Skip to content

Security updates for Windows 7 home PCs to connect to UMKC Network

UMKC is updating the way computers and devices connect to the UMKC network on December 20th.  Specifically we are updating to the latest version of TLS (Transport Layer Security), which is used to secure network communications.  While campus computers have been updated, home users running Windows 7 may need to update to the latest version of TLS so that they can use Remote Desktop to connect to UMKC’s network.  Listed below are instructions on how to do so.

Remote Desktop Users from Home running Windows 7

Windows 7 home users who want to use Remote Desktop to connect to a UMKC computer will need to go to Windows Update on their computer, select optional updates, and install update 3080079 .  This update enables TLS 1.1 and 1.2 for Remote Desktop connections.  Without this, users may receive encryption errors and the connection will fail.   The update can also be downloaded and installed from:

Home users running Windows 10 are not affected at this point.   Windows 8/8.1 also includes the TLS update.

If you have questions or need assistance, please contact the UMKC Call Center at 816-235-2000,, over via the online problem report form

Two-factor authentication for myHR begins December 19th

Passwords are the forefront of protecting your personal information and the University’s electronic data. The University is taking further precautions with sensitive data by requiring two-factor authentication to log in to myHR starting Tuesday, December 19, 2017. As its name suggests, two-factor authentication provides an additional layer of password safety by requiring a second method of verification (such as phone and email address) in order for a user to gain access. You will only need to go through the two-factor process once every 30-days for each device/web browser combination when using a University connection. The process will be required every time you log in from any other connection. On and after December 19, 2017, when logging in to myHR (, you will be redirected to a secure authentication page which will walk you through the process:

Consult the Secure Authentication Toolkit FAQs page for more information. If you experience difficulties during the process, please contact your local IT Tech Support team.

Please note: The two-factor authentication process is an additional implementation of the Secure Authentication Toolkit first implemented in Fall 2016. If you have yet to register your University account, visit the Secure Authentication Toolkit webpage to register or to learn more.

New Password Change Process for Students

Beginning this Saturday, March 4th 2017, UMKC students will be required to set their passwords using the new Secure Authentication Toolkit. If a student has not registered their security data in the Secure Authentication Toolkit before this weekend and needs to set a password, the toolkit will recognize the student has not registered and will automatically prompt the student to register their information so they can then set their password. In conjunction, all Pathway password reset links will be transitioned from the old PeopleSoft password reset tools to the new Secure Authentication Toolkit password reset tools. This is another step in the process UM campuses are adopting in order to establish a more secure verification process to better protect personal data and University systems.


Earlier this week, the UMKC IS password page went live, which features the new Secure Authentication Toolkit password reset tools as well as detailed information regarding which tool to use depending upon each user’s particular situation. The UMKC Call Center has been directing current students to register their information in Secure Authentication Toolkit since November and new students will now be able to register and set a password in one process.


If you have questions or need assistance, please contact the UMKC Call Center at 816-235-2000,, over via the online problem report form.

Exchange Email Retention Policy

On February 15th a few new email retention policies will be applied to ALL accounts, as part of the Exchange 2016 migration process.  Please note once messages in the identified folders pass the retention periods outlined below, they will be automatically deleted.


What will change?

  1. “Deleted Items” – Any items that are deleted or placed in the Deleted Items folder that are older than 30 days will automatically be moved to the Recoverable Items folder.
  2. “Junk E-mail” – Any items older than 30 days in the Junk E-mail folder will be moved to the Recoverable Items folder.
  3. “Recover Deleted Items” – After steps one and two are completed, those items will then reside in the Recoverable Items folder for an additional 30 days. After 30 days, those items will be permanently deleted.


Effectively, this means all Users have up to 60 days to recover items that were deleted, by using the Recover Deleted Items tool within Outlook or OWA. If you have items you wish to save, please move them to a different personal folder for safe keeping. Any items left in the folders listed above will be subject to the retention policies.


Be mindful this policy affects not only your UMKC mailbox, but also all departmental email accounts as well.


If you have questions or need assistance, please contact the UMKC Call Center at 816-235-2000,, over via the online problem report form.


Exchange 2016 Migration

The UM System upgrade to Exchange 2016 will begin on December 20, 2016 (after 5pm).  Once your mailbox has been successfully moved, you may be required to restart Outlook. There will be no cosmetic changes to your Outlook desktop application. However, the Outlook Web Access (OWA) application will change, sporting a new splash page and online interface.

If you have questions or need assistance, please contact the UMKC Call Center at 816-235-2000,, over via the online problem report form.

Preparing for Exchange 2016 Migration

In preparation for the migration from Exchange 2010 to Exchange 2016, the Outlook Web Access (OWA) website will be updated on October 12th.  (See new design below.)  Also please note the other preparatory and informational items below.  We will be contacting mailbox owners who are close to exceeding their mailbox quotas in the next week.  The migration of mailboxes to the new Exchange 2016 system is not yet scheduled but is expected in the coming weeks as soon as testing and preparatory work has been completed.

  1. The Outlook Web Access website has been redesigned. The new design is as follows:


  1. Clean up/out your email! In Exchange 2016, all item properties will be included in quota calculations, including the Deleted Items and Junk E-Mail folders.  As a result of this change, mailbox sizes are expected to increase. However, if you are already close to the current quota of 15 GB, you may find that you cannot send or receive email after the migration.  We are contacting users who may be close to reaching their Exchange quota in the next week.
  1. Learn how Managed Folders are changing. After the upgrade to Exchange 2016 Managed Folders will work a little differently. Managed Folders will continue to be created as email accounts are provisioned. However, the visual indication that an email is expired will no longer be used.

NOTE: Retention tags still exist, but the flag will not show automatically. You have to open the email to see the retention flag status.

If you have questions or need assistance, please contact the UMKC Call Center at 816-235-2000,, or via the online problem report form.

New email filtering changes

To better protect against phishing attempts, and malicious email attacks, an enhancement will be made to email filtering.  The UM System email team will implement this change starting September 28th.

Inbound email is currently evaluated on how likely the message is spam.  For emails that are evaluated as high “likely spam”, three changes will be made to the message to alert you of the risk, and to provide guidance in the event a message is improperly tagged as spam:

The first change is that all high spam likelihood messages will have this tag added to the subject line:
Beware:  Potentially Malicious Content

The second part of this change is that email with this high likelihood of being spam will have any click-links removed, and replaced with the text:
[Malicious URL Removed]

The last part is that messages that are modified will also have a line of text added to the top of the email, providing this guidance about the modification of the email:

“The URL contained in this message was identified as malicious and was removed for your protection.  If you need legitimate access to this URL contact the sender directly and work through the issue off-line.”

The hope is that this will greatly reduce the number of phishing emails that get in un-modified, and also reduce the number of emails that come in with links to virus-infected web sites.

If you have emails from a specific sender or specific organization that are consistently tagged as ‘potentially malicious’ , please contact the Call Center.  The sending organization may be on a list of potential spam sources, or there may be other problems we can help the sending organization resolve to lower the spam rating on their email.

Remember, do not click on links when an email makes claims about an account problem.  For password expiration notices, always hand-type the UMKC web site address, and search for ‘password reset’.  If there is a question about the legitimacy of an email message that mentions an account problem, contact the UMKC Call Center.

Box Ends Support for IE9 and IE10

As of September 26, 2016, Box will discontinue support for Internet Explorer 9 and 10. Since Microsoft stopped supporting and issuing software updates for IE9 and IE10 in January 2016, usage of these browsers now poses a security risk. Failure to upgrade to a newer version of IE or using an alternate browser will result in an inability to access Box’s Web Application with the latest updates.

If you have any concerns about UMKC Box and browser compatibility, please contact the IS Call Center or your IT Liaison.

iOS 9.3.4 Security Update Available

Apple has released an update for its mobile operating system, iOS 9.3.4, which fixes a memory corruption issue that could be exploited “to execute arbitrary code with kernel privileges.” The update blocks a jailbreak bug known as IOMobileFrameBuffer.

Please check your iOS device to ensure it is fully updated and patched.  This is done under Settings -> General -> Software Update.

If you have questions about updating your iOS device, please contact the Call Center.

Mobile Email Client Notification

This afternoon we received reports that some mobile devices are getting prompted to activate an Exchange ActiveSync policy. We believe this is related to the Exchange team installing the first Exchange 2016 server in the environment today. These prompts are primarily impacting Android devices.  This is a blank policy that is enforcing no actual device settings.

If you see this prompt on a mobile device you use to access your UMKC email account, you have two options to address the issue:

1.)  You can Accept the prompt to activate the policy on the device.   Since no actual policy values are being enforced, no settings will be applied.

After activating the policy, you can verify the device settings are not present by going to: Email settings-> Account -> Security options -> Security policy list.

2.)  The email account can be removed and then added back to the mobile device. Upon adding the account back you should not see the EAS policy prompt.

We are working to disable this behavior and regret any inconvenience it may cause.