[Micronet] FW: 2015 Staff Engagement Survey

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

[Micronet] FW: 2015 Staff Engagement Survey

Kevin Burney

Phishing???

 

If this is legitimate they should not use links contained in the email.  A simple way to mitigate this is to tell people to go a trusted system like BLU or “UCOP - At your service” (not a link to the location) and use a link posted there without requiring the recipient to click on a link contained within the email.

 

The following item is listed on the Anti-Phishing posters located throughout the campus.

“If you didn’t expect it. Reject it! Don’t Click on Unexpected Links”

 

Let’s be consistent.

 

Security policies are not effective if there are some that should be followed and others that should not.

 

Exceptions are one of the worst things for policies and/or guidelines.  Is it ok to click on a link because it says it is a questionnaire from UC or someone representing UC?  Who is this @towerswatson.com?

 

Is this part of the testing program that the campus announced would be going on to analyze peoples use in clicking on phishing attempts?

 

It feels to me that system wide communications should be vetted by a UC security team member before sending it out to the masses.

 

https://security.berkeley.edu/content/phishing-scams-ongoing-threat-campus

https://security.berkeley.edu/content/anti-phishing-faq-and-tips

 

 

-Kevin Burney

_________________________________

Kevin D. Burney

Active Directory Systems Engineer

Enterprise Windows Team

University of California, Berkeley

(510) 827-8476

 

 

The following is an excerpt from an SNS web page:

How can I identify a phishing scam?

The first rule to remember:  Never give out any personal information in email.  No institution, bank or otherwise, will ever ask for this information via email.  It may not always be easy to tell whether an email or website is legitimate, but there are many tools to help find out.

·         In the body of an email, you might see questions asking you to “verify” or “update your account” or “failure to update your records will result in account suspension.” It is usually safe to assume that no credible organization to which you have provided your information will ever ask you to re-enter it, so do not fall for this trap.

·         Any email that asks for your personal or sensitive information should be seriously scoured and not trusted. Even if the email has official logos or text or even links to a legitimate website, it could easily be fraudulent. Never give out your personal information.

What can I do to avoid Phishing attacks?

Click and review these 5 essential Anti-Phishing tips to avoid being "Phished":

1.       Passwords in Email = Epic Fail. Never send your passwords in email!

2.      If you didn't expect it, reject it. Don't click unexpected links!

3.      Hover to Discover. Look out for deceptive links!

4.      Check for Trash Before the Slash. Verify "https://auth.berkeley.edu/" in your browser bar before entering CalNet credentials!

5.      Is it a Phish? Drop us a line. 

 

 

 

 

 

 

From: [hidden email] [mailto:[hidden email]]
Sent: Monday, March 30, 2015 10:02 AM
To: [hidden email]
Subject: 2015 Staff Engagement Survey

 

Dear UC Colleague:

You are invited to participate in the 2015 Staff Engagement Survey. You may have seen the announcement on UC Net or on your campus news site about a survey the Council of University of California Staff Assemblies (CUCSA), in collaboration with Systemwide Employee Relations, is conducting among a representative sample of UC Staff employees.  You have been selected to participate in this survey.

The survey asks for your opinions about a range of topics that focus on employee engagement. Your views are very important and provide direct feedback that will help shape how we will all work at UC. This is the second systemwide UC Staff Engagement Survey. The first was conducted in 2012. Results from that survey were shared with Senior Leadership at UCOP as well as the Chancellors or senior administrators at each location.

Results from the 2015 survey compared to the 2012 results will help us determine areas where progress was made, as well as areas that may need further effort and focus.  We encourage you to take about 15 minutes to complete this survey while at work. Please submit your response by April 17, 2015.

The survey is being conducted by Towers Watson, an independent consulting firm specializing in employee surveys and research. Towers Watson does not report individual names or opinions, so your answers will remain strictly confidential. Your responses, combined with others, will help leadership understand what’s important to you and what’s working well or needs improvement.

How to Participate
To take the survey, please click on the link below:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The survey will be open from March 30, 2015 through April 17, 2015.

Please do not forward this email to others. If you have any questions or experience difficulties accessing the survey, please email Towers Watson at [hidden email]

Again, thank you for sharing your views and helping to improve UC.

Sincerely,

Rob Kerner, Chair of the Council of UC Staff Assemblies (2014-15)
Greta Carl-Halle, Chair-Elect of the Council of UC Staff Assemblies (2014-15)
Marie-Ann Hairston, Director Systemwide Employee Relations Programs

Notice of Confidentiality

This transmission contains information that may be confidential. It has been prepared for the sole and exclusive use of the intended recipient and on the basis agreed with that person. If you are not the intended recipient of the message (or authorized to receive it for the intended recipient), you should notify us immediately; you should delete it from your system and may not disclose its contents to anyone else.

This e-mail has come to you from Towers Watson Delaware Inc. or Towers Watson Pennsylvania Inc.


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.

smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] FW: 2015 Staff Engagement Survey

Jeff Royal
Hi Kevin,

Yes, this is a legitimate survey.  I understand your concern here and it is only one concern among many regarding the campus survey environment.  Our office is currently attempting to institutionalize the provision of a service for management and governance of campus surveys (among other "official" campus survey activities).  We're hoping to announce something over the summer.  I'd be happy to talk more offline if you're interested in hearing more details.

Best,
Jeff

~~~~
Jeff Royal, Institutional Research Analyst
Office of Planning & Analysis

On Mon, Mar 30, 2015 at 10:56 AM, Kevin Burney <[hidden email]> wrote:

Phishing???

 

If this is legitimate they should not use links contained in the email.  A simple way to mitigate this is to tell people to go a trusted system like BLU or “UCOP - At your service” (not a link to the location) and use a link posted there without requiring the recipient to click on a link contained within the email.

 

The following item is listed on the Anti-Phishing posters located throughout the campus.

“If you didn’t expect it. Reject it! Don’t Click on Unexpected Links”

 

Let’s be consistent.

 

Security policies are not effective if there are some that should be followed and others that should not.

 

Exceptions are one of the worst things for policies and/or guidelines.  Is it ok to click on a link because it says it is a questionnaire from UC or someone representing UC?  Who is this @towerswatson.com?

 

Is this part of the testing program that the campus announced would be going on to analyze peoples use in clicking on phishing attempts?

 

It feels to me that system wide communications should be vetted by a UC security team member before sending it out to the masses.

 

https://security.berkeley.edu/content/phishing-scams-ongoing-threat-campus

https://security.berkeley.edu/content/anti-phishing-faq-and-tips

 

 

-Kevin Burney

_________________________________

Kevin D. Burney

Active Directory Systems Engineer

Enterprise Windows Team

University of California, Berkeley

<a href="tel:%28510%29%20827-8476" value="+15108278476" target="_blank">(510) 827-8476

 

 

The following is an excerpt from an SNS web page:

How can I identify a phishing scam?

The first rule to remember:  Never give out any personal information in email.  No institution, bank or otherwise, will ever ask for this information via email.  It may not always be easy to tell whether an email or website is legitimate, but there are many tools to help find out.

·         In the body of an email, you might see questions asking you to “verify” or “update your account” or “failure to update your records will result in account suspension.” It is usually safe to assume that no credible organization to which you have provided your information will ever ask you to re-enter it, so do not fall for this trap.

·         Any email that asks for your personal or sensitive information should be seriously scoured and not trusted. Even if the email has official logos or text or even links to a legitimate website, it could easily be fraudulent. Never give out your personal information.

What can I do to avoid Phishing attacks?

Click and review these 5 essential Anti-Phishing tips to avoid being "Phished":

1.       Passwords in Email = Epic Fail. Never send your passwords in email!

2.      If you didn't expect it, reject it. Don't click unexpected links!

3.      Hover to Discover. Look out for deceptive links!

4.      Check for Trash Before the Slash. Verify "https://auth.berkeley.edu/" in your browser bar before entering CalNet credentials!

5.      Is it a Phish? Drop us a line. 

 

 

 

 

 

 

From: [hidden email] [mailto:[hidden email]]
Sent: Monday, March 30, 2015 10:02 AM
To: [hidden email]
Subject: 2015 Staff Engagement Survey

 

Dear UC Colleague:

You are invited to participate in the 2015 Staff Engagement Survey. You may have seen the announcement on UC Net or on your campus news site about a survey the Council of University of California Staff Assemblies (CUCSA), in collaboration with Systemwide Employee Relations, is conducting among a representative sample of UC Staff employees.  You have been selected to participate in this survey.

The survey asks for your opinions about a range of topics that focus on employee engagement. Your views are very important and provide direct feedback that will help shape how we will all work at UC. This is the second systemwide UC Staff Engagement Survey. The first was conducted in 2012. Results from that survey were shared with Senior Leadership at UCOP as well as the Chancellors or senior administrators at each location.

Results from the 2015 survey compared to the 2012 results will help us determine areas where progress was made, as well as areas that may need further effort and focus.  We encourage you to take about 15 minutes to complete this survey while at work. Please submit your response by April 17, 2015.

The survey is being conducted by Towers Watson, an independent consulting firm specializing in employee surveys and research. Towers Watson does not report individual names or opinions, so your answers will remain strictly confidential. Your responses, combined with others, will help leadership understand what’s important to you and what’s working well or needs improvement.

How to Participate
To take the survey, please click on the link below:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The survey will be open from March 30, 2015 through April 17, 2015.

Please do not forward this email to others. If you have any questions or experience difficulties accessing the survey, please email Towers Watson at [hidden email]

Again, thank you for sharing your views and helping to improve UC.

Sincerely,

Rob Kerner, Chair of the Council of UC Staff Assemblies (2014-15)
Greta Carl-Halle, Chair-Elect of the Council of UC Staff Assemblies (2014-15)
Marie-Ann Hairston, Director Systemwide Employee Relations Programs

Notice of Confidentiality

This transmission contains information that may be confidential. It has been prepared for the sole and exclusive use of the intended recipient and on the basis agreed with that person. If you are not the intended recipient of the message (or authorized to receive it for the intended recipient), you should notify us immediately; you should delete it from your system and may not disclose its contents to anyone else.

This e-mail has come to you from Towers Watson Delaware Inc. or Towers Watson Pennsylvania Inc.



-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.



 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] FW: 2015 Staff Engagement Survey

Ian Crew
In reply to this post by Kevin Burney
Kevin:

While I agree that there's room for improvement, at least in this case we were all given an official (and verifiable) advance heads-up that this message was coming and that it is legit--see https://calmessages.berkeley.edu/archives/message/37765, sent last Wednesday.

That's not perfect, but it is a bunch better than what's been done in the past, and I think that should be recognized. 

Ian

___
Ian Crew

IST-Architecture, Platforms and Integration (API)
Earl Warren Hall, Second Floor
University of California, Berkeley


On Mar 30, 2015, at 10:56 AM, Kevin Burney <[hidden email]> wrote:

Phishing???

 

If this is legitimate they should not use links contained in the email.  A simple way to mitigate this is to tell people to go a trusted system like BLU or “UCOP - At your service” (not a link to the location) and use a link posted there without requiring the recipient to click on a link contained within the email.

 

The following item is listed on the Anti-Phishing posters located throughout the campus.

“If you didn’t expect it. Reject it! Don’t Click on Unexpected Links”

 

Let’s be consistent.

 

Security policies are not effective if there are some that should be followed and others that should not.

 

Exceptions are one of the worst things for policies and/or guidelines.  Is it ok to click on a link because it says it is a questionnaire from UC or someone representing UC?  Who is this @towerswatson.com?

 

Is this part of the testing program that the campus announced would be going on to analyze peoples use in clicking on phishing attempts?

 

It feels to me that system wide communications should be vetted by a UC security team member before sending it out to the masses.

 

https://security.berkeley.edu/content/phishing-scams-ongoing-threat-campus

https://security.berkeley.edu/content/anti-phishing-faq-and-tips

 

 

-Kevin Burney

_________________________________

Kevin D. Burney

Active Directory Systems Engineer

Enterprise Windows Team

University of California, Berkeley

(510) 827-8476

 

 

The following is an excerpt from an SNS web page:

How can I identify a phishing scam?

The first rule to remember:  Never give out any personal information in email.  No institution, bank or otherwise, will ever ask for this information via email.  It may not always be easy to tell whether an email or website is legitimate, but there are many tools to help find out.

·         In the body of an email, you might see questions asking you to “verify” or “update your account” or “failure to update your records will result in account suspension.” It is usually safe to assume that no credible organization to which you have provided your information will ever ask you to re-enter it, so do not fall for this trap.

·         Any email that asks for your personal or sensitive information should be seriously scoured and not trusted. Even if the email has official logos or text or even links to a legitimate website, it could easily be fraudulent. Never give out your personal information.

What can I do to avoid Phishing attacks?

Click and review these 5 essential Anti-Phishing tips to avoid being "Phished":

1.       Passwords in Email = Epic Fail. Never send your passwords in email!

2.      If you didn't expect it, reject it. Don't click unexpected links!

3.      Hover to Discover. Look out for deceptive links!

4.      Check for Trash Before the Slash. Verify "https://auth.berkeley.edu/" in your browser bar before entering CalNet credentials!

5.      Is it a Phish? Drop us a line. 

 

 

 

 

 

 

From: [hidden email] [[hidden email]]
Sent: Monday, March 30, 2015 10:02 AM
To: [hidden email]
Subject: 2015 Staff Engagement Survey

 

Dear UC Colleague:

You are invited to participate in the 2015 Staff Engagement Survey. You may have seen the announcement on UC Net or on your campus news site about a survey the Council of University of California Staff Assemblies (CUCSA), in collaboration with Systemwide Employee Relations, is conducting among a representative sample of UC Staff employees.  You have been selected to participate in this survey.

The survey asks for your opinions about a range of topics that focus on employee engagement. Your views are very important and provide direct feedback that will help shape how we will all work at UC. This is the second systemwide UC Staff Engagement Survey. The first was conducted in 2012. Results from that survey were shared with Senior Leadership at UCOP as well as the Chancellors or senior administrators at each location.

Results from the 2015 survey compared to the 2012 results will help us determine areas where progress was made, as well as areas that may need further effort and focus.  We encourage you to take about 15 minutes to complete this survey while at work. Please submit your response by April 17, 2015.

The survey is being conducted by Towers Watson, an independent consulting firm specializing in employee surveys and research. Towers Watson does not report individual names or opinions, so your answers will remain strictly confidential. Your responses, combined with others, will help leadership understand what’s important to you and what’s working well or needs improvement.

How to Participate
To take the survey, please click on the link below:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The survey will be open from March 30, 2015 through April 17, 2015.

Please do not forward this email to others. If you have any questions or experience difficulties accessing the survey, please email Towers Watson at [hidden email]

Again, thank you for sharing your views and helping to improve UC.

Sincerely,

Rob Kerner, Chair of the Council of UC Staff Assemblies (2014-15)
Greta Carl-Halle, Chair-Elect of the Council of UC Staff Assemblies (2014-15)
Marie-Ann Hairston, Director Systemwide Employee Relations Programs

Notice of Confidentiality

This transmission contains information that may be confidential. It has been prepared for the sole and exclusive use of the intended recipient and on the basis agreed with that person. If you are not the intended recipient of the message (or authorized to receive it for the intended recipient), you should notify us immediately; you should delete it from your system and may not disclose its contents to anyone else.

This e-mail has come to you from Towers Watson Delaware Inc. or Towers Watson Pennsylvania Inc.


-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] FW: 2015 Staff Engagement Survey

Kathleen Valerio
In reply to this post by Kevin Burney
Hi Micronet, 

This is a legitimate survey from Towers Watson, a well respected company that does research.  A message from UCOP was passed through Cal Messages to All Staff was sent by Jeannine Raymond AVC of HR, March 25th alerting people that this survey was coming.  Text pasted below. 
*************************

Jeannine Raymond Assistant Vice Chancellor - Human Resources (campus-wide)

Mar 25 (5 days ago)
to Staff

(sent on behalf of Marie Hairston, UCOP)

UCOP has announced that the second systemwide UC Staff Engagement Survey will begin the week of March 30th. The survey will be conducted among a representative sample of UC Staff employees and will ask for opinions about a range of topics that focus on employee engagement. The results will provide direct feedback that help shape how we all work at UC. If you are randomly selected to participate, UCOP will contact you directly via email.

For more on this, please read the UCnet article online.

Marie Hairston
Systemwide Director of ER
UC Office of the President

 

If you are a manager who supervises UC Berkeley employees without email access, please circulate this information to all.

Please do not reply to this message

*******************************************

I don't know who - if anyone from Jeannine's office should have communicated more dorectly with the folks who oversee email to make the program clearer, but they did attempt to reach out in advance. 

All for now.  


Yours truly, 

Kathleen Valerio, CalPact Coordinator 
Talent & Organizational Performance

192 University Hall
2199 Addison St.
Berkeley, CA 94720-3540

Ph 510 643-0452
[hidden email]
@KathleenValeri0

"Life isn't about finding yourself. Life is about creating yourself." - George Bernard UC Berkeley * reimagines the world *by challenging convention *to shape the future.


On Mon, Mar 30, 2015 at 10:56 AM, Kevin Burney <[hidden email]> wrote:

Phishing???

 

If this is legitimate they should not use links contained in the email.  A simple way to mitigate this is to tell people to go a trusted system like BLU or “UCOP - At your service” (not a link to the location) and use a link posted there without requiring the recipient to click on a link contained within the email.

 

The following item is listed on the Anti-Phishing posters located throughout the campus.

“If you didn’t expect it. Reject it! Don’t Click on Unexpected Links”

 

Let’s be consistent.

 

Security policies are not effective if there are some that should be followed and others that should not.

 

Exceptions are one of the worst things for policies and/or guidelines.  Is it ok to click on a link because it says it is a questionnaire from UC or someone representing UC?  Who is this @towerswatson.com?

 

Is this part of the testing program that the campus announced would be going on to analyze peoples use in clicking on phishing attempts?

 

It feels to me that system wide communications should be vetted by a UC security team member before sending it out to the masses.

 

https://security.berkeley.edu/content/phishing-scams-ongoing-threat-campus

https://security.berkeley.edu/content/anti-phishing-faq-and-tips

 

 

-Kevin Burney

_________________________________

Kevin D. Burney

Active Directory Systems Engineer

Enterprise Windows Team

University of California, Berkeley

<a href="tel:%28510%29%20827-8476" value="+15108278476" target="_blank">(510) 827-8476

 

 

The following is an excerpt from an SNS web page:

How can I identify a phishing scam?

The first rule to remember:  Never give out any personal information in email.  No institution, bank or otherwise, will ever ask for this information via email.  It may not always be easy to tell whether an email or website is legitimate, but there are many tools to help find out.

·         In the body of an email, you might see questions asking you to “verify” or “update your account” or “failure to update your records will result in account suspension.” It is usually safe to assume that no credible organization to which you have provided your information will ever ask you to re-enter it, so do not fall for this trap.

·         Any email that asks for your personal or sensitive information should be seriously scoured and not trusted. Even if the email has official logos or text or even links to a legitimate website, it could easily be fraudulent. Never give out your personal information.

What can I do to avoid Phishing attacks?

Click and review these 5 essential Anti-Phishing tips to avoid being "Phished":

1.       Passwords in Email = Epic Fail. Never send your passwords in email!

2.      If you didn't expect it, reject it. Don't click unexpected links!

3.      Hover to Discover. Look out for deceptive links!

4.      Check for Trash Before the Slash. Verify "https://auth.berkeley.edu/" in your browser bar before entering CalNet credentials!

5.      Is it a Phish? Drop us a line. 

 

 

 

 

 

 

From: [hidden email] [mailto:[hidden email]]
Sent: Monday, March 30, 2015 10:02 AM
To: [hidden email]
Subject: 2015 Staff Engagement Survey

 

Dear UC Colleague:

You are invited to participate in the 2015 Staff Engagement Survey. You may have seen the announcement on UC Net or on your campus news site about a survey the Council of University of California Staff Assemblies (CUCSA), in collaboration with Systemwide Employee Relations, is conducting among a representative sample of UC Staff employees.  You have been selected to participate in this survey.

The survey asks for your opinions about a range of topics that focus on employee engagement. Your views are very important and provide direct feedback that will help shape how we will all work at UC. This is the second systemwide UC Staff Engagement Survey. The first was conducted in 2012. Results from that survey were shared with Senior Leadership at UCOP as well as the Chancellors or senior administrators at each location.

Results from the 2015 survey compared to the 2012 results will help us determine areas where progress was made, as well as areas that may need further effort and focus.  We encourage you to take about 15 minutes to complete this survey while at work. Please submit your response by April 17, 2015.

The survey is being conducted by Towers Watson, an independent consulting firm specializing in employee surveys and research. Towers Watson does not report individual names or opinions, so your answers will remain strictly confidential. Your responses, combined with others, will help leadership understand what’s important to you and what’s working well or needs improvement.

How to Participate
To take the survey, please click on the link below:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The survey will be open from March 30, 2015 through April 17, 2015.

Please do not forward this email to others. If you have any questions or experience difficulties accessing the survey, please email Towers Watson at [hidden email]

Again, thank you for sharing your views and helping to improve UC.

Sincerely,

Rob Kerner, Chair of the Council of UC Staff Assemblies (2014-15)
Greta Carl-Halle, Chair-Elect of the Council of UC Staff Assemblies (2014-15)
Marie-Ann Hairston, Director Systemwide Employee Relations Programs

Notice of Confidentiality

This transmission contains information that may be confidential. It has been prepared for the sole and exclusive use of the intended recipient and on the basis agreed with that person. If you are not the intended recipient of the message (or authorized to receive it for the intended recipient), you should notify us immediately; you should delete it from your system and may not disclose its contents to anyone else.

This e-mail has come to you from Towers Watson Delaware Inc. or Towers Watson Pennsylvania Inc.



-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.



 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] FW: 2015 Staff Engagement Survey

Christopher Brooks
I think we should have some sort of disincentive for people that send out mail like this.

Like maybe running a booth on Sproul about phishing during lunch :-)

It is amazing what a little social embarrassment does to solve problems.  Years and years ago, we had problems with developers "breaking the build", that is, checking in code that did not compile.  We would have the offender wear a goofy hat at group lunch.  The mistake was made much less frequently after that.  Fortunately, continuous integration and tools like Eclipse more effectively solved the problem.


Seriously though, what is the status of the policy for these sorts of emails?

Campus-wide lists with more than n people must be moderated if we are going to prevent desensitizing people to phishing attacks.

I'd be happy to let someone else set the value of n, but I think n=250 or n=500 would help.


_Christopher



On 3/30/15 12:16 PM, Kathleen VALERIO wrote:
Hi Micronet, 

This is a legitimate survey from Towers Watson, a well respected company that does research.  A message from UCOP was passed through Cal Messages to All Staff was sent by Jeannine Raymond AVC of HR, March 25th alerting people that this survey was coming.  Text pasted below. 
*************************

Jeannine Raymond Assistant Vice Chancellor - Human Resources (campus-wide)

Mar 25 (5 days ago)

to Staff

(sent on behalf of Marie Hairston, UCOP)

UCOP has announced that the second systemwide UC Staff Engagement Survey will begin the week of March 30th. The survey will be conducted among a representative sample of UC Staff employees and will ask for opinions about a range of topics that focus on employee engagement. The results will provide direct feedback that help shape how we all work at UC. If you are randomly selected to participate, UCOP will contact you directly via email.

For more on this, please read the UCnet article online.

Marie Hairston
Systemwide Director of ER
UC Office of the President

 

If you are a manager who supervises UC Berkeley employees without email access, please circulate this information to all.

Please do not reply to this message

*******************************************

I don't know who - if anyone from Jeannine's office should have communicated more dorectly with the folks who oversee email to make the program clearer, but they did attempt to reach out in advance. 

All for now.  


Yours truly, 

Kathleen Valerio, CalPact Coordinator 
Talent & Organizational Performance

192 University Hall
2199 Addison St.
Berkeley, CA 94720-3540

Ph 510 643-0452
[hidden email]
@KathleenValeri0

"Life isn't about finding yourself. Life is about creating yourself." - George Bernard UC Berkeley * reimagines the world *by challenging convention *to shape the future.


On Mon, Mar 30, 2015 at 10:56 AM, Kevin Burney <[hidden email]> wrote:

Phishing???

 

If this is legitimate they should not use links contained in the email.  A simple way to mitigate this is to tell people to go a trusted system like BLU or “UCOP - At your service” (not a link to the location) and use a link posted there without requiring the recipient to click on a link contained within the email.

 

The following item is listed on the Anti-Phishing posters located throughout the campus.

“If you didn’t expect it. Reject it! Don’t Click on Unexpected Links”

 

Let’s be consistent.

 

Security policies are not effective if there are some that should be followed and others that should not.

 

Exceptions are one of the worst things for policies and/or guidelines.  Is it ok to click on a link because it says it is a questionnaire from UC or someone representing UC?  Who is this @towerswatson.com?

 

Is this part of the testing program that the campus announced would be going on to analyze peoples use in clicking on phishing attempts?

 

It feels to me that system wide communications should be vetted by a UC security team member before sending it out to the masses.

 

https://security.berkeley.edu/content/phishing-scams-ongoing-threat-campus

https://security.berkeley.edu/content/anti-phishing-faq-and-tips

 

 

-Kevin Burney

_________________________________

Kevin D. Burney

Active Directory Systems Engineer

Enterprise Windows Team

University of California, Berkeley

<a moz-do-not-send="true" href="tel:%28510%29%20827-8476" value="+15108278476" target="_blank">(510) 827-8476

 

 

The following is an excerpt from an SNS web page:

How can I identify a phishing scam?

The first rule to remember:  Never give out any personal information in email.  No institution, bank or otherwise, will ever ask for this information via email.  It may not always be easy to tell whether an email or website is legitimate, but there are many tools to help find out.

·         In the body of an email, you might see questions asking you to “verify” or “update your account” or “failure to update your records will result in account suspension.” It is usually safe to assume that no credible organization to which you have provided your information will ever ask you to re-enter it, so do not fall for this trap.

·         Any email that asks for your personal or sensitive information should be seriously scoured and not trusted. Even if the email has official logos or text or even links to a legitimate website, it could easily be fraudulent. Never give out your personal information.

What can I do to avoid Phishing attacks?

Click and review these 5 essential Anti-Phishing tips to avoid being "Phished":

1.       Passwords in Email = Epic Fail. Never send your passwords in email!

2.      If you didn't expect it, reject it. Don't click unexpected links!

3.      Hover to Discover. Look out for deceptive links!

4.      Check for Trash Before the Slash. Verify "https://auth.berkeley.edu/" in your browser bar before entering CalNet credentials!

5.      Is it a Phish? Drop us a line. 

 

 

 

 

 

 

From: [hidden email] [mailto:[hidden email]]
Sent: Monday, March 30, 2015 10:02 AM
To: [hidden email]
Subject: 2015 Staff Engagement Survey

 

Dear UC Colleague:

You are invited to participate in the 2015 Staff Engagement Survey. You may have seen the announcement on UC Net or on your campus news site about a survey the Council of University of California Staff Assemblies (CUCSA), in collaboration with Systemwide Employee Relations, is conducting among a representative sample of UC Staff employees.  You have been selected to participate in this survey.

The survey asks for your opinions about a range of topics that focus on employee engagement. Your views are very important and provide direct feedback that will help shape how we will all work at UC. This is the second systemwide UC Staff Engagement Survey. The first was conducted in 2012. Results from that survey were shared with Senior Leadership at UCOP as well as the Chancellors or senior administrators at each location.

Results from the 2015 survey compared to the 2012 results will help us determine areas where progress was made, as well as areas that may need further effort and focus.  We encourage you to take about 15 minutes to complete this survey while at work. Please submit your response by April 17, 2015.

The survey is being conducted by Towers Watson, an independent consulting firm specializing in employee surveys and research. Towers Watson does not report individual names or opinions, so your answers will remain strictly confidential. Your responses, combined with others, will help leadership understand what’s important to you and what’s working well or needs improvement.

How to Participate
To take the survey, please click on the link below:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The survey will be open from March 30, 2015 through April 17, 2015.

Please do not forward this email to others. If you have any questions or experience difficulties accessing the survey, please email Towers Watson at [hidden email]

Again, thank you for sharing your views and helping to improve UC.

Sincerely,

Rob Kerner, Chair of the Council of UC Staff Assemblies (2014-15)
Greta Carl-Halle, Chair-Elect of the Council of UC Staff Assemblies (2014-15)
Marie-Ann Hairston, Director Systemwide Employee Relations Programs

Notice of Confidentiality

This transmission contains information that may be confidential. It has been prepared for the sole and exclusive use of the intended recipient and on the basis agreed with that person. If you are not the intended recipient of the message (or authorized to receive it for the intended recipient), you should notify us immediately; you should delete it from your system and may not disclose its contents to anyone else.

This e-mail has come to you from Towers Watson Delaware Inc. or Towers Watson Pennsylvania Inc.



-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.




 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.

-- 
Christopher Brooks, PMP                       University of California
Academic Program Manager & Software Engineer  US Mail: 337 Cory Hall
CHESS/iCyPhy/Ptolemy/TerraSwarm               Berkeley, CA 94720-1774
[hidden email], 707.332.0670           (Office: 545Q Cory)

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] FW: 2015 Staff Engagement Survey

Charles James
And with all the mail sent now days do we really expect everyone to remember blurbs like this? Maybe if the blurb below came on say a Monday noting the survey with details as to who would be sending, sends the survey the very next day it might be retained long enough. In addition, I remember this email and it had more than just the below blurb and that means having to remember this one thing out of many and that isn't always best either. Just saying.

Charles
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Charles E. James
IST - Administrative IT Solutions
Operations/Release Management/CalNet Deputy/Bldg Coordinator
Wk: 510-642-8440 
ASG Deputy Email: [hidden email]

-----------------------------------------
"The perfect man employs his mind as a mirror; 
it grasps nothing; it refuses nothing; 
it receives, but does not keep." ~ Chung-Tzu
-----------------------------------------
On 3/30/15 12:57 PM, Christopher Brooks wrote:
Kathleen VALERIO wrote:
Hi Micronet, 

This is a legitimate survey from Towers Watson, a well respected company that does research.  A message from UCOP was passed through Cal Messages to All Staff was sent by Jeannine Raymond AVC of HR, March 25th alerting people that this survey was coming.  Text pasted below. 
*************************


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] FW: 2015 Staff Engagement Survey

Charles James
Oh, and what do you do when the spammers actually use the same format and process to get their junk across as well. I can't tell you how many official looking emails have been found to be phishing/spam attempts, etc.

Just Sayin,

Charle
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Charles E. James
IST - Administrative IT Solutions
Operations/Release Management/CalNet Deputy/Bldg Coordinator
Wk: 510-642-8440 
ASG Deputy Email: [hidden email]

-----------------------------------------
"The perfect man employs his mind as a mirror; 
it grasps nothing; it refuses nothing; 
it receives, but does not keep." ~ Chung-Tzu
-----------------------------------------
On 3/30/15 1:29 PM, Charles James wrote:
And with all the mail sent now days do we really expect everyone to remember blurbs like this? Maybe if the blurb below came on say a Monday noting the survey with details as to who would be sending, sends the survey the very next day it might be retained long enough. In addition, I remember this email and it had more than just the below blurb and that means having to remember this one thing out of many and that isn't always best either. Just saying.

Charles
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Charles E. James
IST - Administrative IT Solutions
Operations/Release Management/CalNet Deputy/Bldg Coordinator
Wk: 510-642-8440 
ASG Deputy Email: [hidden email]

-----------------------------------------
"The perfect man employs his mind as a mirror; 
it grasps nothing; it refuses nothing; 
it receives, but does not keep." ~ Chung-Tzu
-----------------------------------------
On 3/30/15 12:57 PM, Christopher Brooks wrote:
Kathleen VALERIO wrote:
Hi Micronet, 

This is a legitimate survey from Towers Watson, a well respected company that does research.  A message from UCOP was passed through Cal Messages to All Staff was sent by Jeannine Raymond AVC of HR, March 25th alerting people that this survey was coming.  Text pasted below. 
*************************



 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] FW: 2015 Staff Engagement Survey

Jon Forrest-3
In reply to this post by Christopher Brooks


On 3/30/2015 12:57 PM, Christopher Brooks wrote:

> Seriously though, what is the status of the policy for these sorts of
> emails?

As a retired staff member, I don't have a horse in this race,
but, as Christopher surely remembers, this has been a topic of
discussion on campus *for years*. It could be argued that one
minor way to judge "Operational Excellence" is whether progress
has been made in such issues.

Cordially,
Jon Forrest
UCB (ret.)

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.