Be mindful of the data that you collect and be careful where you save that sensitive information!  Simmons grades data on a 4-point scale based on it’s risk.

Restricted is our the MOST SENSITIVE type of data and consists of:

• Name, Address, Telephone

AND

• Social security number or taxpayer ID
• Financial account, credit or debit card
• Financial/salary data
• Driver’s license number
• Date of birth
• Medical or health information (e.g. HIPAA)

Refer to the Simmons Data Classification Policy on the proper ways to store and transmit sensitive files.  Regularly review who has access to your data and clean-up your authorized apps list.   Avoid the temptation to download and work on sensitive documents on your personal devices.

Secure Icon made by Alfredo Hernandez from www.flaticon.com

What is Social Engineering?
Social engineering is a type of cyberattack that uses psychological manipulation to convince victims into performing actions or disclosing information.

Beware of Imposters!
An attacker may pretend to be someone else, either by phone, in-person, or via email, in order to solicit financial or personal details, or to ask that you take some action, such as completing a financial transaction or providing remote access to a computer.

It is common for attackers to impersonate tech support, charitable organizations, government agencies, banks/financial institutions, even your friends/family/coworkers!

Remember, the “From:” in an email is just like a return address on a postcard and can be forged. Be wary of interactions from people you think you know asking for gift-cards, passwords, or other personal information.  Also, be wary of any free offers, if it’s too good to be true, it probably is!

Unprecedented times…
Fraudulent activity is up 600% since COVID-19!

Phishing Icon made by Smashicons from www.flaticon.com

To report a Cybersecurity Incident, please contact:

Simmons Technology ServiceDesk
[email protected]

For more information about Information Security at Simmons including consultation on alignment of business processes with our Information Security policies please contact:

Richard Phung
Information Security Analyst
[email protected]

References
https://www.cisa.gov/national-cyber-security-awareness-month
https://enterprise.verizon.com/resources/reports/dbir/
https://www.ibm.com/security/data-breach
https://www.varonis.com/2019-data-risk-report/