Working from Home
More and more are working from home these days. We here at UCMIT hope to make that as easy as possible for you.
Below we’ve provided some links and some tipsheets for more details about these processes. (Click on a topic heading to expand it for more info.)
Selecting a Computer or Device to Use
In order to work from home you will need a laptop or desktop computer that can function reliably. It does not have to be one provided by UCM, but UCMIT can only provide very limited (“best effort”) support for your own personal devices. Please bear in mind that while it may be possible to access our services and applications on unsupported systems, the UCMIT Service Desk may not have the necessary information to assist you in doing so.
- A computer running the most recent version of Microsoft Windows or the most (or second-most) recent version of Apple macOS is going to be the most compatible with our systems, services, and policy-requirements.
- Mobile devices (such as smart phones or tablets) running the most (or second-most) recent version of Google Android or Apple’s mobile operating systems (iOS and iPadOS) are the most compatible kind of mobile devices.
Connecting to the Internet
Various internet service providers are available in the Chicagoland area. Please contact your local provider of choice for more information about services, pricing, and estimated installation dates. Many providers have currently modified their rates and bandwidth. Here’s some instructions on connecting to your home WiFi for two of the largest local providers.
- Get Help with Your AT&T Internet
Connect Devices to Your AT&T Home Wifi
- Getting Connected with Comcast
Xfinity WiFi – Connecting Your Devices to Xfinity WiFi (WindowsPhone)
Xfinity WiFi – Connecting Your Devices to Xfinity WiFi (Windows 10)
Xfinity WiFi – Connecting Your Devices to Xfinity WiFi (Windows Vista)
Xfinity WiFi – Connecting Your Devices to Xfinity WiFi (Windows 8)
Xfinity WiFi – Connecting Your Devices to Xfinity WiFi (Windows 7)
Xfinity WiFi – Connecting Your Devices to Xfinity WiFi (macOS)
Xfinity WiFi – Connecting Your Devices to Xfinity WiFi (iOS)
Xfinity WiFi – Connecting Your Devices to Xfinity WiFi (Blackberry)
Xfinity WiFi – Connecting Your Devices to Xfinity WiFi (Android)
Accounts and Logins
Accessing your UCM services will require managing various sets of usernames and passwords, but there are three primary types of accounts you likely need to use. More information can be found here.
University of Chicago Hospitals Active Directory (“UCHAD“) accounts are used for logging into most UCM-provided clinical applications and services – such as
- UCHAD Domain login on UCM-provided Microsoft Windows-based computers
- wireless networking services in hospital buildings (“ucmc-staff” wifi)
- @uchospitals.edu email access
- UCM Clinical Desktop applications access (either through webapps off-site, uchapps on-site, or directly through the Workspace App)
- and UCM-managed VPN services (“webVPN“).
UCM security policies prohibit issuing/transmitting passwords via email so please call the UCMIT Service Desk by phone at 773-702-3456 to claim your UCHAD account. Once the UCMIT Service Desk issues you a temporary password for your account, you must change that password either by logging into a UCM-provided Microsoft Windows-based computer or by Enrolling your account and Resetting your password at the UCHAD account management website (https://identity.uchospitals.edu/pss)
Biological Science Division Active Directory (“BSDAD“) accounts are used for logging into most services provided by the Biological Science Division – such as
BSDAD accounts are requested online here and more information can be found here. UCM security policies prohibit issuing/transmitting passwords via email so please call the UCMIT Service Desk by phone at 773-702-3456 to claim your BSDAD account. Once the UCMIT Service Desk issues you a temporary password for your account, you must change that password either by logging into a UCM-provided Microsoft Windows-based computer or by using the BSDAD password management website (https://identity.uchospitals.edu/pss)
Please Note: some BSD departments’ IT services are not supported by UCMIT, and for those departments you should contact their own IT group as found here (https://bsdis.uchicago.edu/it/)
University of Chicago IT and Network services (“CNet“) accounts are used for logging into most services provided by the University organization – such as
- ADLOCAL Domain login on University-provided Microsoft Windows-based computers such as those located in the University Libraries
- wireless network access in University buildings on-campus (“uchicago-secure” wifi)
- @uchicago.edu email and Microsoft Office 365 access
- UChicago Box access
- workday.uchicago.edu and library.uchicago.edu access
- and University-managed VPN services (“cVPN“).
UCM employees typically do not have CNet accounts, most services for UCM staff require a UCHAD instead. CNet accounts and services are not typically managed by UCMIT, so please call University IT Services by phone at 773-702-5800 or by email at email@example.com for assistance with your CNet account. If UCM-affiliated persons have a business need for accessing one of the resources above, or any other explicitly requiring a CNet ID, one can be requested through the UCMIT Trusted Agents by submiting a request here. You can find more information, and manage your CNet account – change passwords, etc. – using the CNet Overview website (https://cnet.uchicago.edu) and the Account managment website (https://myaccount.uchicago.edu)
Two-Factor Authentication (2FA) And Duo Mobile Setup
Two-factor authentication (“2FA”) is an added security measure similar to how you protect your bank account with a pin number (something you know) and debit card (something you have) when you withdraw money from an ATM. 2FA is required for accessing all UCM systems and services from off-campus as well as many provided by the University. Our 2FA provider is a company named Duo Security (or Duo for short). The process of login with 2FA involves using a 2nd device to verify your login attempt – that is a second device in addition to the one you login on in the first place. So for instance, if you are trying to login to the webapps website from your desktop computer, you will need to verify you are the aware of this login attempt to your account by responding to a phone call or a notification in the Duo Mobile app on your smartphone.
- Register a Tablet in Two-Factor Authentication (2FA)
- Register Your Landline In Two-Factor Authentication (2FA)
- Register Your Smartphone in Two-Factor Authentication (2FA)
- Use the Duo Security App to Generate 2FA Passcodes
- Duo Mobile app for Google Android mobile devices
- Duo Mobile app for Apple iOS and iPadOS mobile devices
Please Note: that you must re-register the Duo Mobile app on your smartphone or tablet if they are replaced (even if you still have the same phone number.) You may do so by visiting the 2FA management site (https://2fa.uchicago.edu) and registering it as you did before. More information on 2FA can be found here (https://get2fa.uchicago.edu)
Accessing Citrix-based Apps
Many applications and resources provided by UCM (such as the Oracle E-business suite, Microsoft Office, network shared drives, and EPIC) are accessed via a portal we call the “UCMC Appications” or “Citrix Clinical Desktop” available through an app made by Citrix. These Citrix-based apps are not installed on your computer but are accessed through a Citrix app which is installed on your computer.
EPIC and EPIC Remote Access
EPIC is the hospital’s EMR and core patient care system. EPIC access requires submitting a System Access Request Form (“SARF“) and is not granted automatically to anyone by default.
- Before EPIC access request is submitted, one must be listed in ORACLE as an active employee and have an active UCHAD account or it close/cancel the SARF immediately.
- Training is required for all EPIC access (including View Only)
- New accounts without sufficient training will be created and blocked for access until training is completed.
- Request for existing accounts requesting change of EPIC access, must have all training completed within 14 working days of submission or the request will be closed/canceled.
- Training requirements are also available on the EPIC Support page of hospital intranet.
- EPIC is always accessed either through the Citrix Clinical Desktop, or a “light” version of EPIC can be accessed through the EPIC Haiku and EPIC Canto apps on mobile devices.
EPIC Remote Access
- Using EPIC when not on-site at the hospital or University campus requires EPIC Remote Access and a different SARF is required to explicitly request this, though some clinical roles such MD’s and APN’s may be granted EPIC Remote Access by default when they are granted EPIC Access initially.
EPIC HAIKU and Canto
- EPIC Haiku and Canto access must be explicitly requested via SARF for any non-physician.
- Additional information (including Haiku and Canto setup) can be found on the UCM Intranet Home page
Email Setup for Mobile Devices
Please follow the directions found on our Email Client Setup page (https://voices.uchicago.edu/ucmitservicedesk/email/) and/or use the below tipsheets to access your email on your mobile device.
- Configuring UCM email on an Android Mobile Device (such as a Google, Samsung, LG, or Motorola smartphone)
- Configuring UCM email on an Apple Mobile Device (such as an iPhone or iPad)
Please Note: you can also always access your UCM email via the UCM Outlook Web App (https://mail.uchospitals.edu) and in Microsoft Outlook via the Citrix Clinical Desktop (https://webapps.uchospitals.edu) (see instructions above for accessing Citrix-based apps.)
A Virtual Private Network (“VPN”) allows you to create a secure connection to another network over the Internet – or in other words, it allows your computer at home to connect to websites, servers, and drives or file shares protected within the University’s network. All VPN services also require 2FA. The Cisco Anyconnect Secure Mobility VPN software is the same for University, BSD, and UCM, but each is accessed by different means.
For UCM and Clinical staff
- Access is requested via a VPN System Access Request Form
- Installing Cisco AnyConnect Secure Mobility VPN Client on Windows 10
- Installing Cisco AnyConnect Secure Mobility VPN Client on MacOS
For University and BSD Staff
- Here’s some basic FAQs on VPN, including who can access it and the necessary operating system a computer must be running on
- Installing Cisco AnyConnect Secure Mobility VPN Client on MacOS and Connect to VPN
- Installing Cisco AnyConnect Secure Mobility VPN Client on Windows 10 and Connect to VPN