October’s Technology Newsletter is dedicated to National Cybersecurity Awareness Month!
Information Security is a collective effort. It is up to each of us to do our part to ensure the safety and security of University and community members’ data.
DO YOUR PART. #BECYBERSMART
According to data breach statistics from 2019…
Account Icon made by monkik from www.flaticon.com
Change Your Passwords.
Use complex passwords and don’t reuse passwords between your accounts! Turn-on multi-factor authentication whenever possible
Think Twice About Sharing Information.
Receive a suspicious phone call from “Tech Support”?
Your supervisor asking you to buy a gift-card because it’s an “emergency”? Never send sensitive information to people over email. No one should be asking for your password.
Beware of Links.
Check that website address before clicking the link, and don’t download attachments that you weren’t expecting. This includes links from text messages. If it looks odd, don’t click it.
Keep up-to-date; Install antivirus
Do not put-off updating those apps, especially on your phone. There could be important security updates that you are missing! Also remember to install antivirus on your own computer and keep it up to date.
Delete or unsubscribe from unused applications or subscriptions.
If you aren’t using that app, it’s probably outdated. Consider getting rid of it! Unsubscribe from mailing lists or cancel unused application subscriptions to reduce the clutter and minimize your risk profile.
See Something Say Something.
If something doesn’t look right, report it!
Secure Icon made by Alfredo Hernandez from www.flaticon.com
Be mindful of the data that you collect and be careful where you save that sensitive information! Simmons grades data on a 4-point scale based on it’s risk.
Restricted is our the MOST SENSITIVE type of data and consists of:
AND
Refer to the Simmons Data Classification Policy on the proper ways to store and transmit sensitive files. Regularly review who has access to your data and clean-up your authorized apps list. Avoid the temptation to download and work on sensitive documents on your personal devices.
Secure Icon made by Alfredo Hernandez from www.flaticon.com
What is Social Engineering?
Social engineering is a type of cyberattack that uses psychological manipulation to convince victims into performing actions or disclosing information.
Beware of Imposters!
An attacker may pretend to be someone else, either by phone, in-person, or via email, in order to solicit financial or personal details, or to ask that you take some action, such as completing a financial transaction or providing remote access to a computer.
It is common for attackers to impersonate tech support, charitable organizations, government agencies, banks/financial institutions, even your friends/family/coworkers!
Remember, the “From:” in an email is just like a return address on a postcard and can be forged. Be wary of interactions from people you think you know asking for gift-cards, passwords, or other personal information. Also, be wary of any free offers, if it’s too good to be true, it probably is!
Unprecedented times…
Fraudulent activity is up 600% since COVID-19!
Phishing Icon made by Smashicons from www.flaticon.com
To report a Cybersecurity Incident, please contact:
Simmons Technology ServiceDesk
[email protected]
For more information about Information Security at Simmons including consultation on alignment of business processes with our Information Security policies please contact:
Richard Phung
Information Security Analyst
[email protected]
References
https://www.cisa.gov/national-cyber-security-awareness-month
https://enterprise.verizon.com/resources/reports/dbir/
https://www.ibm.com/security/data-breach
https://www.varonis.com/2019-data-risk-report/