Fairleigh Dickinson University provides an extensive array of technological resources and services tailored for our students. This guide is designed to assist students in navigating and utilizing these tools effectively, ensuring they can easily set up, access, and manage their accounts, while also offering comprehensive information on each service.

ID and Email

Academic Systems

Webcampus is a course content management system. FDU’s Webcampus is also known as the Blackboard System. On-line courses are taught through this system which also allows for interaction between the student and faculty member as well as on-line class discussions.

To learn more about how to access Webcampus, review the guide below:

Self-Service is an interactive web application that enables students to view their individual information contained in FDU’s Student Information System. Students can use Self-Service to do things like view their financial aid, pay their bills, and register for classes.

Review the Tutorial below to learn how to use Self Service:

Connectivity

Using your FDU NETID, you can connect to the FDU Wireless Network. For instructions view the links below:

Security

Understanding and implementing cybersecurity measures is crucial for protecting your personal and institutional information. This section provides essential resources to help you navigate the landscape of cyber threats.

Stay safe online by reviewing the articles below:

Software

Fairleigh Dickinson University has both licensed and open-source software, that is offered for academic and/or personal use for students. The links below point out to commonly used software, both licensed and open source, that are offered for academic and/or personal use to all Fairleigh Dickinson University faculty, staff and students.

In our digital learning environment, mastering online tools is essential for academic success. These resources are designed to guide you through the process of engaging in classes virtually via Zoom and accessing your files on OneDrive.

Printing and Labs

Computing Services has multiple computer labs available on both New Jersey Campuses for classroom instruction and student use.

FDU also provides remote access to many of the software applications typically found in university computer labs through our platform FDU Anywhere. You can access it using your FDU NetID credentials using the link below:

FDU Anywhere

Review the FDU Anywhere Tutorial below to learn how to use our virtual labs:

For any IT related questions and support, contact our Fairleigh Dickinson University Technical Assistance Center (UTAC):

SAMI Support

What’s SFTP and SCP?

Secure File Transfer Protocol (SFTP) is a file protocol for transferring large files over the web. It builds on the File Transfer Protocol (FTP) and includes Secure Shell (SSH) security components. This term is also known as Secure Shell (SSH) File Transfer Protocol. Secure copy protocol (SCP) is another method to securely transfer files between a your local PC and a remote host or between two remote hosts. It is also based on the Secure Shell (SSH) protocol.

Linux / Mac

If you are running a Linux or Mac computer, SFTP and SCP clients are already installed, so you don’t need to download anything using those OS. You can open up a terminal window and run the either command like below to connect to a remote Linux server.

sftp username@opus.fdu.edu

or

scp filename username@132.238.2.116:

Windows

Option 1: Use WinSCP (Recommended)

You will need to download and install WinSCP:

Download WinSCP

1. Launch the WinSCP program
   
2. In the login window, click “New Site“
   

3. Fill out the information as follows:
   • Host name: Enter opus.fdu.edu
   • User name: (username on FDU Linux servers will be the part of your FDU NetID to the left of the @ sign)
     
4. Click “Advanced…”
   • Select “Environment > SFTP” and enable “Allow SCP fallback“
     

5. Click “OK“
   
6. Click “Save“, enter a name for the connection, and click “OK“
   
7. In the WinSCP login window, select the connection name and click “Login“

Option 2:

Install Putty, which also includes PSCP (SCP for Windows) and SFTP (SFTP for Windows):

Download Putty

​Please select the latest version of MSI (‘Windows Installer’) for your computer (32-bit or 64-bit)

Optionally you may choose to download only “pscp.exe“(SCP for Windows) or “psftp.exe” (SFTP for Windows) and copy into the folder where you need to use it.

Once you have installed your program of choice, you’ll be able to launch each command from the Command Line of Windows.

pscp -P 22 filename username@opus.fdu.edu:

psftp username@opus.fdu.edu

Accessing the Opus server

The Opus server can be access using secure transport protocols such as SSH and SFTP. Access is only allowed from campus networks. All off campus users will need to access Opus using FDU’s Virtual Private Network (VPN) to use the Opus server

What’s SSH?

SSH stands for Secure Shell, which was invented in 1995 to replace the insecure Telnet (Telecommunication Network). It’s now the primary way for system administrators to securely log into remote Linux servers over the public Internet. Although it looks and acts the same as Telnet, all communications over the SSH protocol are encrypted to prevent packet sniffing.

Linux / Mac

If you are running a Linux or Mac computer, SSH client is installed by default. You can open up a terminal window and run the ssh command like below to connect to a remote Linux server.

ssh username@opus.fdu.edu

or

ssh username@132.238.2.116

Now let’s discuss how to use SSH on Windows.

Windows

Method 1: Windows 10’s Built-in SSH Client

The Microsoft PowerShell team decided to port OpenSSH (both the client and the server) to Windows in 2015. It finally arrived in Windows 10’s Fall Creator Update in 2017 and is enabled by default in the April 2018 Update.

To use the OpenSSH client on Windows 10, simply open a PowerShell window or a command prompt window and run the ssh command. For example, if I want to connect to the Opus Linux server on the FDU network, I would run

ssh username@opus.fdu.edu

username on FDU Linux servers will be the part of your FDU NetID to the left of the @ sign (username@fdu.edu becomes just username) and opus.fdu.edu is name the Linux server you want to access (The IP address of the Linux server can also be used). The first time you connect to a Linux computer, you will be prompted to accept the host key. Then enter your password to login. After login, you can run Linux commands to do tasks.

To log out from the Linux box, run the “exit” command or press “Ctrl+D“.

The default font size in PowerShell Window is very small. To change it, right-click the titlebar and select properties, then you can change the font size, and the background color.

Method 2: Use SSH in Windows Subsystem for Linux

Windows Subsystem for Linux (WSL) enables you to run native Linux command-line tools directly on Windows 10. If you are a system administrator, WSL is probably an overkill for just using SSH because it would install and run a Linux distro (without graphical user interface) on your Windows 10 desktop. WSL is created for web developers or those who need to work on open-source projects. You can use not only SSH but also other Linux command line tools (Bash, sed, awk, etc).

Open the Microsoft Store and enter “WSL” in the search box. Select Run Linux on Windows and install a Linux distro of your choice.

For example, I choose “Ubuntu” and click the “Get” button to install it.

Once your Linux distro is installed, open the Control Panel and select Programs => Turn Windows features on or off. Tick on the checkbox of Windows Subsystem for Linux to enable this feature. (You may need to reboot your Windows PC for this change to take effect.)

Next, you can launch the Linux distro from the start menu by search the distro’s name. The first time you launch it, you need to create a user and set a password.

After that, you can use the ssh command like below to connect to a Linux server or PC that runs a SSH server.

ssh username@opus.fdu.edu

Method 3: Use Putty

Putty is a well-known and the most popular SSH client on Windows before the arrival of Windows OpenSSH client and Windows Subsystem for Linux. To use SSH with Putty, you need to download the Putty program from the official website and install it.

Launch Putty from the Start menu. Then enter the IP address or hostname of the Linux box and click the Open button to connect to it.

Accept the host key and you will be prompted to enter the username and password.

Introduction

This document provides information about the use of the FDU Shared Drive Management Portal. It describes navigation of the website in detail to facilitate proper use of this resource.

Logging In

To access the Shared Drive Management Portal, navigate to this URL to login: sharemanagement.fdu.edu

Once you have logged in with your NetID, you will see a list of the shares you own or have been given authorization to manage in the left‐hand column. If you are the owner of the share, your name will appear in the panel on the right side under “Shared Drive Owner”. If you are not the share owner, your name will be listed on the right side panel under “Delegated Administrator”. To switch between shares you manage, select the appropriate share name from the list in the left side panel.

Adding Members and Delegated Administrators

To add a member to the share, click on the down‐arrow at the right of the “Add User to Share” button and choose the type of user you would like to add from the drop‐down menu. You can choose from Employee, Administrator, or Student. Then, enter either the last name or the FDU NetID of the person you would like to add into the text box. If more than one name appears, choose the person you want to add.

A pop‐up window will appear asking you to confirm or cancel the add.

The individual’s information will be added to the list of members at the bottom of the page. When you add Delegated Administrators, they will appear in the list to the right, and the Owners/Administrators count will increase. It is important to note that Delegated Administrators can not add additional Delegated Administrators.

As you add more members or Delegated Administrators, the count of members for each will increase. When viewing members of a share, the “Number of rows:” menu can be used to select 12, 24, 36, or All rows to view.

Currently, all Shared Drive Members are granted Read/Write access to the contents of the Share. Future updates to this application will allow you to choose Read Only or Read/Write access rights to each new Member. Meanwhile, the Share Owner can contact University Systems and Networking at help@fdu.edu to request Read Only access for a new member.

From time to time, a Share Owner or Delegated Administrator might try to add a new member to a drive to which an existing drive letter cannot be assigned. If that happens, the following message will appear, and the Share Owner or Administrator will need to contact the Fairleigh Dickinson University Technical Assistance Center (UTAC) to have that member added.

Deleting Members

You will notice a check‐box to the left of each Administrator and Member of the share. To delete an Administrator or a Member, click the check‐box next to it. You can click on multiple check‐boxes. When you have selected all the Members or Delegated Administrators you wish to delete, click on the “Delete Selected Delegated Administrators” or “Delete Selected Members” button to delete all the selected Administrators/Members. The lists and the counters will be updated to reflect the change. It is important to note that Delegated Administrators can not delete other Delegated Administrators.

Downloading Members

To download a list of Shared Drive Members in .csv format, click on the “Download Members” button.

A new file will be placed in your Downloads folder called “ShareDriveMembers.csv”. When imported into a spreadsheet application, it will look similar to this (you will see the actual FDU NetID).

Requesting a New Shared Drive

To request a new Shared Drive, please follow the link below:

Google Takeout is a tool developed by Google that allows you to export and download a copy of various types of data currently stored in your Google account, such as Drive or Mail. You can store the data locally on your computer or upload it to another third-party cloud storage service. This document provides instructions for getting started with Google Takeout and using it in common scenarios.

Your export request can take anywhere from a few minutes to several days to process, depending on the type and amount of data being exported, and the number of users using the tool simultaneously.

Google provides this service “as is” and without administrative support. The IT department at FDU cannot diagnose or assist with problems you might encounter.

Getting Started

To begin, decide which types of data you want to export from your FDU Google account. For example, Google Takeout lets you pick which folders in Drive to export if you do not want to copy your entire Drive. In this case, organize the Drive files you want to export into folders you can easily select before starting the export process.

After deciding on the types of data you want to export and organizing them appropriately, you can proceed with logging in to the tool.

1. Go to Google Takeout using the link below (it is recommended to use the Google Chrome browser)

Google Takeout

2. Enter your “@student.fdu.edu” email address if prompted, then click “Next”
   • You will be redirected to the FDU NETID login, where you should log in with your FDU credentials and authenticate with two-factor authentication if prompted

Once logged in, Google services that have your data will be automatically selected on the Google Takeout page.

• If you want to manually pick and choose the data to export, follow the on-screen instructions

• For specific scenarios, refer to the sections that follow in this document, which provide instructions for exporting and downloading data from Google Drive, Mail, and other Google services like Calendar, Contacts, and Photos

Learn more about the data limitations in Google’s support documentation:

Google Takeout Documentation

If you want to export and download only your Google Drive files to your personal computer or other non-FDU storage services, follow these instructions:

1. Follow the instructions in the “Getting Started“
2. Click “Deselect all” in the upper-right corner of the Products section
3. Scroll down until you find “Drive” and then press the check box beside “Drive“
4. Click “Advanced settings,” then check both options under “Additional Files” and click “OK“
5. Click “All Drive data included”
   • You can keep all files and folders selected or select specific folders you prefer to export
   • Click “OK“

6. Scroll to the bottom and click “Next step“
7. Leave “Frequency” set to “Export once“
8. Adjust the “File type & Size” settings as needed (defaults are .zip and 2GB)
9. Click “Create export“

A confirmation of your choices and the expected start date for the export will be displayed.

Note on Drive Files

• For every file, you will notice a .JSON file. The .JSON file contains all the metadata for each file, including the creation date, modification date, and permission information. The file itself (not the .JSON one) does not contain the associated metadata except the creation date. (The .JSON format is a simple text format that can be read by any text editor or word processor)

Refer to “Download My Google Files” section below for additional information on what happens next and how to proceed after submitting your Takeout data export request.

To export your Google data to a personal (non-FDU) Dropbox account, follow these instructions:

1. Follow the instructions in the “Getting Started” section
2. Click “Deselect all” in the upper-right corner of the Products section
3. Scroll down and find “Drive” then check the box beside “Drive“
4. Click “Advanced settings“, then check both options under “Additional Files“
5. Click “OK“

6. Click “All Drive data included”
7. Choose the folders to export if necessary, then click “OK“
8. Select “Add to Dropbox” from the “Destination” drop-down menu
9. Leave “Frequency” set to “Export once“
10. Adjust the “File type & size” settings as needed (defaults are .zip and 2GB)
11. Click “Link accounts and create export“
12. Log in to your personal Dropbox to give Google access to export
    • After authorization, your export will either be “in progress” or “completed“

Refer to “Download My Google Files” section below for additional information on what happens next and how to proceed after submitting your Takeout data export request.

To export and download only your Google Mail to your personal computer:

1. Follow the instructions in the “Getting Started” section
2. Click “Deselect all” in the upper-right corner of the Products section
3. Scroll down and find “Mail” then check the box beside “Mail“
4. Click “All Mail data included”
   • You can keep all messages or select specific labels to export
   • Click “OK“

1. Scroll down and click “Next step“
2. Leave “Frequency” set to “Export once“
3. Adjust the “File type & size” settings if necessary (defaults are .zip and 2GB)
4. Click “Create export“

A confirmation and the expected start date for the export will be displayed.

Note on Google Mail

• Google Takeout provides email in the .MBOX format. The .MBOX format is a simple text format that can be read by any text editor or word processor (like Microsoft Word). This can be useful if you only need to keep your email for archival purposes. You can also import the .MBOX files into any third-party mail client that supports the format or special purpose programs for transferring email between accounts

Refer to “Download My Google Files” section below for additional information on what happens next and how to proceed after submitting your Takeout data export request.

If you want to export data from other Google services, such as Calendar, Photos, or Contacts follow these instructions:

1. Follow the instructions in the “Getting Started” section
2. Click “Deselect all” in the upper-right corner of the Products section
3. Scroll through the list and check the services whose data you’d like to include
4. Adjust settings for each service as needed:

Calendar

• Check the box beside “Calendar“
• Click “All calendars included“
• The tool will display all calendars you created in Google Calendar. You can either keep them all selected or click “Deselect all” and select specific calendars you’d prefer to export
• Click “OK“

Contacts

• Check the box beside “Contacts“
• Click “vCard format”
• The tool will give you the option to choose which file format you’d like to use to export your contacts. If you intend to use the export with macOS or iOS devices, then keep the default vCard format setting. Otherwise, click the drop-down menu and select “CSV” for use with Microsoft Outlook or another personal Google account
• Click “OK“

Photos

• Check the box beside “Google Photos“
• Click “All photo albums included”
• The tool will display all the albums you have in your account. You can either keep them all selected or click “Deselect all” and select specific albums you’d prefer to export
• Click “OK“

5. Scroll to the bottom and click “Next step“
6. Leave “Frequency” set to “Export once“
7. Adjust the “File type & size” settings as needed (defaults are .zip and 2GB).\
8. Click “Create export“

Note for Contacts

• Google Contact files will either be in the .VCF or .CSV file format, depending on which format you chose while going through the Takeout process
  
  • .VCF is best for macOS or iOS apps
  • .CSV is best for Microsoft Outlook or another personal Google account
    
• Your download may include multiple folders, representing different sources of contacts. Each folder will contain the images that are included with each contact (.JPG files) and a single .VCF or .CSV file containing the actual contacts
  
• Although the download includes the contacts’ profile pictures, they are not associated with the corresponding contacts and may or may not appear when you import the .VCF/.CSV files, which is dependent on the program that is importing them

Note for Google Photos

• For every file, you will notice a .JSON file. The .JSON file contains all the metadata for each file, including the creation date, modification date, and permission information. The file itself (not the .JSON one) does not contain the associated metadata except the creation date. (The .JSON format is a simple text format that can be read by any text editor or word processor)

A confirmation and the expected start date for the export will be displayed.

Refer to “Download My Google Files” section below for additional information on what happens next and how to proceed after submitting your Takeout data export request.

Download My Google Files

Your export request may take a few minutes to several days to complete. FDU IT has no control over this process. Wait until you receive an email from noreply@google.com (example below) with a link for downloading or viewing your data.

Ensure that your Google Takeout data matches the original data in your FDU Google account. If data is missing, you may retry the process or manually download your files.

As the demand for access by on-site vendors increases, Fairleigh Dickinson University has created a Vendor Access Policy for Networking and Computing. The intent of the policy is to define the categories of non-employees that are on our campuses and provide rules and guidelines around their networking & computing needs. All business units should utilize the Contract Review Process which has been instituted by the Office of the General Counsel prior to initiating any of the below processes. Fully executed contracts that have been reviewed and approved may be requested by members of OIRT prior to providing any access for the non-employees below.

Effective Date: 3/1/2023
Last Revision: 1/14/2024

Contractors/Consultants

The University employs individuals from companies that perform work on behalf of the University and expressly for the University. Examples could be an employee from a staffing agency working within IT to augment the staff in assisting with a series of projects, or an individual hired from an agency to work within Human Resources to assist in processing forms. These individuals are hired under contracts and are held tothe terms and conditions of those contracts. In most cases, working as part of the University, these individuals need computing functionality identical to those of university hired staff, as they are acting on behalf of the University & fulfilling a role specific to the University. All work done by these individuals is part of the university’s data property, and therefore, these individuals should be provided with University issued devices such as desktop/laptop computers, landline phone extensions, etc.

Individuals hired from companies outside of the University to conduct business on behalf of the University must meet the following guidelines and are provided with the following access:

1. The hiring manager or department head must complete an HR Personal Information Notice (PIN) to begin the process.
   
2. Contractors/Consultants will always be issued a University NetID in the format of Firstinitial.Lastname@v.fdu.edu.
   
3. Once the NetID has been created & communicated to the hiring manager, a Vendor Employee Technology Form must be completed if the contractor/consultant needs access to certain FDU systems. The form to be found in the Staff and Faculty Forms tile of SAMISupport.

SAMI Support

4. All Contractors/Consultants are required to complete the Written Information Security Program (WISP) training immediately after an account is provisioned. Validation of completion is needed within the first 30 days.
   
   1. WISP training reminder on day 15
   2. WISP training daily reminder every day after day 15
   3. Disable account day 30 with an email sent to the manager
      
5. All contractors/consultants must read and accept the following additional policies:
   1. Policy for the acceptable use of email
   2. Acceptable use policy for computer usage
   3. FDU alert policy
   4. Password policy
      
6. Contractors/Consultants will be able to sign up for FDU Alert through Colleague Self-Service. Instructions can be found here:

7. Contractors/consultants issued a university managed laptop/desktop are entitled to an email address without the vendor designation at the request of the hiring manager. This would be requested by the manager through the Vendor Employee Technology Form by clicking the “Convert Vendor NetID” box.

8. Contractors/consultants must be terminated at the end of their contract using the same methodology utilized for current faculty and staff. It is the unshared responsibility of the managing department to submit termination paperwork per the HR process for any contractor/consultant who had been issued a NetID.

Volunteers

The University utilizes volunteers in non-paying positions during the school year. Examples of these roles include but are not limited to preceptors & chaplains. These individuals do not need access to any University systems with the exception of email. As such, they need access to Internet services & email but they do not require an FDU managed laptop/desktop.

Volunteers must meet the following guidelines and are provided the following access:

1. Volunteers will be issued a NetID in the format of Firstinitial.Lastname@v.fdu.edu to be able to authenticate to FDU’s wireless network (and wired network in the future).
   
2. Volunteers are required to complete the Written Information Security Program (WISP) training immediately after an account is provisioned. Validation of completion is needed within the first 30 days.
   
   1. WISP training reminder on day 15
   2. WISP training daily reminder every day after day 15
   3. Disable account day 30 with an email sent to the manager
      
3. All volunteers must read and accept the following additional policies:
   
   1. Policy for the acceptable use of email
   2. Acceptable use policy for computer usage
   3. FDU alert policy
   4. Password policy
      
4. Volunteers will be able to sign up for FDU Alert through Colleague Self-service. Instructions can be found here:

5. All volunteer accounts will expire at the end of the fiscal year and must be renewed by their FDU manager by completing a PIN form.
   
6. Volunteers must be terminated at the end of their contract using the same methodology utilized for current faculty and staff. It is the unshared responsibility of the managing department to submit termination paperwork per the HR process for any contractor/consultant who had been issued a NetID.

On-Campus Vendors

The University outsources various functions to entities (Vendors) that operate independently but work exclusively on our campuses and provide services for our faculty, staff & students. These employees are individually managed by their corporate entities and are largely held accountable by their corporate management.

While on campus, employees of these vendors might need access to the Internet to interact with their corporate websites or communicate with their corporate managers. In many cases today and in most all cases in the future, these employees will need to authenticate through the University’s network in order to conduct their business. The University has established a process whereby the Fairleigh Dickinson University department responsible for that vendor completes the Human Resource forms necessary in order to create a non-employee record within our Colleague system.

Employees of on-campus vendors must meet the following guidelines and are provided the following access:

1. Vendor employees will be issued a NetID in the format of Firstinitial.Lastname@v.fdu.edu to be able to authenticate to FDU’s wireless network (and wired network in the future).

2. Vendor employees will be able to add their contact information to FDU Alert by sending an email to fdunotify@fdu.edu
   
3. All vendor employee accounts will expire at the end of the fiscal year and must be renewed by their FDU manager by completing a PIN form.
   
4. Vendor employees must be terminated through FDU’s systems when they either are removed from their assignment at Fairleigh Dickinson University or are terminated by their employer using the same methodology utilized for current faculty and staff. It is the unshared responsibility of the managing department to submit termination paperwork per the HR process for any contractor/consultant who had been issued a NetID.

Elevated Vendor Privileges

From time to time, the employee of an on-campus vendor might have justification for having access to FDU email or a need to access systems and/or applications that reside behind FDU’s firewalls. If such a case is identified, the FDU department responsible for that vendor would need to contact the Director of Systems with a formal request for additional vendor access. The FDU department must present solid business justification for the elevated access. The Director of Systems will review each request and either approve or reject the request based on business needs and security posture. The Director of Systems might consult with the Data Security & Incident Response Team before providing an answer.

Employees of on-campus vendors approved for elevated access must meet the following guidelines and are provided the following access:

1. Vendor employees will be issued a NetID in the format of Firstinitial.Lastname@v.fdu.edu to be able to access FDU’s wireless network (and wired network in the future).
   
2. All vendor employees are required to complete the Written Information Security Program (WISP) training immediately after an account is provisioned. Validation of completion is needed within the first 30 days.
   
   1. WISP training reminder on day 15
   2. WISP training daily reminder every day after day 15
   3. Disable account day 30 with an email sent to the manager.
      
3. Vendor employees will be able to sign up for FDU Alert through self-service. Instructions can be found here:

4. All vendor employees with elevated access must read the following additional policies:
   
   1. Policy for the acceptable use of email
   2. Acceptable use policy for computer usage
   3. FDU alert policy
   4. Password policy
      
5. If the vendor employee needs to access FDU systems and/or applications, issuance of a University managed laptop/desktop may be required. This would be at the expense of the requesting department.
   
6. Upon departmental request, vendor employees will only be provided access to the specific University Systems and applications approved by the Director of Systems.
   
7. All vendor employee accounts will expire at the end of the fiscal year and must be renewed by their FDU manager by completing a PIN form.
   
8. Vendor employees must be terminated through FDU’s systems when they either are removed from their assignment at Fairleigh Dickinson University or are terminated by their employer using the same methodology utilized for current faculty and staff. It is the unshared responsibility of the managing department to submit termination paperwork per the HR process for any contractor/consultant who had been issued a NetID.

FDU Vendor Access Policy for Networking & Computing.pdf Download

This Vendor Cybersecurity Assessment Form is designed to evaluate and assure the strength and comprehensiveness of the cybersecurity practices followed by our vendors. By completing this form, the FDU Point of Contact will help us to understand the existing cybersecurity measures better, identify potential areas of vulnerability, and maintain a reliable, secure network within our FDU ecosystem. This rigorous assessment is crucial in our broader cybersecurity strategy, minimizing risks and fortifying data security.

Fairleigh Dickinson University regularly hosts on-campus visitors requiring access to our wireless network. As a security measure, in order to provide access to our Network, an FDU faculty member, staff member, or student must sponsor the guest(s) that they are providing access to. The sponsor takes responsibility for the Internet usage of their guests and ensures that they adhere to FDU’s Acceptable Use Policy for Computer Usage.

Choosing the Correct Account Type

• Accounts can be created for up to 8 days
• The sponsor can manage accounts (extend time, delete, suspend or reset password)
• Account creation requires a valid FDU NetID to create
• A single Guest Account (Known Guest) can be created or generic accounts (5 devices per account with the ability to create 10 generic accounts at once) can be created through this function

For events that will have a large audience, a Group Account may be needed. If you are a faculty or staff member and you require this account type, please create a sponsored guest account and then create a UTAC ticket. This can be accomplished by contacting the Fairleigh Dickinson University Technical Assistance Center (UTAC). 

Please provide UTAC with the following information:

• Guest account name
• The name that you would like to use for your Group account
• Faculty/staff sponsor name, contact number and e-mail address
• Location for the event (Building, Room, Classroom, etc.)
• Time and date of the event

Once the ticket is created, OIRT (Office of Information Resource Technology) will contact you within 3 business days to complete the Group account activation.

EduRoam

Fairleigh Dickinson is a member of Eduroam (education roaming) which provides secure, world-wide roaming access service for the international research and education community. If your guest is coming from another Higher Education institution that is also a member of Eduroam, they will not require an FDU guest account. Instead, they can gain access to our Network simply by logging into the eduroam network with their regular credentials.

(Available on Metro and Florham Campus Only)

Creating and Managing an FDU Wireless Guest Account

1. Log into access.net.fdu.edu using your NetID and password

2. Click the “Generic” or “Known Guest” button

• Generic – This option allows you to create up to 10 accounts concurrently without entering your guest’s information

• Known Guest – This option allows you to create an account with guest information. You need to input the guest’s “First name”, “Last name”, “Email address”, and “Phone number”. You also need to enter your own FDU email address

3. If you have selected “Generic”, enter the number of accounts that you would like to create (maximum of 10)

4. The remaining instructions are for both known guests and generic accounts. Choose how long you want the guest account to be active

• First Option – Click the box next to “End of business day” if your guest only requires access through the end of the day

• Second Option – Type the number of days required in the “Duration” box (maximum of 8). The “From Date” and “To Date” will automatically change based on the requested duration

• Optional – If needed, you can select an exact date and time for the guest account access to begin and end (24:00 format)

5. Click the “Create” button

1. Log into access.net.fdu.edu using your NetID and password

2. Click the “Manage Accounts” tab

3. Check the box next the account that you would like to update. You can now use the following administrative functions

• Edit: Modify any information entered during account creation
  
• Resend: Print or email the account username and password
  
• Extend: Add additional time to the account. The maximum total duration of 8 days will still apply
  
• Delete: Immediately delete the account
  
• Reset Password: This will reset the password and either print or email the new password

Support

For additional support, please contact the University Technical Assistance Center (UTAC)

All employees of Fairleigh Dickinson University are responsible for conducting business in a safe and secure way. Select employees may be required to view Personal Information (PI) and Personal Health Information (PHI) as part of their daily responsibilities, while others may handle sensitive information of another nature. All employees receive correspondence from outside the University. Ensuring that our community remains safe and diligent in the face of today’s cyber landscape is vital. The policy below will provide a baseline understanding of the data security protocols in place and the expectations on FDU employees to uphold them.

Effective Date: 05/28/2024
Last Revision: 12/01/2022
Last Review: 05/13/2024

I. OBJECTIVE

The objective of Fairleigh Dickinson University (“University”) in the development and implementation of this comprehensive Written Information Security Program (“WISP”) is to create effective administrative, technical and physical safeguards for the protection of Personal Information (“PI”) and Protected Health Information (“PHI”). The WISP sets forth the University’s procedure for evaluating its electronic and physical methods of accessing, collecting, storing, using, transmitting, and protecting PI and PHI.

For purposes of this WISP, PI means:

1. User name, email address, or any other account holder identifying information, in combination with any password or security question and answer that would permit access to an online account.
   
2. Biometric data that can uniquely identify a person based on their physical, behavioral, or physiological characteristics. These characteristics can include:
   1. Fingerprints
   2. Palmprints
   3. Voiceprints
   4. Facial, retinal, or iris measurements
   5. Handwriting and signature
   6. Facial geometry (the shape of a person’s face)

3. Someone’s name and any one of the following data elements:
   
   1. Social Security number, Social Insurance number, National Insurance number, or equivalent;
      
   2. Date of birth (MM/DD/YYYY),
      
   3. Driver’s license number, state-issued identification card number, or provincially-issued identification card number;
      
   4. Financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password, that would permit access to an individual’s financial account;
      
   5. Passport number;
      
   6. Medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional or health insurance information; or
      
   7. Student/Employee (i.e., Datatel) ID number coupled with a password or security question and answer or any portion of any item in the list above that would permit access to an online account.

For purposes of this WISP, PHI includes information that is created, received, and/or maintained by the University that is related to an individual’s health care (or payment related to health care) that directly or indirectly identifies the individual.

PI or PHI shall not include information that is lawfully obtained from publicly available information, or from federal, state, provincial or local government records lawfully made available to the general public.

Notwithstanding the above and irrespective of whether or not it’s considered PII or PHI, one should always take care and caution to use the minimum data elements necessary to perform the business function at hand.

All University employees except those listed under section IX must complete online or in-person WISP training and test with a passing score of at least 80% every 24 calendar months.

II. PURPOSE

The purpose of the WISP is to better:

1. Ensure the security and confidentiality of PI and PHI;
   
2. Protect against any anticipated threats or hazards to the security or integrity of such information; and
   
3. Protect against unauthorized access to or use of such information in a manner that creates a substantial risk of identity theft or fraud.

III. SCOPE

In formulating and implementing this WISP, the University has addressed and incorporated the following protocols:

1. identified reasonably foreseeable internal and external risks to the security, confidentiality, and/or integrity of any electronic, paper or other records containing PI and PHI;

2. assessed the likelihood and potential damage of these threats, taking into consideration the sensitivity of the PI and PHI;

3. evaluated the sufficiency of existing policies, procedures, information systems, and other safeguards in place to control risks;

4. designed and implemented a WISP that puts safeguards in place to minimize those risks, consistent with the requirements of the regulations in this document; and

5. implemented regular monitoring of the effectiveness of those safeguards.

IV. DATA SECURITY COORDINATOR

The University has designated the Chief Information Security Officer (CISO), working together with the Chief Information Officer (CIO) and the Data Security Information Response Team (DSIRT), to implement, supervise and maintain the WISP. See Appendix II for contact information for the CISO, CIO and DSIRT. Together, they will be responsible for:

1. Initial implementation of the WISP;
   
2. Regular testing of the WISP’s safeguards;
   
3. Evaluating the ability of each of the University’s third party service providers to implement and maintain appropriate security measures for the PI and PHI to which the University has permitted them access, consistent with the regulations outlined in this document; and requiring such third party service providers by contract to implement and maintain appropriate security measures;
   
4. Reviewing the scope of the security measures in the WISP at appropriate intervals, including the review of any material change in the University’s business practices that may implicate the security or integrity of records containing PI and PHI; and
   
5. Conducting in-person or online, synchronous or asynchronous, training sessions for all University employees, and independent contractors, including temporary and contract employees on the elements of the WISP. All attendees at such training sessions are required to certify their attendance at the training, and their familiarity with University requirements for ensuring the protection of PI and PHI.

V. INTERNAL RISKS

To combat internal risks to the security, confidentiality, and/or integrity of any electronic, paper or other records containing PI and PHI, and evaluating and improving, where necessary, the effectiveness of the current safeguards for limiting such risks, the following measures are mandatory and effective immediately:

Internal Threats

1. The University shall only collect PI and PHI of students, their parents, alumni, donors, suppliers, vendors, independent contractors or employees that is necessary to accomplish the University’s legitimate need to access said records, and for a legitimate job-related purpose, or necessary for University to comply with state, provincial, or federal regulations.
   
2. Access to records containing PI and PHI shall be limited to those persons who are reasonably required to know such information in order to accomplish a University legitimate business purpose or to enable the University to comply with state, provincial or federal regulations.
   
3. All persons who fail to comply with this WISP shall be subject to disciplinary measures, up to and including termination, irrespective of whether PI and PHI was actually accessed or used without authorization. Any such discipline shall be in accordance with processes and procedures of Human Resources and subject to any protections afforded under the University’s agreement with “Office & Professional Employees International Union”, the “Faculty Handbook”, and similar documents.
   
4. Access to PI and PHI shall be restricted to authorized University personnel only.
   
5. Any PI and PHI stored shall be disposed of when no longer needed for business purposes or required by law for storage. Paper or electronic records (including records stored on hard drives or other electronic media) containing PI and PHI shall be disposed of only in a manner that complies with the regulations outlined in this document and as follows:
   
   1. Paper documents containing PI and PHI shall be shredded upon disposal so that PI and PHI cannot be practicably read or reconstructed; and
      
   2. Electronic media and other non-paper media containing PI and PHI shall be destroyed or erased upon disposal so that PI and PHI cannot be practicably read or reconstructed.

6. A copy of this WISP must be distributed to each current University employee and to each new University employee at the commencement of their employment.

7. Procedures for Terminated Employees (whether voluntary or involuntary)
   
   1. Terminated employees must return all records containing PI and PHI, in any form that may at the time of such termination be in the former employee’s possession (including all such information stored on laptops or other portable devices or media, and in files, records, work papers, etc.)
      
   2. A terminated employee’s physical and electronic access to PI and PHI must be immediately blocked. Such terminated employee shall be required to surrender all keys, IDs or access codes or badges, business cards, and the like, that permit access to the firm’s premises or information. Moreover, such terminated employee’s remote electronic access to personal information must be disabled.

8. Physical Assets Protocol
   
   1. All assets must be secured from theft by locking up and maintaining a secure workplace, whether that work takes place in University stores, offices, at a client site, in a car, hotel or in a home.
      
      1. All University laptops shall be deployed with encryption capabilities enabled. End users may not disable such encryption. Exceptions to this policy are as follows:
         
         1. With the explicit written authorization of the CISO;
            
         2. May be disabled by OIRT personnel for temporary maintenance purposes only;
            
         3. Loaner laptops temporarily assigned with the understanding they will not be used to store or access any information that is considered to be protected under this policy.
            
      2. All laptops should be placed in the trunk of vehicle when and wherever they are parked. If no secure trunk or other storage is available, employees should, whenever possible, keep their laptops in their possession or find a way to secure and conceal it.
         
      3. Laptops, PDAs, phones and other portable devices that may contain or have access to PI and/or PHI left in the office or at home over night should be kept in a locked and secure location.
         
      4. Employees must have assets secured or within their physical possession while on public or private transportation, including air travel.
         
      5. Files containing PI and/or PHI are not to be stored on local computer hard drives, shared drives or other external media (which include externally hosted services such as, but not limited to OneDrive, Google, and Drop Box) without prior written authorization from the CISO. If approved, the method of storage and access to the data will be determined by the CISO during the discussion and placed in writing. (See Appendix I for more detail).

9. Access Control Protocol
   
   1. Access to electronically stored PI and PHI shall be electronically limited to those University employees having a unique log-in ID.
      
   2. Employees must ensure that all computer systems under their control are locked when leaving their respective workspaces. Employees must not disable any logon access.
      
   3. Employees must log off of the VPN or Virtual Desktop (VDI) when they are not directly using those resources.
      
   4. All Ellucian (Datatel) sessions that have been inactive for 60 or more minutes shall require re-log-in.
      
   5. After 5 unsuccessful log-in attempts by any Ellucian (Datatel) or MS Active Directory NetID, that user ID will be blocked from accessing those systems until access privileges are re-established by University Systems and Networking.
      
   6. Employees must maintain the confidentiality of passwords and access controls:
      
      1. All Ellucian (Datatel) or MS Active Directory NetID passwords are required to adhere to strong password rules.
         
      2. All Ellucian (Datatel) or MS Active Directory NetID passwords are required to be changed every 3 months.
         
      3. Employees must not share accounts or passwords with anyone.
         
      4. Employees should not record passwords on paper or in a document or in a place where someone other than the employee might have access to it. Tip: The University has identified a password vault application (Keepass, Dashlane or Lastpass); those interested should open a ticket with the UTAC requesting assistance on setting it up.
         
   7. Where practical, all external or internal visitors to a department are restricted from areas where files containing PI and PHI are stored. Alternatively, visitors must be escorted or accompanied by an approved employee in any area where files containing PI and PHI are stored.
      
10. Educational Records
    
    1. The Family Educational Rights and Privacy Act (FERPA) of 1974 prohibits educational institutions from disclosing education records without the written consent of an eligible student.
    2. Limited exceptions to non-disclosure include directory information and specific school officials with a legitimate educational interest.
    3. The transmition of education records covered under FERPA must follow the same PI/PHI guidelines as depicted in Appendix I of this policy.

VI. EXTERNAL RISKS

To combat external risks to the security, confidentiality, and/or integrity of any electronic, paper or other records containing PI and PHI, and evaluating and improving, where necessary, the effectiveness of the current safeguards for limiting such risks, the following measures are mandatory and effective immediately:

External Threats

1. Firewall protection, operating system security patches, and all software products shall be reasonably up-to-date and installed on any computer that stores or processes PI and PHI.
   
2. All system security software including, anti-virus, anti-malware, and internet security shall be reasonably up-to-date and installed on any computer that stores or processes PI and PHI.
   
3. To protect against external threats, all PI and PHI shall be handled in accordance with the protocols set forth above under “Internal Threats”.
   
4. In the event an individual inadvertently discovers he/she received PI or PHI from an external party, such PI or PHI shall be handled in accordance with the protocols set forth under “Internal Threats”.
   
5. There shall be secure user authentication protocols in place that:
   
   1. Control user ID and other identifiers;
      
   2. Assigns passwords in a manner that conforms to accepted security standards, or applies the use of unique identifier technologies;
      
   3. Control passwords to ensure that password information is secure.
      
6. PI and PHI shall not be removed from the business premises in electronic or written form absent a legitimate business need and use of reasonable security measures, as described in this WISP.
   
   1. PI and/or PHI that MUST be transmitted in electronic form shall not be sent without encryption.
      
   2. PI and/or PHI in paper form must be secured.
      
7. All computer systems shall be monitored for unauthorized use or access to PI and PHI.

VII. IN CASE OF LOSS/THEFT OR SUSPECTED LOSS/THEFT

If you have reason to believe that any PI or PHI has been lost or stolen or may have been compromised or there is the potential for identity theft, regardless of the media or method, you must report the incident immediately by contacting the Fairleigh Dickinson University Technical Assistance Center (UTAC) at (973)-443-8822. The UTAC is available 24 x 7.

VIII. OTHER APPLICABLE POLICIES

Data Security Information Response Plan (September 15, 2019, not published on Web)

IX. EXCEPTIONS

The following groups are exempt from taking the mandated bi-annual WISP training as described in section I of this policy:

1. Those currently not employed by the University but who are granted Net ID’s with only email access (no other access to FDU IT resources or services).
   
2. Retired full-time faculty not employed by the University but who are granted email access for life as a retired tenured full-time faculty member.
   
3. Retired full-time executive emeritus not employed by the University but granted email access for life as a retired full-time executive emeriti.

Requests for other exceptions to this policy should be directed in writing to the Chief Information Security Officer. Only the Chief Information Security Officer in consultation with the DSIRT may grant such exceptions and will do so only after careful review and in writing.

X. REVIEW

This policy shall be reviewed annually by the Data Security Incident Response Team (DSIRT) at the first meeting in April.

Appendix I

Technical requirements for the storage of files containing PI or PHI regardless of where the storage occurs will include but not be limited to the following:

1. All file(s) should be secured with AES 256bit encryption unless actively open for review or modification.
   
2. It is the responsibility of the person handling the PI or PHI file to securely delete any files created as a product of the manipulation of those files. As an example, temporary files created by Microsoft Office programs or any other programs would need to be securely deleted as well as the clear text versions of the original file after the encrypted version is properly created and verified.
   
3. Programs used for Encryption/Decryption and secure file deletion must be approved by the CISO including the methods in which they are to be used.
   
4. If the complete or partial PI or PHI containing file(s) are inadvertently written to a local hard drive, it is the user’s responsibility to diligently make sure the contents are securely deleted.

Appendix II

DATA SECURITY INCIDENT RESPONSE TEAM (ROLES AND RESPONSIBILITIES)

The Data Security Incident Response Team membership includes the Chief Operating Officer, the Chief Information Officer, the Chief Information Security Officer, the Chief Academic Officer, the University General Counsel and the University Risk Manager. Each member of the Data Security Incident Response Team (DSIRT) has responsibilities related to the security of all the organization’s sensitive information. The DSIRT members listed below have specific responsibilities with regard to the reporting and handling of data security incidents. Note that one person may serve in multiple roles.

Senior Vice President and Chief Financial Officer: Frank Barra
Daytime telephones: office: (201)-692-2237; Email: fbarra@@fdu.edu

Chief Information Officer (CIO): Neal Sturm
Daytime telephones: office: (201)-692-8689; Email: sturm@fdu.edu

Chief Information Security Officer (CISO): Kimberley Dawn Dunkerley
Daytime telephones: office: (201)-692-7672; Email: ddunkerley@fdu.edu

Privacy Officer: Kimberley Dawn Dunkerley
Daytime telephones: office: (201)-692-7672; Email: ddunkerley@fdu.edu

Senior Vice President and University Provost: Benjamin Rifkin
Daytime telephones: Office: (201)-692-7093; Email: brifkin@fdu.edu

Office of the General Counsel: Steve Nelson
Daytime telephones: office: (201)-692-2466; Email: snelson@fdu.edu

University Risk Manager: Gail Lemaire
Daytime telephones: office: (201)-692-7083; Email: lemaire@fdu.edu

Vancouver Campus Executive: Wilfred Zebre
Daytime telephone: office: (604)-648-4462; Email: wilfred_zerbe@fdu.edu

Associate Vice President for MIS: Saul Kleinman
Daytime telephone: Office: (201)-692-2065; Email: saul@fdu.edu

FDU Written Information Security Program.pdf Download