Today, February 6, 2018, is Safer Internet Day (SID), a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year’s SID theme—Create, Connect and Share Respect: A better Internet starts with you—encourages everyone to play their part in creating a better, safer, and more secure Internet.
On Tuesday, October 17th, and Thursday, October 19th, from 11a.m.-1p.m. each day, Marshall University’s Information Technology (IT) division will be hosting the Hackers for Charity student group for a National Cyber Security Awareness Month (NCSAM) table in the lobby of the first floor of the Drinko Library and Information Center. These students will share practical tips on how to improve your personal information security and avoid online threats.
As technology continues to become a large part of our professional and personal lives, it is important to be educated in how to keep private information secure. We are eager to share with you the resources Marshall University has to not only provide information on the importance of cybersecurity but demonstrate the steps you can take to become more cyber secure in your everyday life. Additional information regarding weekly topics and resources can be found at www.marshall.edu/it/ncscam/topics
For the month of October, MUIT’s Instagram and Twitter will be posting weekly tips on cybersecurity, follow the hashtag #CyberAware and follow us @MarshallU_IT.
For more information about NCSAM, visit www.staysafeonline.org/ncsam.
Marshall University Information Technology Contact: Crystal Stewart
-Kristin Salustro, MUIT Marketing Intern
The Marshall University Information Technology (IT) department is participating in National Cyber Security Awareness Month (NCSAM) to raise awareness of Cyber Security issues. Throughout the month of October, Marshall IT will be sharing information from the national campaign on Twitter, their website and through newsletter articles.
“This is the fifth year in which Marshall IT has participated in national cyber security awareness events,” said Jon Cutler, chief information security officer. “This is another opportunity for our team to share practical advice on information security with our campus community. We know many folks are concerned about online threats. So now we share information about how they can protect not only themselves but also the campus against cyber-criminal activity. We believe you will find each of the weekly topics to be helpful and welcome any feedback in how those messages can be improved.”
National Cyber Security Awareness Month began 14 years ago as a collaborative effort between government and industry to ensure every American has the resources they need to stay safe and secure online. NCSAM is celebrated across the country each October under the leadership of the U.S. Department of Homeland Security and the National Cyber Security Alliance.
Different cybersecurity issues will be addressed each week including basic online safety and security, workplace cybersecurity, recognizing and combating cybercrime, our continuously connected lives and what to do if you are a victim of cyber-crime.
“We know the Marshall campus community has a lot of questions about cyber security. Use of technology is a part of our everyday lives – both professionally and personally,” Cutler said. “Are you concerned when hearing reports in the news of yet another hacker security breach? Does the growing number of smart-devices in our lives put us and others at risk? Participation in National Cyber Security Month provides another opportunity to share a wide variety of resources which will help us gain a better understanding of online security issues and provides some simple steps you can take to protect yourself.”
For more information about NCSAM, visit www.staysafeonline.org/ncsam. You are also invited to follow and use the hashtag #CyberAware on Twitter throughout the month of October.
Computer Security Advisory for All University Faculty & Staff E-mail Recipients
Starting last Friday (5/13/2017) computer security researchers and news media began sharing information about a new computer security attack called ‘WannaCry’. This attack is another variation of malicious software referred to as ‘ransomware’. When a computer becomes infected with ransomware, this malicious code attempts to encrypt (scramble and password-protect) as many data files as it can find available. This occurs not only to the local computer but also to any attached drives and network shares to which your user account has write access. This tactic is called ransomware because the only way to regain access to those encrypted files is to pay a fee – a ransom often starting at $300 and up – to the criminals. If the victim does not pay, then the only other recovery method is to restore the files from a secure backup location.
There have been no major outbreaks reported on the University campus network nor detected by campus network security services. We attribute this in part to faculty and staff cooperation with regular computer software updates, increased information security awareness, and not being heavily targeted (yet) by computer criminals.
If you are responsible for software updates whether on your personally-owned computer, a University-owned computer or a group of your department’s computers, we ask that you take a moment to review the following guidance.
How can you minimize risk to University- and personally-owned computers?
We trust that the following guidance should sound familiar when we remind you that the best defense is to already be following computer security best-practices:
- Is Your Software Updated and Supported? – Be sure all of your computers – whether located on-campus or off-campus – are running the latest supported operating system, security and application software appropriate for your academic or business unit. This is not simply so we can say we run the ‘latest-and-greatest’. Rather software authors focus their efforts on their latest products so they will include the latest security features as well as fix known-security bugs. For a PC: we strongly suggest Microsoft Windows 10 ver 1607 and later and Symantec Endpoint Protection v. 14. Windows XP, Windows Vista and Windows 8.0 are no longer supported; For a Mac: you should be at Mac OS 10.12.x and Symantec Endpoint Protection for Mac v. 14. Mac OS prior to 10.10 (Yosemite) is no longer supported. Marshall University Information Technology provides the above recommendations. Please consult with your campus IT Support team for configurations supported by the MU School of Medicine and Marshall Health.
- Are you Patched? – Be sure all of your computers – whether located on-campus or off-campus – are configured to automatically receive and apply security updates when they are released. For a PC: Use Windows Update and make sure both Critical and Important Updates are applied. For a Mac: Go to your Apple menu click ‘About this Mac…’ and then ‘Software Updates’ or open the App Store and click on the ‘Updates’ icon.
- Is Your Important University and Personal Data Backed-up? – Take steps now to have a backup copy of important documents and data. For items which are essential to University or Department operations, these should be saved to a secure location (such as a campus-managed fileserver) which has a regularly scheduled backup. For personal items, use of an external hard drive or high-capacity thumb-drive which can be attached for backup then promptly disconnected, is highly recommended. Remember, ransomware will attempt to encrypt any and all data files which you have write access. Recovery is limited to those items which were inaccessible by the user (campus-managed backups) or were offline (disconnected hard drive or thumb-drive) at the point of infection.
- Are You Being Cautious with E-mail and Websites? – Always exercise suspicion for unsolicited e-mail and unfamiliar web sites, particularly those which urge you to ‘open this attached file’ or ‘click this web page link’ for some urgent action. Many of us work in areas where we do receive unsolicited documents and in those cases, ask a trusted colleague or an IT support resources for a second opinion before opening the message. A mobile device may be used in cases where you want to preview the file, but understand that the malicious payload may only be designed to affect a desktop or laptop computer. This allows you to delete the file or entire message before ever attempting to preview/open it on the computer.
- Report Suspicious Computer Behavior, Alerts, or E-mail Messages – We understand that it is difficult for everyone to stay up-to-date and how they should respond to an ongoing stream of important computer security issues. You can assist by reporting unexpected or suspicious activity to computers located to your closest campus Information Technology Support or IT Information Security professional.Please reach out to one of the following IT Service Desk or IT Service Provider contacts:
Marshall University Information Technology provides access to Lynda Campus for ALL students, faculty and staff. This service provides the university community with quick and easy access to the extensive online library of Lynda.com.
This training library includes in-depth training on a variety of essential computer skills including the basics and advanced features for Microsoft Windows 10 and Apple Mac OS X as well as all of the core productivity tools of Microsoft Office, WordPress, SharePoint, Adobe Acrobat DC, Photoshop, Illustrator and more.
To take advantage of this free training, visit Lynda.marshall.edu and sign in using your MUNet Account username and password. This can be accessed both on and off-campus.
Benefits to using lynda.com include:
- Unlimited access to courses on a wide variety of technologies and disciplines
- Up-to-date content to keep skills current and to learn new skills
- New courses added every week
- Tutorials taught by recognized industry experts
- Access to instructors’ exercise files to follow along as you learn
- Closed captioning and searchable, time-coded transcripts
- Beginner to advanced courses
- The option to watch complete courses or bite-size videos as you need them
More information on NCSAM at Marshall University can be found at www.marshall.edu/it/ncsam2016/
Contact the IT Service Desk, located on the first floor in the Drinko Library, e-mail firstname.lastname@example.org call 304-696-3200.L