By SUSAN JONES
The Nov. 29 Faculty Assembly meeting covered a wide range of topics, from Winter Commencement to dependent care (see related story) and computer security.
Senate President Robin Kear said the administration has made adjustments to the rules for the first-ever Winter Commencement — at 2 p.m. Dec. 17 at the Petersen Events Center — after hearing concerns from students who felt it wasn’t adequately communicated to them that they could only participate in the winter ceremony and not walk with their class in April.
Because this is the first year for the Winter Commencement, interim Provost Joe McCarthy announced recently that undergraduate students graduating this December who wish to walk instead in Pitt’s April commencement at the Pete are welcome to do so. The winter ceremony is for undergraduate, graduate and professional or Ph.D. students. Graduate students can still participate in their school sponsored ceremonies in the spring.
The second ceremony, which was announced in the spring 2023, was added because of the increasing number of students participating in the undergraduate-only event in April, which forced Pitt to issue two tickets per student for family to attend the spring 2023 commencement.
OTHER ITEMS IN KEAR’S REPORT:
Vaccine policy: A draft updated vaccine policy — which outlines vaccines needed for students and workers in high-risk areas, but drops the COVID-19 vaccine requirement — is open for comment until Dec. 4.
Domestic partner benefits policy: This policy, which was established in 2014, details benefits available to employees’ domestic partners, such as health insurance and education benefits, along with bereavement policies in the event of the death of an employee’s domestic partner. The policy office is seeking to decommission this policy, because all of these benefits are now spelled out and administered by the Offices of Human Resources and the provost’s office. The decommissioning is open for comment until Dec. 18.
LRDC director search: The Senate will facilitate electing four people who are affiliated with the Learning Research and Development Center to the search committee.
State government funding: Kear acknowledged that the state finally passed funding for Pitt earlier this month, but it included no increase from last year. She noted that the announcement from Pitt’s administration about the funding used the phrase “strategic expense reductions,” and she asked for clarification about that. She said she was told that “existing budgets for this year will remain the same and there will not be any new expense reductions related to the flat funding.”
More on phishing
John Duska, Pitt’s interim chief information security officer, continues to make the rounds to discuss the barrage of email phishing scams that Pitt has seen this semester and what Pitt IT is doing to lessen the risks.
He reiterated much of what he had said at the Senate Computer & Information Technology Committee and at a Staff Council Spotlight session.
Pitt blocks about 1 million suspicious emails a day, but “you have to remember that no filter is ever 100 percent reliable,” Duska said.
Pitt IT has already implemented some new safeguards, such as modern auth, which requires multi-factor authentication anytime a user allows or changes access to Pitt email on a device, and extra training for those who fall victim to phishing scams.
There are three other actions Pitt IT is considering to fight phishing — one of which some faculty members weren’t happy about.
The two non-objectionable suggestions were reducing the number of alumni accounts, since many of them are not used and open to hackers stealing the addresses; and reducing the number of emails each account can send per day. “There’s really very little reason that all accounts have the ability to send 10,000 emails a day,” Duska said. “If we restrict that to a smaller number, a more realistic number, then that would slow down the propagation of any phish that we do get.”
The proposal that did raise questions was restricting auto-forwarding of Pitt email to non-University accounts. Duska said less than 10 percent of faculty and staff auto-forward their Pitt email, but about 20 percent of alumni do. Once email is forwarded outside of Pitt, the security team has no “ability to take that message and delete it for you. So you’ll end up reading at Gmail and then falling for the phish there.” Duska said.
Duska reiterated that forwarding Pitt email to a UPMC account for those employed by both would still be fine, since UPMC has its own phishing filters set up.
A couple faculty members at the meeting said that auto-forwarding allows them to keep their Pitt and non-Pitt work in one place. Chris Bonneau, immediate past president of the Senate, said he wouldn’t object to restricting auto-forwarding to “antiquated” email interfaces, like HotMail or AOL, but that “Gmail is a pretty standard platform that a lot of us migrated to years ago. And I’m not willing to give up a sabbatical to reorganize my life around switching over.”
Kear suggested looking at intermediate steps, including prohibiting alumni from auto-forwarding email, before “interrupting the way that people are working, especially faculty, the way that they’re most productive.”
Duska said it’s helpful for IT to understand the concerns and the way people use email. “That really helps guide us, because the last thing we want to do is impact the educational aspects of the University and make people’s lives more difficult.”
Susan Jones is editor of the University Times. Reach her at suejones@pitt.edu or 724-244-4042.
Have a story idea or news to share? Share it with the University Times.