Critical Security Updates for Microsoft Exchange and Windows OS

We’re alerting our higher education technology community that yesterday’s (1/11/2022) Microsoft Patch Tuesday released critical security updates for Exchange and Windows OS that addresses several serious security vulnerabilities.

In the updates there are fixes for 97 total vulnerabilities, 9 of these are remote code exploits (RCE), 6 of them are classed as Zero-Day, and 1 of them is Wormable.

A wormable exploit means that it could self-propagate through a network with no user interaction. This vulnerability exploits how the OS processes unauthenticated HTTP traffic and carries a severity rating of 9.8 on a scale of 10. Windows Server 2019 and 2022, plus Windows 10 and 11 are affected.

Microsoft suggests patching all affected Windows versions as soon as possible, publicly facing servers with open HTTP and HTTPS ports are the most critical. The security updates for Exchange affect 2013, 2016, and 2019 and this includes hybrid servers for Office 365.

The update has only been released for the latest Cumulative Update (CU) for Exchange Server 2013 (CU23), and the last two CUs for 2016 (CU21 and CU22) and 2019 (CU10 and CU11). This means you will need to patch to one of these CUs before being able to apply this security update.

If you have any questions or need assistance, please click here.

For your reference, click here to read the Microsoft Exchange Team posted a blog about the update and patch process.

Webinar Recording: Log4j Vulnerability Advice & Updates

We held a complimentary emergency webinar with our most trusted security experts on Wednesday, December 15th, to explain the Log4j threat, address questions, and offer remediation advice.

Ferrilli Security Alert: Log4j Vulnerability Affects All Industries

We’re alerting our higher education technology community that on December 9, a remote code execution vulnerability, dubbed CVE-2021-44228, was disclosed in Apache’s Log4j.

Apache Log4j is an open-source logging utility used by almost all major Java-based applications and currently running on 3 billion devices worldwide.

Log4j has been exposed to a very high-risk vulnerability under active and vigorous exploitation. The exploitation of this vulnerability is simple and only requires the attacker to enter a piece of code into the target triggering the vulnerability, allowing the attacker to remotely control the user victim’s server.

How Do I Tell If I’m at Risk?

Chances are, you have a system(s) at risk. While advanced features of many popular Next Generation Firewalls (NGFWs) or Web Application Firewalls (WAFs) may offer some protection, you still need to patch quickly. We recommend two immediate steps to figure out your level of exposure.

Continue reading “Ferrilli Security Alert: Log4j Vulnerability Affects All Industries”

Join Us at the SACSCOC 2021 (Virtual) Annual Meeting

Attending SACSCOC 2021 virtual?

Then be sure to stop by our booth to chat live with our team of experts and learn how your institution can maximize its technology investment!

We’ll also be hosting 3(!) live video sessions:

Friday, December 3rd @ 11 am ET – Increase Completion Rates with Ferrilli’s Automated Degree & Certificate Evaluator for Ellucian Banner (with Ferrilli’s Senior Vice President Carol Thomas)

Friday, December 3rd @ 3:45 pm ET – Increase Efficiency with Program Requirement Managed Services (with Ferrilli’s Executive Vice President Kelly Sinacola)

Monday, December 6th @ 1:15 pm ET – Increase Completion Rates with Ferrilli’s Automated Degree & Certificate Evaluator for Ellucian Colleague (with Kelly Sinacola)

We look forward to connecting with you!

Data Security: It Takes a Village

By Marcia Daniel, Chief Client Officer, Ferrilli

When I meet with institutional leaders across the higher education landscape, I am continually astounded at just how tech-savvy they have become. Provosts are asking about about degree audit software. Registrars want to discuss how best to deploy chatbots. Vice Presidents of Student Life are exploring the benefits of digital nudges. Just about everyone in higher education is a technology expert these days – except in the area that matters most.

Because when I ask them about what they’re doing to ensure data security, there’s a familiar refrain I hear all too often: “Oh, our CIO handles that.”

Continue reading “Data Security: It Takes a Village”

Stop By Our Booth at EDUCAUSE 2021 and Take Your Shot at $50k

We’re going for the green at EDUCAUSE 2021!

Be sure to stop by Booth 101 on Wednesday, October 27th and Thursday, October 28th, to play Ferrilli’s $50,000, hole-in-one challenge!

We’ll also be raffling off a once-in-a-lifetime trip to the beautiful Pebble Beach Resorts, located between picturesque Monterey and Carmel, California.

Our team of talented higher education technology experts will be there to cheer you on … and, of course, answer any questions you have about optimizing your institution’s technology investment.

You do not want to miss this! Just look for the massive, state-of-the-art golf simulator and come over to take your shot!

Check out our article in the Fall 2021 ACCT Trustee Quarterly!

If you missed Ferrilli Chief Client Officer Marcia A. Daniel’s article Want to Improve Graduation Rates? Make it Easier to Graduate, in the Fall 2021 ACCT Trustee Quarterly, you can read it now by clicking the link below.

In the piece, Marcia posits that automatically awarding degrees shifts the balance from institutions to students in ways that benefit both.

Click here to access the Fall 2021 ACCT Trustee Quarterly and read the article.

Virtual Roundtable Recording: Analytics in Higher Education

Watch Ferrilli’s Anthology Practice Director Dan Mongeluzi lead a roundtable discussion on Analytics in Higher Education.

Dan covers how far we have come with analytics in education, discusses useful business cases, and (hopefully) motives folks to take action!

Creating a Remote Workforce in the Face of COVID-19: The San Jose-Evergreen Community College District

When the COVID-19 pandemic struck, the San Jose-Evergreen Community College District needed to act fast to ensure that its 20,000 students could continue their studies unabated. Job One was finding a way for its 665 administrators, staff, and full-time faculty perform their essential roles from off-campus locations. That meant creating a remote workforce: providing remote access to the technology, tools, and applications they rely on to help support the student body.

Within a matter of days, SJECCD identified the major challenges it needed to navigate – many of which were impacting institutions across the higher education landscape. VPN solutions hadn’t been fully deployed and had to be scaled up. The use of unmanaged devices and unknown WIFI connections created security concerns. There was the potential that employees could unwittingly utilize malicious browser plug-ins. And there simply wasn’t enough hardware to support shifting the entire workforce to remote locations at the same time.

Continue reading “Creating a Remote Workforce in the Face of COVID-19: The San Jose-Evergreen Community College District”

How the San Jose-Evergreen Community College District Managed the Cybersecurity Threats that Accompanied the Coronavirus Pandemic

When COVID-19 struck in the spring of 2020, colleges and universities across the country were presented with three key challenges. They had to shift thousands of students, faculty, and employees to remote learning, instruction, and work. They had to do it quickly or risk losing an entire semester to the pandemic. And they had to do it securely or risk the creation of data vulnerabilities that hackers would likely exploit. 

Prior to the coronavirus pandemic, higher education was already one of the most targeted industries in the world when it came to cyberattacks. In 2019, Moody’s (which controls the bond ratings for most institutions in the U.S.) reported that data security was “a growing risk for higher education institutions globally” due to the fact that they “retain valuable information across expansive online networks;” that “their breadth of operations can be vast, with innumerable access points;” and that “investing in state-of-the-art defenses likely competes with myriad other priorities.” 

Since the pandemic began, cyber criminals have sought to take advantage of these trends like never before. According to a report released by Checkpoint in the summer of 2020, “the number of attacks on educational institutions has grown faster than in any other sector,” with “a 30 percent increase compared to a 6.5 percent increase across all industries in July and August [2020].” During the same time period, Microsoft Security Intelligence found that more than 60 percent of some 9 million malware encounters worldwide took place in the education sector alone. 

It was trends and statistics like these that were on the minds of leaders at the San Jose-Evergreen Community College District when ensuring that its 20,000 students could continue their studies unabated amid the coronavirus pandemic. 665 administrators, staff, and full-time faculty would have to perform their essential roles from off-campus locations – and that meant providing remote access to the technology, tools, and applications they rely on to help support the student body. 

Continue reading “How the San Jose-Evergreen Community College District Managed the Cybersecurity Threats that Accompanied the Coronavirus Pandemic”

The Emerging Link Between Data Security and Student Success

By Marcia Daniel, Chief Client Officer, Ferrilli

In the spring of 2021, the Colonial Pipeline data breach hit the southeastern United States particularly hard. For the first time in a generation, there were gasoline shortages that caused service stations to close and long lines at the pumps that somehow remained open. For many of us in the region, it was the first time that data security had impacted our lives on a truly fundamental level. It wasn’t just about personal finance anymore; but our ability to get to the grocery store, drive the kids to soccer practice, or visit loved ones we hadn’t seen in ages.

Here in the summer of 2021, higher education finds itself in a similar circumstance. For years, we’ve known that colleges and universities are among hackers’ favorite targets. We’ve read the stories of ransomware attacks that cost some institutions more than a million dollars. We’ve come to understand the brand damage that can accompany a high-profile breach. But as technology proliferates our campuses and data is used in new ways, something even more important is at stake. Higher education data security is fast becoming a question of student success.

Continue reading “The Emerging Link Between Data Security and Student Success”

3 Ways to Improve Your Remote Student Experience

By Carol Thomas, Senior Vice President, Ferrilli

When colleges and universities went remote due to COVID-19, many were quick to temper expectations of a lasting shift toward distance learning. But while demand for the on-campus experience is expected to remain strong in the post-pandemic era, evidence suggests that remote learning and instruction will indeed play a larger role as well.

Back in the fall of 2018, data from IPEDS already showed that “more than 6.9 million students, or 35.3% of students in the nation, were enrolled in distance education courses at degree-granting postsecondary institutions.” Since the pandemic began, that momentum hasn’t slowed. A Digital Learning Pulse survey released in April 2021 shows that 73 percent of college students either “strongly” or “somewhat” agree that they will take online courses in the future.

As a result, institutions are now recognizing the need to upgrade remote student experiences that were — in large part — hastily designed as temporary solutions to a short-term problem. As they do, the institutions that performed well during the pandemic provide best practices by which to move forward. One such example is the Pratt Institute in New York City — one of the world’s leading colleges of art and design.

Continue reading “3 Ways to Improve Your Remote Student Experience”

Webinar Recording: Optimizing Your Anthology (formerly Campus Management) Applications and Other Systems for Success

Ferrilli’s Anthology Practice Director Dan Mongeluzi discusses Optimizing Your Anthology (formerly Campus Management) Applications and Other Systems for Success.


From Triage Specialist to Trusted Strategist: How the Cloud is Transforming the Higher Education CIO

By Marcia A. Daniel, Chief Client Officer, Ferrilli

Not long ago, the Chief Information Officer at a small private institution told me something I never thought I’d hear. “Marcia,” he said, “I can’t get our president to leave me alone. Every day there’s another call about asking what we can do to try and make things run smoother in another department. It’s everything from admissions to the library to housing. I need a break!”

I just had to laugh – because there was a time when every higher education CIO I knew would have begged for the same level or attention. For decades, the only time presidents or their VPs would engage IT leaders was when problems arose. The network is down. Email isn’t working. We have a security problem. IT was essentially a triage center, where maintenance and crisis management were the central responsibilities once a system was implemented.

Today that’s all changing to the point that our CIO from that small private college certainly isn’t alone. Over the last decade, cloud technology has been replacing on premise systems across higher education – and with solutions providers now responsible for ensuring baseline services and “keeping the lights on,” the CIO role is evolving into what it always should have been from the start: a truly strategic partner to institutional leadership

Continue reading “From Triage Specialist to Trusted Strategist: How the Cloud is Transforming the Higher Education CIO”

See You at Anthology Together 2021!

We’re excited to be a Gold sponsor at Anthology Together, July 12-15, 2021!

Stop by our booth throughout the week to connect with Ferrilli CEO Robert Ferrilli and Chief Client Officer Marcia A. Daniel and learn about Ferrilli’s commitment to higher education and student success. You can also scan your badge at our booth for a chance to win a new iPad Pro 2021!

On Tuesday, July 13th at 4:30 pm CDT, head to the Innovation Stage to hear Robert Ferrilli discuss Optimizing Your Anthology Applications and Other Systems for Success.

We look forward to seeing you at the conference and sharing how Ferrilli can help your institution get the most out of its Anthology technology!

Webinar Recording: Banner Summer Clean-Up & Prep for Student Affairs and Enrollment Management

With another academic year coming to an end, now is a great time to review your Ellucian Banner system and do some housekeeping.

Ferrilli’s Linda Bloom, Senior Banner Consultant, walks you through the action plan she created over many years of going through this exercise. Linda’s checklist identifies potential options for improvement and details how to optimize performance for specialized areas.

Connect With Us at the Education Summit 2021

We’re excited to be a Platinum sponsor at the Education Summit 2021, this Wednesday, June 16th!

As certified Consulting Partners, we are here to help your institution maximize its technology investment. Be sure to stop by our virtual booth to chat live with our knowledgeable consultants.

We are also thrilled to be co-hosting a Breakout Session at 3pm EDT on June 16th with Pratt Institute: How Pratt Evolved its Tradition of “Making” & Transformed the Student Experience

Our own Senior Vice President Carol Thomas will be joined by Pratt’s Vice President of Information Technology & CIO Joseph Hemway and Director of Enterprise Technology Diana Russo to discuss how COVID-19 provoked this storied Art and Design institution to accelerate its digital future.

Click here to access the conference and connect with us.

We look forward to seeing you there!

Webinar Recording: Getting the Most out of Your Banner Operational Data Store (ODS)

Watch as our Ferrilli Banner DBAs share how you can optimize the Banner Operational Data Store (ODS) to provide your campus with accurate, detailed and updated institutional reporting data.

Ferrilli Named Ellucian Solution Services Platinum Partner

Key Takeaways

  • Ferrilli has been named an Ellucian Solution Services Platinum Partner, Ellucian’s highest partner level
  • Only 4 Ellucian partners worldwide have attained this distinction
  • The Ellucian and Ferrilli partnership provides top-tier service and support for institutions looking to get the most out of their Ellucian software
  • This partnership produces a natural synergy between the world’s leading higher education technology systems provider and the premier information technology consultants serving higher education
Read the full press release

Why Higher Education IT Staff Matter Even More in the Cloud

By Marcia A. Daniel, Chief Client Officer, Ferrilli

Earlier this month, I read a news item that is increasingly common as cloud software becomes more prevalent in higher education. It detailed planned cuts to the IT team at a major institution in my home state. While the financial stresses of the pandemic were cited as a primary motivator, administrators also pointed to the more “cost-effective model” of becoming a “cloud-first organization.”

Those administrators are indeed correct that the cloud is more efficient; but I would argue that they are mistaken as to the reasons why.

Continue reading “Why Higher Education IT Staff Matter Even More in the Cloud”

Ferrilli Featured in Toggle Magazine: Pratt University’s digital student experience made easy

We’re excited to appear in the spring 2021 edition of Toggle magazine alongside Pratt Institute VP of IT & CIO Joseph Hemway!

Toggle highlighted the impressive job Joe and his team did of responding to the COVID-19 pandemic by migrating Pratt’s world-class campus experience into a student-centered digital experience that felt like being there in person.

Pratt, in partnership with Ferrilli, leveraged Salesforce Communities to achieve their vision of an all-encompassing student-centered online platform; one that will set the standard for such portals going forward.

We were truly honored to work on this project and we are happy that Joe and his team are getting the recognition they deserve for such an impactful result.

“It was probably one of the most challenging projects of my career but also one of the most rewarding,” says Ferrilli CEO Robert Ferrilli. “It’s the top design school in the country and we had to deliver the best digital experience. I’m very happy we chose the Salesforce platform because of its flexibility and rich ecosystem.”

Click here to read the full story.

Webinar Recording: Preparing for Financial Year End Close in Banner

Watch the Ferrilli Banner Finance team present a thorough overview of Banner Finance’s Year End Close processes.

Hear about data cleanup strategies, configuration considerations, and processing approaches that can support the close of one year and the opening of another, ensuring a happy and fiscally healthy New Year!

Webinar Recording: Optimizing DegreeWorks and Banner

In this complimentary webinar the Ferrilli DegreeWorks and Banner teams share experiences and practices for optimizing DegreeWorks for performance and ensuring access to the enhanced feature sets for students, faculty and staff.

Webinar Recording: New Cloud Storage Tiers and Rising Costs. Are you ready?

Ferrilli is seeing a concerning trend in Cloud data storage for non-Microsoft solutions: Google, Box, and Dropbox are in the process of raising prices significantly for higher-ed.

Learn how you can migrate your data to Microsoft OneDrive utilizing your existing Microsoft A1, A3, or A5 licenses.

Webinar Recording: COVID-19 Vaccine Tracking

We recently continued our series on best practices for returning to campus in the age of COVID-19.

In this session, discussed the new requirements for tracking COVID-19 vaccinations and/or tests and how that can be accommodated in your systems on campus.

See You at UBUG 2021!

UBUG 2021 attendees, make sure to stop by and see us during the conference today, May 7th!

Ferrilli CEO and founder Robert Ferrilli and Steven Terry, Banner Practice Director, will be standing by to address all your Banner-related technology questions and concerns.

You can also tune into our breakout session at 11am MDT, “Getting the Most out of Banner and DegreeWorks.”

As an Ellucian Platinum Services partner our functional and technical consultants possess the knowledge and expertise to help your institution optimize and streamline its Ellucian Banner system.

We look forward to seeing you there!

Connect with us at AACC Digital 2021!

We’re excited to be a sponsor at AACC Digital 2021, beginning Thursday, May 6th and running every Thursday through the end of May!

Be sure to stop by our virtual booth, where you can chat with our knowledgeable account representatives and Ferrilli’s Chief Client Officer, Marcia A. Daniel.

Our team will be answering your questions and sharing insights on how technology can help your college navigate a changing landscape, compete for new students, and drive sustainable growth.


May 6th, 13th & 20th

11am – 12pm EDT & 3pm – 5:15pm EDT

May 27th

12pm – 1pm EDT & 3pm – 5:15pm EDT

We look forward to seeing you there!

Webinar Recording: Cloud Backup Administration

Watch our discussion on cloud backup administration.

How do you currently backup your critical systems?  When was the last time you tested your backups? Do you know if they are secure?  

Now, more than ever, it is essential that you have an actionable strategy to avoid the devastating effects of not backing up your system.  Backing up to the cloud is one way to de-risk potential on-premise issues.