need to visit FDU Self-Service Portal access your settings.)

  After you click Settings, click “Add a New Device“. You can register smartphones, cell phones, tablets, and landline phones.

• What can the DUO app access on my smartphone?

  The DUO smartphone application serves only to provide two-factor authentication. It does not access any personal information on your device, nor does it track your location. Learn more about DUO’s commitment to privacy on its website.

• Still have Questions about DUO?

  For additional support, please visit the Fairleigh Dickinson University Technical Assistance Center (UTAC).

Code42 is a backup agent that will back up all data on a university device under the primary owner’s profile. The backup sets can be used for restoring data to a machine, whether it has been reformatted, replaced, or compromised. This document will outline the steps needed to install, activate, and restore data to a new or existing device.

Section – Basics

Part : About Code42

About Code 42

Code42 Policy

Code42 is required on all University provided desktops and laptops to backup all University Business data to prevent data loss.

Who Can use Code42?

Code42 is presently licensed for full-time faculty and full-time staff only. The University mandates Code42 for proper data security practices. If a user has personal data that they wish to exclude from being backed up, a folder labeled “Personal Documents” can be found and utilized in your “Documents” folder. This folder and its contents will be ignored by Code42 when your system is being backed up.

Personal Documents folder locations:

Windows PC	C:\users\username\Documents\Personal Documents\
macOS	/users/username/documents/Personal Documents/

Is My Data Secure?

Code42 uses AES-256 encryption is used when storing your backups and can only be accessed by the Code42 account owner and administrators.

What is Backed Up?

All data found in a user profile will be backed up by Code42.

Location of User Profile:

Windows PC	C:\users\UserName\
macOS	/users/username/

Section – Installation

Part : How to Install on a Windows PC

How to Install on a Windows PC

To install Code42 on your Windows PC, please follow the instructions below.

Before Installing Code42, you must be logged in as the owner of the machine using your NetID Credentials.

1. Open FDU Self Service Portal for Software on your University PC
2. Click on Code42 Backup and then click “Install” on the right-hand side

The entire process will take approximately 5-7 minutes, depending on your internet speed. Once Code42 is installed, your account is automatically provisioned in the Code42 system, and your backup will begin shortly.

Part : How to Install on macOS

How to Install on macOS

To install Code42 on your macOS device, please follow the instructions below.

1. Locate the FDU Self Service Portal in your applications folder or locating the icon on your dock
2. Locate Code42 Backup and click “Enroll”

3. After the package installs, you will be prompted to enter your FDU email address and then click “OK“

The entire process will take approximately 5-7 minutes, depending on your internet speed. Once Code42 is installed, your account is automatically provisioned in the Code42 system, and your backup will begin shortly.

Part : How to Replace or Add a Second Device

How to Replace or Add a Second Device

This process is used when someone will be assigned a second device and wishes to have it backed up or if the Code42 needs to be re-installed on the same device. Because an account already exists, it cannot be provisioned automatically. It must be manually setup either to replace an existing device or create a new backup set on the second computer.

1. Click on the Code42 app in the system tray (PC) or Menu bar (macOS) and then click “Setup Device”

2. If prompted, log in to the FDU NetID Portal and proceed through the FDU single sign-on process
3. Click “Replace Existing”

4. Click “Start” to continue with the replace existing device process

5. Select the device from the list you are replacing and click “Continue”

6. Click “Select Files” on the following window

7. Select and Choose which files you wish to replace by placing a checkmark next to each. When finished, click “Restore Files”

8. The next window will allow you to select how you wish to restore your files. Make your selections and click “Go”

9. The next window will display download progress for the restore process. You can continue forward by clicking “Continue” at the bottom

10. The next window Downloads the Files to your device. When the transfer is completed, click “Next”

11. Your Transfer is now complete, click “Finish“

Part : Verifying Backup Progress

Verifying a Backup Instructions

If you are unsure if you have Code42 installed and backing up your system, this quick guide will help give you some comfort.

1. Click on the Code42 icon from the system tray on Windows and the menu bar on macOS

Code42 Icon

2. The Progress will be displayed like in the Figure below

Section – Managing Backups

Part : How to Manage Backups

How to Manage Backups

Code42 allows you to manage your backup sets.  If you want to review your backup set or request assistance, please contact the Fairleigh Dickinson University Technical Assistance Center (UTAC) to initiate a service request.

Part : How to Restore Files

How to Restore Files

Accidentally deleted or unable to find a file? Code42 can help. Please follow the following guidelines in restoring lost or previous versions of files.

1. Click the Code42 System Tray or macOS menu bar Icon

Code42 Icon

2. Left-click on the gear symbol and left-click on “Open Code42….”

3. If prompted, log in to the FDU Single sign-on Portal and proceed through the FDU DUO Multifactor authentication procedures
4. Click “Restore Files”
5. Select the device you wish to restore from

6. You can select a date range from when you wish to restore from on the right-hand side
7. Navigate to the folder(s) and/or file(s) you wish to restore and place a check next to each one
8. Click “Restore Files”

9. Select how Code42 will restore your files. Click “Go” when finished

The time it takes to restore your files will depend on how much data is being restored, available system resources, and available bandwidth.

Part : How to Add Backup Sets

How to Add Backup Sets

Using Code42 you can create backup sets that will back up your data to additional devices utilizing a schedule. This is useful to have immediate access to critical files in the event of data loss.

This guide is only needed if you wish to have a local backup of your data.

1. Click the Code42 System Tray or macOS menu bar Icon

Code42 Icon

2. Left-click on the gear symbol and left-click on “Open Code42….”

3. If prompted, log in to the FDU Single Sign-on Portal and proceed through the FDU DUO Multi-factor authentication procedures
4. From the Code42 console window, click the “Dropdown Arrow” symbol next to your device name to drop down a menu, then click “Add Backup Set…”

• The next window will be the Add Backup Set configuration window.

6. Click “Rename” to label your backup set
7. Changing Selected Files, click “Change”, and select the files and folders you wish to backup to a local destination

8. When finished click “Save“
9. Click “Change” to set your destination for your backup

10. Select your destination by clicking “Add Local Destination (usually an external hard drive) and click “Save“

11. Click “Add Set” to finalize the setup and start backing up to a local location

Your new back upset is finished and will begin backing up as configured.

Section – Troubleshooting

Part : Backup Alert Email Notifications

Backup Alert Email Notifications

Code42 will send users an email alert notifying of any incomplete backups of their devices.

• The Code42 email alert will be sent from Code42 for Enterprise <noreply@code42.com>
• The Subject line of the email will be labeled with: Critical: [Name of Device] not backed up

Backup Alert

You will receive an alert when your computer hasn’t backed up to Code42 for 5 calendar days. The email will look like the example below:

What to do if you get a backup alert

After receiving a Code42 backup alert email, you should locate the device the email specifies in need of backup. The Code42 device name will be listed in the Subject: line and Computer Name: line of the Code42 backup alert email. To locate the name of a Code42 device, left-click the Code42 “C” symbol icon in the Windows System Tray, also referred to as the notification area.

For macOS users left-click Code42 “C” symbol icon on the macOS icon menu bar. The Code42 device name will be displayed in the console. Ensure the Code42 application displays the same name as the Code42 backup alert email you received.

Code42 “C” symbol icon

Code42 Device Name

After locating the correct specified device stated in the Code42 backup alert email, force a backup of the device by performing the following:

1. Left-click the “Code42” System Tray or macOS menu bar Icon

Code42 Icon

2. Left-click “Run backup now“

Part : Getting Support

Getting Support

Select employees of Fairleigh Dickinson University may be required to engage with confidential University data.

The FDU Confidentiality Agreement and Security Policy defines your obligations under Federal and State guidelines to preserve the security and confidentiality of this information.

Confidentiality Agreement and Security Policy

Fairleigh Dickinson University regards the security and confidentiality of data and information to be of utmost importance. Each individual granted access to electronic and/or hard copy data holds a position of trust and must preserve the security and confidentiality of the information to which he/she is granted access to. Therefore, it is the intent of this policy to ensure that University data, in any format, is not divulged outside of Fairleigh Dickinson University without explicit approval to do so by an Associate Vice-President of the University or higher who has responsibility for the data in question. As such, the University requires all users of data to follow the procedures outlined below:

Policy on Confidential Information

Users of University data are required to abide by all applicable Federal and State guidelines and University policies regarding confidentiality of data, including the Family Education Rights and Privacy Act (“FERPA”) and, as applicable, The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). For more information, see FERPA and HIPAA).

Confidential Information shall be defined as:

• regarding student, faculty or staff: any personally-identifiable records, financial records (including social security and credit card numbers), health records; contracts, research data; alumni and donor records; personnel records other than an individual’s own personnel record;

• regarding the University: University financial data; computer and system passwords, University issued PINS, University proprietary information/data; and

• any other information for which access, use, or disclosure is not authorized by: 1) federal, state, or local law; or 2) University policy.

The individual receiving the Confidential Information shall have no obligation under this Policy with respect to Confidential Information which:

• is or becomes publicly available without breach of this Policy by the recipient;
• is rightfully received by the recipient without obligations of confidentiality; or
• is developed by the recipient without breach of this Policy; provided, however, such Confidential Information shall not be disclosed until thirty (30) days after written notice of intent to disclose is given to the University officer who has responsibility for the data in question, along with the asserted grounds for disclosure;
• is disclosed in accordance with any “whistle blower” action as provided in the U.S. False Claims Act, the New Jersey Conscientious Employee Protection Act (“NJCEPA”), or similar legislation. (Brief overview of the NJCEPA is available at here.

Any individual with authorized access to the Confidential Information is given access solely for the business of the University and must not divulge the Confidential Information outside of the University except for University business requirements approved by the President of the University or the division head responsible for the data in question. Specifically, with respect to Confidential Information, individuals must:

1. Access Confidential Information solely in order to perform his/her job responsibilities.
2. Not seek personal benefit or permit others to benefit personally from any Confidential Information that has come to them throughout their work assignments.
3. Not make or permit unauthorized use of any Confidential Information in the University’s information system or other records.
4. Not enter, change, delete or add data to any information system or files outside of the scope of their job responsibilities.
5. Not include or cause to be included in any record or report, a false, inaccurate or misleading entry known to the user as such.
6. Not alter or delete or cause to be altered or deleted from any records, report or information system, a true and correct entry.
7. Not release Confidential Information other than what is required in completion of job responsibilities which is consistent with this Policy.
8. Not exhibit or divulge the contents of any record, file or information system to any person unless it is necessary for the completion of their job responsibilities.

It is the individual’s responsibility to immediately report, as outlined under “Information Security Breech and Violation Reporting” at the end of this Policy, if the individual has violated this Policy. Additionally, given the potential harm that the University may suffer with the release of any Confidential Information, all employees are strongly encouraged to report any suspected violation of this policy or any other action, which violates confidentiality of data, as outlined at the end of this policy.

Security Measures and Procedures

All users of University information systems, including Datatel, MS File shares and FDU Office 365 email accounts, are supplied with an individual user account to access the data or systems necessary for the completion of their job responsibilities. Users of the University information systems are required to follow the procedures outlined below:

1. All transactions, processed by a user ID and password, or PIN, are the responsibility of the person to whom the user ID was assigned. The user’s ID, password, and PIN must remain confidential and must not be shared with anyone.

• Using someone else’s user ID, password or PIN is a violation of policy, no matter how it was obtained.

• Your user ID, password or PIN provides access to information that has been granted specifically to you. To reduce the risk of shared passwords – remember not to post your password or PIN on or near your workstation or share your password or PIN with anyone.

• It is your responsibility to change your password immediately if you believe someone else has obtained it.

If you need your Password or PIN changed, please contact the Fairleigh Dickinson University Technical Assistance Center (UTAC) immediately.

2. Access to any student or employee information (in any format) is to be determined based on specific job requirements. The appropriate Department Chair, School Director, Department Director/Manager, Dean, Provost, and/or Vice President is responsible for ensuring that access is granted only to authorized individuals, based on their job responsibilities. Written authorization must be received by the Computer Center prior to granting system access.

You are prohibited from viewing or accessing additional information (in any format) unless you have been authorized to do so. Any access obtained without written authorization is considered unauthorized access.

In order to prevent unauthorized use, the user shall log off of all applications that provide access to confidential information, or lock their computer when leaving their workstation. This is especially important during breaks and lunch. Unless there is a specific business need, all workstations should be shut down at the end of the workday.

Note: If you require assistance in establishing your workstation password, please access the screensaver documentation or contact the Fairleigh Dickinson University Technical Assistance Center (UTAC).

3. If you have any reason to believe your password or PIN has been compromised or revealed inadvertently, you should change your password and immediately notify one of the individuals as outlined under “Information Security Breech and Violation Reporting” at the end of this policy.

Note: All University’s computer system will periodically prompt you to change your password.

4. Upon termination or transfer of an employee, Human Resources will notify University Systems and Security, who in turn will notify the appropriate areas in the Computer Center.

5. Generally, students, temporary employees and consultants should not have access to the University record system. Written approval by the Department Chair, School Director, Department Director/Manager, Dean, Provost, and/or Vice President in charge of the respective area is required if it is determined that access is required. The student, temporary employee or consultant is to be held to the same standards as all University employees, and must be made aware of their responsibilities to protect student and employee privacy rights and data integrity. Written authorization must be received by the Computer Center prior to granting system access.

6. You agree to properly secure and dispose of any outputs or files you create in a manner that fully protects the Confidential Information.

Additionally, I understand that if granted access to process transactions via Datatel data entry screens, any information I enter or change will be effective immediately. Accordingly, I understand that I am responsible for any changes made using my ID.

I understand that my access to University data is for the sole purpose of carrying out my job responsibilities and Confidential Information is not to be divulged outside of The University, except as previously stated. Breach of confidentiality, including aiding, abetting, or acting in conspiracy with any other person to violate any part of this policy, may result in sanctions, civil or criminal prosecution and penalties, employment and/or University disciplinary action, and could lead to dismissal, suspension or revocation of all access privileges. I understand that misuse of University data and any violation of this policy or the FERPA, HIPAA or GLB policies are grounds for disciplinary action, up to and including dismissal. This Agreement shall not abridge nor supersede any rights afforded faculty members under the Faculty Handbook.

Information Security Breech and/or Policy Violation Reporting

If you suspect an Information Security Data Breech or a violation of this policy, report such an event to your department chair or staff supervisor and send an immediate email to violation@fdu.edu. If you do not have immediate access to email, contact the Fairleigh Dickinson University Technical Assistance Center (UTAC); do not provide details but request a ticket be opened with University Systems & Security due to an information security data breech or policy violation requesting an immediate callback. When practical, also send an email to violation@fdu.edu.

---

Duo Two-Factor Authentication

DUO two-factor authentication adds a second layer of security to your FDU NetID. It requires two factors to verify identity. These factors include something you know – your FDU NetID and password, and something you have – a phone or passcode, to authenticate and gain access to your account on FDU services. Passwords alone no longer provide adequate protection against cyber hacking. DUO is required for all current FDU students. Please follow the steps below.

Install Duo Mobile App

The DUO app is available for mobile phones and iPads. You can directly access the Duo Mobile Security App at the links below.

Activate your DUO Account

NOTE: This step requires a Desktop or Laptop browser.

1. In a Desktop or Laptop browser visit the DUO Management Portal to begin the activation process by enrolling your device. Activation requires scanning a QR code with the Duo app’s built-in scanner

2. Duo prompts you to enroll the first time you visit the DUO Management Portal using a browser or a client application that shows the interactive Duo web-based prompt

Supported Browsers: Chrome, Firefox, Safari, Edge, Opera, and Internet Explorer 8 or later. Some browsers do not support all of Duo’s authentication devices (for example, Security Keys won’t work with Internet Explorer). For the widest compatibility with Duo’s authentication methods, we recommend recent versions of Chrome and Firefox.

3. Click “Start setup” to begin enrolling your device

4. Select the type of device you’d like to enroll and click “Continue“. We recommend using a smartphone for the best experience, but you can also enroll iOS/Android tablets

5. Select your country from the drop-down list and type your phone number. Use the number of your smartphone or cell phone that you installed the Duo Mobile Security App on in the Step 1

6. Double-check that you entered it correctly, check the box, and click “Continue“

NOTE: If you’re enrolling a tablet you aren’t prompted to enter a phone number.

7. Choose your device’s operating system and click “Continue“.

8. Click “I have Duo Mobile installed”

• If you have not completed installing the Duo Mobile App in Step 1 please complete now by following the platform-specific instructions on the screen. After installing the app return to the enrollment window

9. Activating the app links it to your account so you can use it for authentication

10. On iPhone, Android, and Windows Phone activate Duo Mobile by scanning the barcode with the app’s built-in barcode scanner. Follow the platform specific instructions for your device:

11. The “Continue” button is clickable after you scan the barcode successfully

• Can’t scan the barcode? Click “Or, have an activation link emailed to you instead” and follow the instructions

12. Once activated click “Continue” to complete registration

Configure Device Options (Optional)

1. You can use Device Options to give your phone a more descriptive name, or you can click “Add another device” to start the enrollment process again and add a second phone or another authenticator

• If this is the device you’ll use most often with Duo then you may want to enable automatic push requests by changing the “When I log in:” option and changing the setting from “Ask me to choose an authentication method” to “Automatically send this device a Duo Push” and click “Save“. With one of the automatic options enabled Duo automatically sends an authentication request via push notification to the Duo Mobile app on your smartphone.

2. Your device is ready to approve Duo push authentication requests. Click “Send me a Push” to give it a try. All you need to do is tap “Approve” on the Duo login request received at your phone

With DUO activated on your account, and with your device enrolled, you are ready to use DUO. When logging in, you will have two authentication options. Review the options below to determine what works best for you.

TIPS: We recommend the push notification to your smartphone, it’s the easiest. You can also check the box “Remember Me for 60 Days” to only perform the authentication once every two months on that device.

---

Authentication Options

There are four ways you can use DUO:

Push	Preferred Method Once the DUO mobile app is installed, you can select “Push” to receive a DUO notification on your smartphone. Open the notification, and you’ll see a green checkmark, and a red X. Simply tap the “Green Checkmark” to gain access. VPN users select the number corresponding to Push or type push (Users with multiple devices will need to include a number indicating desired device i.e. push2).
Passcode	Once the DUO mobile app is installed, you can use the DUO mobile app to generate passcodes. This option does not require wifi or data, so this is a great option if you’re traveling or if you have limited or no cell/Internet service. Open your DUO mobile app, tap the FDU logo and it will reveal a passcode. During login, choose the enter a passcode option, enter the code and you’re in.
SMS Passcode (Faculty/Staff)	You can receive a one-time use code via text message. To get your one-time code click Enter Passcode, then click on the blue button “Text me new codes.” These codes do not expire, and they are valid until used. You do not have to have a smartphone for this option. Click Send codes to get a new batch of passcodes texted to your phone. VPN users select the number corresponding to SMS passcode or type sms (Users with multiple devices will need to include a number indicating desired device i.e. sms2).
Call Me (Faculty/Staff)	Click the Call Me button on the Duo Prompt and Duo will call your phone. The status bar at the bottom of the Duo Prompt updates at each step of the process. VPN users select the number corresponding to Phone Call or type phone (Users with multiple devices will need to include a number indicating desired device i.e. phone2).

If you do not have your device with you, don’t worry. You can contact the Fairleigh Dickinson University Technical Assistance Center (UTAC) for a temporary passcode. These passcodes can be entered in the DUO prompt on your computer.

---

How Do I Change Settings or Enroll Another Device?

To change settings or enroll another device, visit DUO Management Portal or any DUO-supported application. When you get to the DUO prompt, click the “Settings” button and choose to add a new device or access your settings.

Duo Two-Factor Authentication

DUO two-factor authentication adds a second layer of security to your FDU NetID. It requires two factors to verify identity. These factors include something you know – your FDU NetID and password, and something you have – a phone or passcode, to authenticate and gain access to your account on FDU services. Passwords alone no longer provide adequate protection against cyber hacking. DUO is required for all current FDU students. Please follow the steps below.

Install Duo Mobile App

The DUO app is available for mobile phones and iPads. You can directly access the Duo Mobile Security App at the links below.

1. In a Desktop or Laptop browser visit the DUO Management Portal to begin the activation process by enrolling your device. Activation requires scanning a QR code with the Duo app’s built-in scanner

2. Duo prompts you to enroll the first time you visit the DUO Management Portal using a browser or a client application that shows the interactive Duo web-based prompt

Supported Browsers: Chrome, Firefox, Safari, Edge, Opera, and Internet Explorer 8 or later. Some browsers do not support all of Duo’s authentication devices (for example, Security Keys won’t work with Internet Explorer). For the widest compatibility with Duo’s authentication methods, we recommend recent versions of Chrome and Firefox.

3. Click “Start setup” to begin enrolling your device

4. Select the type of device you’d like to enroll and click “Continue“. We recommend using a smartphone for the best experience, but you can also enroll iOS/Android tablets

5. Select your country from the drop-down list and type your phone number. Use the number of your smartphone or cell phone that you installed the Duo Mobile Security App on in the Step 1

6. Double-check that you entered it correctly, check the box, and click “Continue“

NOTE: If you’re enrolling a tablet you aren’t prompted to enter a phone number.

7. Choose your device’s operating system and click “Continue“.

8. Click “I have Duo Mobile installed”

• If you have not completed installing the Duo Mobile App in Step 1 please complete now by following the platform-specific instructions on the screen. After installing the app return to the enrollment window

9. Activating the app links it to your account so you can use it for authentication

10. On iPhone, Android, and Windows Phone activate Duo Mobile by scanning the barcode with the app’s built-in barcode scanner. Follow the platform specific instructions for your device:

11. The “Continue” button is clickable after you scan the barcode successfully

• Can’t scan the barcode? Click “Or, have an activation link emailed to you instead” and follow the instructions

12. Once activated click “Continue” to complete registration

1. You can use Device Options to give your phone a more descriptive name, or you can click “Add another device” to start the enrollment process again and add a second phone or another authenticator

• If this is the device you’ll use most often with Duo then you may want to enable automatic push requests by changing the “When I log in:” option and changing the setting from “Ask me to choose an authentication method” to “Automatically send this device a Duo Push” and click “Save“. With one of the automatic options enabled Duo automatically sends an authentication request via push notification to the Duo Mobile app on your smartphone.

2. Your device is ready to approve Duo push authentication requests. Click “Send me a Push” to give it a try. All you need to do is tap “Approve” on the Duo login request received at your phone

With DUO activated on your account, and with your device enrolled, you are ready to use DUO. When logging in, you will have two authentication options. Review the options below to determine what works best for you.

TIPS: We recommend the push notification to your smartphone, it’s the easiest. You can also check the box “Remember Me for 60 Days” to only perform the authentication once every two months on that device.

There are two ways you can use DUO:

Push Notification

Once the DUO mobile app is installed, you can select to receive a DUO notification on your smartphone. Open the notification, and you’ll see a green checkmark, and a red X. Simply tap the “Green Checkmark” to gain access.

Passcodes

You can use the DUO mobile app to generate passcodes. This option does not require wifi or data, so this is a great option if you’re traveling or if you have limited or no cell/internet service. Open your DUO mobile app, tap the FDU logo and it will reveal a passcode. During login, choose the enter a passcode option, enter the code and you’re in.

If you do not have your device with you, don’t worry. You can contact the Fairleigh Dickinson University Technical Assistance Center (UTAC) for a temporary passcode. These passcodes can be entered in the DUO prompt on your computer.

To change settings or enroll another device, visit DUO Management Portal or any DUO-supported application. When you get to the DUO prompt, click the “Settings” button and choose to add a new device or access your settings.

Virtru email encryption is the preferred method to send and view encrypted emails and files with your FDU email address. Available for FDU Faculty and Staff upon request. Click the link below to request access to Virtru Email Encryption.

The Virtru Email Encryption Tutorial will help users navigate installation, basic use, different usage scenarios, and common technical questions.

Alternative Approved Methods for Encryption

If you are not approved for Virtru email encryption, the articles below are alternative, FDU OIRT and DSIRT approved methods for encrypting Microsoft Office and Adobe PDF files and comply with the University WISP.

Follow these easy to use instructions for encrypting Word, Excel, and Acrobat files using built-in features.

1. For Word and/or Excel files, first click on File on the upper left-hand corner

2. Under the Info tab, click on Protect Document for Word and Protect Workbook for Excel followed by Encrypt with Password

3. Enter a password in the pop-up window. Re-enter the password in the next window to confirm

4. The below message will confirm your document has been password-protected

5. To open a password-protected file, double-click on the file and enter the created password

1. Select Tools on the Navigation Tab and then select Protect

2. On the Protect Tab select Encrypt

3. Select Encrypt with Password. Then select Yes on the security pop-up window

4. Check Require a Password to Open the Document and then choose a strong password. Under compatibility, choose Acrobat X and later to change the encryption method to 256-bit.

5. Confirm the password when requested. Please note that the document WILL NOT be fully encrypted until it is saved

6. To open the file, double-click the file and enter the created password.

In the past, website subscriptions and renewals were approved by University Systems and Security (USAS), as the department held the role of both Information Security and Networking. An email would be sent to the department, and approval would be gained via an email response.

With the separation of Information Security from University Systems and Networking (USAN), a new process has been created to better serve those within the FDU community that utilize external websites for services.

Moving forward, requests for website subscriptions and renewals should be requested through this form below:

If information is missing, a representative of UTAC might reply inquiring more about the request. When all information has been gathered, the ticket will be forwarded to our Information Security Officer. They will review the request, engage the Networking team if necessary, and then either approve or deny the request (via email response) or inquire further, before closing out the ticket.

We hope this new process will help identify, track, and move requests quickly through the process.

Virtru email encryption is a security enhancement to FDU’s Office 365 and Microsoft Outlook email environment, which provides Faculty and Staff the option of sending and receiving encrypted emails using their FDU email account.

Section – About

Part : About Virtru Email Encryption

What is Virtru Email Encryption

Virtru email encryption is a security enhancement to FDU’s Microsoft Office 365 and Microsoft Outlook email environment, which provides Faculty and Staff the option of sending and receiving encrypted emails using their FDU email account. Virtru for the Microsoft Outlook desktop email client is available for installation for approved FDU Faculty and Staff via the FDU Self Service Portal for Software on Windows 10 desktops and laptops owned by the University.

Virtru Email Client

The Virtru client provides a seamless experience when using the Microsoft Outlook desktop client. The Virtru Outlook plugin is only available on university laptops or desktops running Microsoft Windows.

Virtru for Office365

All Apple macOS users and users who access their FDU email through Office 365 can use Virtru email encryption to send sensitive information electronically.

What is Virtru Secure Reader?

Virtru’s Secure Reader is a platform that can be accessed within FDU’s Outlook on the Web (office365.fdu.edu) and right on your web browser by clicking the “Unlock Message” button in your Virtru secured email. From there, all you have to do is quickly validate you are an authorized recipient of that email or file. Once complete, you can read and reply to the secure email directly in your browser.

A secure message encrypted by Virtru will have a few key components, including a short unencrypted message from the sender, and a button that says “Unlock Message”.

Request Form

To obtain access to Virtru in order to send encrypted emails, you must fill out the request from below:

For additional support, please contact the Fairleigh Dickinson University Technical Assistance Center (UTAC).

Section – Installation and Activation

Part : Installing Virtru onto a University PC

Installing Virtru onto a University PC

Part : Activating Virtru on a University PC

Activating Virtru on a University PC

1. When you open Microsoft Outlook after the Virtru has been installed, you will be prompted to activate your Virtru plugin. Click “Activate“ to begin. You may choose “Later” if you do not wish to activate at this time

2. You will be presented with a list of FDU email accounts configured to use in Microsoft Outlook. If your Microsoft Outlook application is associated with multiple email accounts, click on only those you will need to use Virtru email encryption. Then click “Continue“

3. After selecting the proper accounts, you will have the choice of signing in with FDU’s email provider (Microsoft Office 365) or choosing to receive an activation email. Choose “Sign in with Office 365“

Activating Virtru through Office 365 Sign in

1. Enter your FDU NetID credentials when prompted and proceed through the FDU Single Sign-on webpage, including completing Duo Multi-Factor authentication. If you experience issues, choose to “Send me an activation email” and follow the directions given below in item

Activating Virtru through Activation Email

1. If you are unable to activate your account(s) using “Sign in with Office 365,” choose to “Send me an activation email.” The process will take a few moments to complete in the background

2. During this process, Virtru will send a unique email from noreply-activation@virtru.com to your mailbox. The Virtru plugin will search for this email in your inbox. When the activation email is found, Virtru will automatically delete the email from your email inbox, and the Virtru plugin will complete the activation

If your activation does not automatically complete in a few minutes, please contact the Fairleigh Dickinson University Technical Assistance Center (UTAC).

Activating from the Virtru Menu

If you have disabled automatic activations, you can still activate Virtru on your account(s) at any time.

1. Select the ‘Virtru‘ menu tab from the top bar of the main Microsoft Outlook window

2. Choose “Authorize Accounts” or “Options“

3. If you select “Options,” go to the ‘Account Activation‘ menu tab, select your FDU email account, and click on “Activate Selected“

4. You will then follow the activation process already illustrated above in “Activating Virtru through Office 365 Sign-on“ or “Activating Virtru through activation email” described above

Part : Re-enabling a Virtru Account

Re-enabling a Virtru Account

FDU Virtru users will occasionally be required to reactivate their Virtru add-in due to the following:

• You’ve cleared your registry
• Your Virtru activation status has expired. For security purposes, Virtru will invalidate your activation status every
  • 120 days for users accessing their own mailboxes
  • 10 days for users accessing shared or delegated mailboxes
• You are using Virtru on a new machine

You are automatically prompted when you need to re-activate. You can also proactively reactivate at any time via the ‘Virtru’ menu tab. This process was described above in “Activating from the Virtru Menu.”

Reset Activations

If you wish to fully deactivate all accounts in Microsoft Outlook, you can do so from the ‘Virtru’ menu tab:

1. Click on the ‘Virtru‘ menu tab at the top of your Microsoft Outlook window and select “Debug Log“

2. Click on the ‘Debug Commands‘ menu tab option and select the “Reset Activations (clears registry only)” option

3. Click “Yes” and then “OK” to confirm the changes

4. From the ‘Virtru‘ menu tab, you can reauthorize by clicking on “Authorize Accounts“

Part : Virtru Walkthrough Video

Virtru Walkthrough Video

Section – Virtru for Microsoft Outlook

Part : Send a Virtru-encrypted Email in Outlook

Send a Virtru-encrypted Email in Outlook

With Virtru, you can easily protect your emails by encrypting messages and attachments in a few simple clicks.

1. Left-click “New Email” from the main Outlook window

2. Open the ‘Message‘ menu tab and left-click the “Virtru button” to turn “Virtru ON.” The button should turn blue and read “Virtru ON”

3. Add recipients, a subject, the body of the email, and any relevant attachments

4. When your message is ready, click “Send.” You should see a brief animation letting you know that the message is “Encrypting” before it is fully sent

FDU Virtru-encrypted Email Introduction for Recipients

FDU includes a standardized introduction to inform the recipient that they are viewing a Virtru-encrypted email. Below is an example of what the recipient will see. If you have updated the introduction, it will be reflected accordingly

Personal Virtru-encrypted Email Introduction for Recipients

You can also set a one-time, unencrypted personal introduction for the message to either clarify the introduction of Virtru to the recipient or provide some context about the email. Left-click the “Personal Introduction” menu button in your email draft window.

Section – Virtru for Microsoft Office 365

Part : Send a Virtru-encrypted Email on Microsoft Office 365

Send a Virtru-encrypted Email on Microsoft Office 365

With Virtru, you can easily protect your emails by encrypting messages and attachments in a few simple clicks. To send Virtru encrypted emails from your Microsoft Office 365 email acount, simply prepend the subject line of your email as follows:

#secure#

Virtru-encrypted Email Recipient Experience

The recipient will receive an email that looks like this:

Part : Read a Virtru Encrypted Email on Microsoft Office 365

Read a Virtru Encrypted Email on Microsoft Office 365

In this article, we’ll show you how to quickly access and read your Virtru-secured message or attachment within Microsoft Office 365 using Virtru’s Secure Reader.

How to Access and Read your Message

1. Login to FDU’s Microsoft Office 365 web portal using any web browser. Enter your FDU NetID credentials

2. Open the Virtru-secured email in your inbox and left-click “Unlock Message.” A new tab will open

3. When prompted, select your FDU email address

4. Choose how you’d like to verify your identity
   • Microsoft Office 365 users can use their FDU NetID credentials to log into the Secure Reader using “Sign In with Microsoft.” If you choose this route, you can skip step #5 below.
   • Alternatively, users may choose “Or sign-in with a one-time verification link.”

5. If you selected “Or sign-in with a one-time verification link,” check your inbox for your verification email. It will come from verify+xxxxxxxx@virtru.com (with each “x” being a digit). Open the verification email and left-click “View Message” to open your message

6. Your message will open the Virtru Secure Reader in a new tab in the browser. You will also be able to view and access attachments at this time

For a variety of reasons, some recipients may occasionally receive an error message when trying to open a secure email or attachment. If you are having problems accessing your secure email and/or files, please contact the Fairleigh Dickinson University Technical Assistance Center (UTAC) for assistance.

Part : Reply to a Virtru Encrypted Email on Microsoft Office 365

Reply to a Virtru Encrypted Email on Microsoft Office 365

In this article, we’ll show you how to quickly reply to your Virtru-secured message or attachment within Microsoft Office 365 using Virtru’s Secure Reader.

How to Reply to a Secure Message

1. Login to FDU’s Microsoft Office 365 web portal using any web browser. Enter your FDU NetID credentials

2. After successfully opening the Virtru-secured message, to send a “Secure Reply,” scroll down the page below the main message, or click the icon in the top right with the arrow pointing to the left. You may also click on the arrow next to it to reveal additional options such as “Secure Reply All“

3. Attachments can be added by clicking “Add Attachment.” These attachments will be sent securely as well

4. When you are ready to send your email, hit the “Secure Send” button. Both you and all applicable recipients will receive a copy of your reply. Please note that your secure reply will be sent from secure-reply@virtru.com

Part : Viewing a Secure File or Attachment on Microsoft Office 365

Viewing a Secure File or Attachment on Microsoft Office 365

This article covers the different options you have for viewing and downloading secure attachments and files within Microsoft Office 365 using Virtru’s Secure Reader. Depending on the type of attachment you’ve received, you can view your file directly in the Virtru Secure Reader or download the file to your computer. The Virtru Secure Reader can preview various file types, including PDF, Word documents, most image files, and plain text files.

Viewing Directly in the Secure Reader

1. Login to FDU’s Microsoft Office 365 web portal using any web browser. Enter your FDU NetID credentials

2. If you’ve received an attachment in a Virtru secured email or an encrypted file that was shared directly with you, you can hover over the file name and choose “View” or “View Protected file” to view the attachment right in your web browser

Downloading Unsupported File Types

If you’ve received a file that cannot be previewed in the Virtru Secure Reader, you will be prompted to download that file directly. There will be no “View” option.

Printing Attachments in the Secure Reader

You can print a document from the Secure Reader by selecting the menu under the “Download “button and then selecting “Print.” You may also choose to download it first, then open and print via a preferred program on your computer.

Section – Additional Resources

Part : Using the Virtru Dashboard for Microsoft Office 365 Users

Using the Virtru Dashboard for Microsoft Office 365 Users

Users who access their FDU email through the Microsoft Office 365 web portal and all Apple macOS users will need to use the Virtru Dashboard to manage all of Virtru’s security options.

1. To use the Virtru Dashboard, click the link below:

2. Choose “Sign in with Office365“, and skip to Step 5. If you choose to request a one-time verification link, enter your FDU email address and click on “Submit“

3. If you request the one-time verification link, you will receive an email from Verify for Virtru, as shown below. If you are using different web browsers, such as Google Chrome or Mozilla Firefox, it will be reflected in the email message accordingly

4. Click “Verify me” and choose “Copy Link Location.” Open a new browser tab and paste the link location into the URL space. Hit the “Enter” or “Return” key on your keyboard

5. When you log in to the Virtru Dashboard for the first time, you will see the message below. Left-click “OK, GOT IT!“

6. You will now be able to view Virtru encrypted emails or files you have sent, as well as open the ‘Settings‘ menu tab to set behaviors for your Virtru account

Part : Manage Virtru’s Expiration Date Security Option in Outlook

Manage Virtru’s Expiration Date Security Option in Outlook

In addition to encrypting messages and files, Virtru users have the ability to apply additional security settings to protected content. Among these settings is the option to apply an “Expiration Date” to an encrypted email or file.

Typically, if a Virtru email recipient receives an encrypted message or file, they can indefinitely access that content. However, as the owner of that content, you can restrict access after a particular point in time. If a recipient tries to access the content after expiration, they will receive a prompt indicating their access is expired.

Part : Manage Virtru’s Expiration Date Security Option in the Virtual Dashboard

Manage Virtru’s Expiration Date Security Option in the Virtru Dashboard

In addition to encrypting messages and files, Virtru users have the ability to apply additional security settings to protected content. Among these settings is the option to apply an “Expiration Date” to an encrypted email or file.

Typically, if a Virtru email recipient receives an encrypted message or file, they can indefinitely access that content. However, as the owner of that content, you can restrict access after a particular point in time. If a recipient tries to access the content after expiration, they will receive a prompt indicating their access is expired.

Part : Manage Virtru’s Disable Forwarding Security Option in Outlook

Manage Virtru’s Disable Forwarding Security Option in Outlook

In addition to encrypting messages and attachments, Virtru users have the ability to apply additional security settings to protected content. Among these settings is the option to apply “Disable Forwarding” to a Virtru-encrypted email.

Typically, if a Virtru plugin for Microsoft Outlook user receives an encrypted message, they can use Virtru to forward the email to a new party. This will add the new recipient as an authorized user and allow them to unlock the message. “Disable Forwarding,” however, ensures that your recipients can access the encrypted content but will stop any additional users from gaining access to the message. If the original recipient passes the email to a new party, then the new user will not be added as an authorized user and will not be able to unlock the message.

Part : Manage Virtru’s Disable Forwarding Security Option in the Virtru Dashboard

Manage Virtru’s Disable Forwarding Security Option in the Virtru Dashboard

In addition to encrypting messages and attachments, Virtru users have the ability to apply additional security settings to protected content. Among these settings is the option to apply “Disable Forwarding” to an encrypted email.

Part : Manage Virtru’s Watermarking Security Option in Outlook

Manage Virtru’s Watermarking Security Option in Outlook

In addition to encrypting messages and attachments, Virtru users have the ability to apply additional security settings to protected content. Among these settings is the option to apply “Watermarking” to an encrypted file.

Typically, if a Virtru recipient receives an encrypted file, they can preview the file in the Virtru Secure Reader and download a decrypted copy locally. When “Watermarking” is applied to a secure file, recipients will only have access in the Secure Reader and will see their email address watermarked across the document.

The addition of the watermark is visible but transparent enough not to obscure the contents of the file when viewed. A recipient will not be able to download a local decrypted copy of the file.

This feature can be applied using the Virtru plugin for Microsoft Outlook or the Virtru Dashboard. It supports the following common file types:

• Microsoft Office documents: .docx, .pptx, .xlsx
• Common image file formats: .jpeg, .png
• PDF documents

Part : Manage Virtru’s Watermarking Security Option in the Virtru Dashboard

Mange Virtru’s Watermarking Security Option in the Virtru Dashboard

In addition to encrypting messages and attachments, Virtru users have the ability to apply additional security settings to protected content. Among these settings is the option to apply “Watermarking” to an encrypted file.

Typically, if a Virtru recipient receives an encrypted file, they can preview the file in the Virtru Secure Reader and download a decrypted copy locally. When “Watermarking” is applied to a secure file, recipients will only have access in the Secure Reader and will see their email address watermarked across the document.

The addition of the watermark is visible but transparent enough not to obscure the contents of the file when viewed. A recipient will not be able to download a local decrypted copy of the file.

This feature can be applied using the Virtru plugin for Microsoft Outlook or the Virtru Dashboard. It supports the following common file types:

• Microsoft Office documents: .docx, .pptx, .xlsx
• Common image file formats: .jpeg, .png
• PDF documents

Part : Revoke Virtru Encrypted Content in Outlook

Revoke Virtru Encrypted Content in Outlook

When a Virtru user sends encrypted content, they have full control over access to the message(s) and/or file(s). Even if a recipient receives encrypted content, the sender has the ability to revoke (or reauthorize) access at any time. Virtru even allows the sender to revoke access to specific recipients.

Part : Revoke Virtru Encrypted Content in the Virtru Dashboard

Revoke Virtru Encrypted Content in the Virtru Dashboard

When a Virtru user sends encrypted content, they have full control over access to the message(s) and/or file(s). Even if a recipient receives encrypted content, the sender has the ability to revoke (or reauthorize) access at any time. Virtru even allows the sender to revoke access to specific recipients.

Part : Using Virtru’s Persistent File Protection (PFP) Security Option

Using Virtru’s Persistent File Protection (PFP) Security Option

In addition to encrypting messages and attachments, Virtru users have the ability to apply additional security settings to protected content. Among these settings is the option to apply “Persistent File Protection (PFP)” to an encrypted file.

PFP provides a secure file container that is portable, universally accessible, and built on top of open standards. Regardless of where files are stored, PFP allows you to select, protect, and share a file with anyone while maintaining full visibility into how it is being used and retaining the ability to revoke access at any time. Any file protected with PFP will convert into the .tdf.html file format. This ensures that the contents are only accessible in Virtru’s Secure Reader, and only authorized parties can view it.

This feature can be applied using the Virtru plugin for Microsoft Outlook on Windows Operating Systems only. It supports the following common file types:

• Microsoft Office documents: .docx, .pptx, .xlsx
• Common image file formats: .jpeg, .png
• PDF documents