Tag Archives: 201701

Securing the Internet of Things

iot-graphic-news-smDo you own an internet-connected device other than your phone and computer? Most of us do, whether it’s a smartwatch, fitness tracker, baby monitor, or even your car. In fact, researchers predict there will be more than 20 billion internet-connected devices in use by 2020.

These connected devices make our lives easier and can provide peace of mind. Knowing that you did in fact turn off the oven or that your cat is doing just fine while you’re on vacation is nice. But what if someone else was able to view and record video of your home or steal personal data from your Fitbit?

These are the dangers of new technology being a step or two ahead of information security. We get frequent reminders to change passwords and keep antivirus software up-to-date, but we don’t hear much about securing other types of devices. These products, which collectively are referred to as the Internet of Things (IoT), are vulnerable to the same attacks that threaten our computers and mobile devices.

Last October, there was a widespread outage of major websites, including Netflix, Twitter, and Spotify. The outage lasted for hours and was the result of a distributed denial-of-service attack (DDoS). These types of attacks involve sending a flood of traffic to a website in order to overwhelm its resources. Often, this traffic is generated by using large numbers of computers infected with malware to help attack a website. DDoS attacks have long been a popular tool among cyber criminals, but this one had a relatively new wrinkle—many of the devices involved were security cameras and other internet-connected devices.

Ensuring the security of internet-connected devices is a major concern. While your DVR probably wasn’t involved in this recent attack, that doesn’t mean that it—and other devices in your home—aren’t vulnerable to attacks. Large-scale efforts are underway in both the government and private sectors to improve security for IoT devices and getting it right is critically important as threats continue to evolve.

While this work is ongoing, there are several steps you can take right now to secure your devices:

  • The easiest is to ensure that your home network is secure by creating a strong WiFi password and enabling your router’s firewall. Check with your internet service provider for how-to guides to getting this done.
  • Another important step is to keep your devices and home network equipment up-to-date. Periodically check for updates to your devices and don’t ignore alerts or notifications from device manufacturers requesting that you run an update.
  • Lastly, decide what devices actually need to be connected to the internet. Consider the advantages of connecting and assess whether it’s worth the risk. You probably want to be able to check your home security system from your phone, but it’s very likely that a toaster oven can do its job without being online.

Introducing the Starfish Student Advising System

This spring, Simmons Technology, Undergraduate Advising, Student Life, and the Registrar’s Office are working to launch a new centralized platform for Student Advising—Starfish. Starfish is an Integrated Planning & Advising System (IPAS) that will make it more convenient for students to access support resources, manage advising appointments, and respond to advising “to-dos.”

Starfish will also enable faculty and student support staff to access records in one consolidated location, direct students to resources, access photo rosters, and communicate more easily between offices. Using a single system means more effective referrals and timelier outreach to students. In addition, it will help the College to continually improve programming centered on advising. This is a long-needed system that will greatly improve our ability to support students in meeting their educational goals.

At first, this software will be available for Undergraduate students and our Online Social Work and Online Nursing programs. Once launched, we will begin to expand into other disciplines. We are hard at work configuring this software and creating the policies and procedures to make its launch possible. To learn more about the project and its goals, please visit our project web site.

Reminder: Mandatory Password Change

securing-the-human-newsSimmons is a frequent target of phishing attacks, in which criminals attempt to obtain personal information, gain access to your email account, or compromise your computer. Links in phishing emails may take you to websites that look very much like services you use, and attachments in phishing emails are a prime source of viruses and malware.

To help protect everyone at the College, Simmons Technology is requiring you to change your password as soon as possible. If you have already changed your password after receiving Information Security Officer David Bruce’s email on Jan 10, you don’t need to take any further action. Instructions for changing your password can be found on the Simmons College Service Desk website by clicking on the red “Change your password” banner at the top of the home page.

We also encourage you to be vigilant when using other web-based services. If you receive suspicious emails or account-related requests, contact the service provider directly for assistance.

If you believe you have fallen prey to a phishing attack, or have any questions about keeping your information secure, please call the Service Desk at 617-521-2222.

Computer Replacements Moving Forward Across Campus

comp-upgrade-newsAs we begin the spring semester, we want to share our progress on the computer replacement project.

Before the winter break, we proceeded with our pilot program in Technology, the Library, and the Department of Political Science & International Relations. This successful small-scale rollout helped us to refine our process and improve our prospects for a smooth rollout to the rest of the College.

During November and December, the project team met with each department on campus to determine their academic and business computing needs, and to answer questions about the project. We also used this opportunity to finalize a list of employees with computers that are eligible for replacement and to create a tentative timeline for each department.

From now until June 2017, our team will proceed with computer replacements based on the planning we’ve done with each department. If you have questions about the project or your eligibility to receive a new computer, please contact the Service Desk.