Stand Up to Cyberbullying

Today is International Stand Up to Bullying Day, a special semi-annual event in which participants wear and use pink to take a visible, public stance against bullying.

Stand up to bullying and show your support for your fellow members of the Pride, by using this pink Zoom background for your next class or meeting. The background has been added to Widener’s default Zoom backgrounds and available to select when choosing a virtual background. Don’t see it?  Sign out of Zoom and then sign back in with the SSO option.

Cyberbullying vs. bullying

Cyberbullying is the “willful and repeated harm inflicted through the use of computers, cell phones, and other electronic devices” (from cyberbullying.org).  These elements include the following:

        • Willful: The behavior has to be deliberate.
        • Repeated: Bullying reflects a pattern of behavior, not just one isolated incident.
        • Harm: The target must perceive that harm was inflicted.
        • Computers, cell phones, and other electronic devices: This, of course, is what differentiates cyberbullying from traditional bullying
Anonymity, Distance, and Scope

While often similar in terms of form and technique, the three main differences can make cyberbullying even more devastating: anonymity, distance, and scope.

Because they don’t need to physically confront their victim, the aggressor can hide behind an anonymous username and their target might never know the source of their torment. This anonymity can also embolden those who would never dream of bullying someone in real life.  While acting from a physically distant location, the aggressor doesn’t have to see the immediate effects of their actions. Anonymity and distance allow cyberbullies to be crueler than they ever would be in person.

The scope of cyberbullying and the ability for those hurtful actions to go viral means that a large number of people can participate in the victimization. Technology’s global reach provides a limitless pool of potential targets, aggressors, and witnesses/bystanders.  Victims cannot escape the eyes of their virtual audience, which amplifies their feelings of helplessness and despair.

Why Pink?

The color pink is used in connection with the original campaign started by Travis Price and David Shepherd, two students who took a stand for a fellow student who was bullied for wearing a pink shirt to school.

“David Shepherd, Travis Price and their teenage friends organized a high-school protest to wear pink in sympathy with a Grade 9 boy who was being bullied [for wearing a pink shirt]…[They] took a stand against bullying when they protested against the harassment of a new Grade 9 student by distributing pink T-shirts to all the boys in their school. ‘I learned that two people can come up with an idea, run with it, and it can do wonders,’ says Mr. Price, 17, who organized the pink protest. ‘Finally, someone stood up for a weaker kid.’ So Mr. Shepherd and some other headed off to a discount store and bought 50 pink tank tops. They sent out message to schoolmates that night, and the next morning they hauled the shirts to school in a plastic bag. As they stood in the foyer handing out the shirts, the bullied boy walked in. His face spoke volumes. ‘It looked like a huge weight was lifted off his shoulders,’ Mr. Price recalled. The bullies were never heard from again.”

— Globe & Mail

We’re all Widener

At Widener, the safety & well-being of our community is a top priority. If you have experienced or witnessed bullying, or other forms of discrimination or harassment, there are resources here to help:

Report It
Campus Safety
Counseling & Psychological Services (CAPS)
Student Success & Support

 

Cybersecurity Awareness

More tips for National Cybersecurity Awareness Month – Own IT!

Internet-based devices are everywhere in our lives: at home, school, work and on the go. An “always-on” network gives us ways to create, connect, and share, but also presents opportunities for cybersecurity threats that can compromise our most sensitive personal information.

This week we look at some of the ways to help keep us and our information safe. Here are the key messages to “Own IT.”

Never Click and Tell: staying safe on social media

Share With Care – remember that what you post – if you let it – goes to the whole world.

  • What you post can last a lifetime: Before posting online, think about what others might learn about you and who might see it in the future – teachers, parents, colleges and potential employers. Share the best of yourself online.
  • Be aware of what’s being shared: Be aware that when you post a picture or video online, you may also be sharing information about others or personal details about yourself like where you live, go to school or hang out.
  • Post only about others as you would like to have them post about you: The golden rule applies online as well. Ask permission before you tag a friend in a photo.
  • Own your online presence: It’s OK to limit who can see your information and what you share. Learn about and use privacy and security settings on your favorite online games, apps and platforms.

Keep Tabs on Your Apps: best practices for apps on your devices

  • Always lock your phone! If your phone gets lost or stolen, the first line of defense is a good lock.  Whether that’s a few numbers, a swipe pattern, or your fingerprint, always put something between your data and someone trying to get to it – and set it to auto-lock when you put it down.
  • Think twice if an app wants permission to use personal information (like your location) it doesn’t need before you say “OK.”
  • Pay attention to how much access the app wants – does it want access to your camera?  To your contacts list?  To your file system?  If so, why?  Does a game really need your camera or access to the people you know?  Make sure the app has a good reason for asking.
  • Always use approved app stores for your apps.  It’s not perfect, but apps from Apple and Google get checked for scams, viruses, malware far more  than anywhere else.

Update Privacy Settings on your phone and on social

Mobile devices – including smartphones, laptops and wearables – are always within reach everywhere we go, and they share a lot of information about us and our habits.  Check this link out to learn how to update your privacy settings on your phone and on the most popular online services to keep better control of your info: Managing Your Privacy

Our devices are a part of our lives, and it’s up to us to use them safely.  If you ever have a question about any computer or device, please call the Helpdesk at x1047, or email at helpdesk@widener.edu.  If you get a phishing or questionable email, please forward it to phish@widener.edu.

 


Study the NCSAM Guide for additional info on this and more cybersecurity concepts.

Who is Cortana and Why Am I Receiving “Your Daily Briefing” Emails?

Summary: Office 365 users recently began receiving daily Cortana emails. In this article we will explain what these email are, what Cortana can do, and how you can disable it if you choose to.

Who is Cortana?

Cortana is Microsoft’s Artificial Intelligence (AI), promoting it as a personal productivity assistant to help you save time and focus on what matters most. Cortana powers their entire secure cloud, which includes Office 365. Cortana is voice activated.

Why is Cortana Emailing Me?

Your Daily Briefing email is sent to help you stay in control of your calendar and be more intentional with your day. Cortana learns when you get to work and will send the email based upon what it predicts is the start of your work day.

What can Cortana do for me?

Cortana can be found by clicking start and typing “Cortana”, it will ask you to login using your email account. Some of the things that Cortana can do for you:

      • Join a meeting in Microsoft Teams or find out who your next meeting is with
      • Manage your calendar and keep your schedule up to date
      • Create and Manage Lists
      • Set reminders and alarms
      • Open apps on your computer

Not receiving Cortana Emails?

Cortana is data driven, the more data it has the better to predict your needs. If you are not receiving the Daily Briefing emails, not to worry, Cortana just doesn’t have enough data to send them. You may also not be subscribed.

How can I unsubscribe, subscribe or find out if my Cortana is active?

If you do not want to receive Cortana emails, look in the footer of the Daily Briefing email, there you will find an “unsubscribe” button.

To verify if your Cortana is active or to change your subscription. While logged into your Office 365 account, you can go to https://cortana.office.com and change your subscription at any time. 

If you would like to learn more about what Cortana can do for you, please visit the Cortana LinkedIn Learning playlist. You can also search in LinkedIn Learning to find more in-depth tutorials.

macOS Big Sur Announcement

Big Sur Horizon image
macOS Big Sur releases on November 12, 2020

Apple announced they will release macOS Big Sur (11.0.1) today.  As with most new OS releases, we strongly recommend that you wait and not upgrade your University-owned Mac.  Information Technology Services cannot yet support Big Sur on University-owned Macs until it has been sufficiently tested.  Additionally, waiting until the first set of OS updates are released (ex. 11.0.2 or 11.0.3) allows Apple to fix initial stability problems and bugs before the OS even makes it to your machine.  This is a good general rule, even for personal devices.

Why not macOS 10.16?

Big Sur is such a significant OS update, that Apple has moved its versioning number from 10 to 11.  This is the first major versioning number change in almost twenty years!  The big deal is in the hardware changes coming and the new architecture needed to support it.

Apple Silicon chip image
* Apple Silicon doesn’t refer to a specific chipset or processor, but to the company’s custom silicon as a whole.
** ARM is a type of processor that has been powering portable devices for decades. It is the dominant architecture for mobile, with iPads and iPhones using it exclusively.

Big Sur was built for the M1 processor, the first in a new series of Apple Silicon* chips that begin their migration away from Intel processors.  Apple has planned to support their Intel Macs for the next few years, but they have made it clear that custom ARM** processors are their future by paving the way with macOS Big Sur.  Big Sur is optimized for this new system architecture, visibly shrinking the gap between iOS and macOS with its iOS-like icons, widgets, menu bar, and control center.

These are big changes, amplifying our concerns about upgrading before the first round of updates are released and we have had an opportunity to conduct testing and research.  The key areas usually affected during an OS upgrade are software, peripherals, and services, which can behave unexpectedly or stop working altogether.  While many are still working from home and connecting to a wider array of devices (home printers, scanners, etc.), the possibility of experiencing those incompatibility issues increases.

Software Compatibility

Microsoft Office, Zoom, VPN, Adobe software, VLab (Citrix), and SPSS are just some of the applications that ITS needs to test with the new OS. If you have software that you installed on your Mac (not provided or installed by ITS), you should check for compatibility with Big Sur to see if it will still work after upgrading.

If you are a student using ExamSoft’s Examplify, be sure to check with your instructors before upgrading.

Drivers for the docks/port replicators you may have with your MacBook Pro will also need to be updated.  Second monitors, hardwired internet (Ethernet), and even the charging function may not work until the drivers for the dock are updated.

Network printing, local printers, and other peripherals may also be affected.  These may require updated drivers or software to work with Big Sur.

It’s a 64-bit Only World

The previous macOS, Catalina (10.15), dropped support for 32-bit applications. They just won’t run after that version of macOS. This means if you’re going from Mojave (or an older macOS) to Big Sur, you’ll experience this for the first time.  Mojave (10.14) is the last version of macOS that can run 32-bit apps. It isn’t easy to immediately see which apps are 32-bit and which are 64-bit; even some 64-bit software may not be compatible with the new OS.

But you may have already been alerted to your 32-bit applications and not even realized it!

Mojave and High Sierra alert: App is not optimized for your Mac and needs to be updated
Alerts in macOS Mojave and macOS High Sierra for 32-bit applications.

When you open a 32-bit app in macOS Mojave or macOS High Sierra, you receive an alert that the app is “not optimized” for your Mac and needs to be updated.  If you remember seeing this kind of message window when you opened a particular program, it’s a 32-bit application.

We recommend that you take note of any mission-critical software.  If you are unsure your software will run in the new OS because it might be 32-bit, you can check for 32-bit apps on your system.  This will give you some time to decide if you can update that software for Big Sur when the time comes, or if you need to find an alternative for that application.

Undoing a Hasty macOS Upgrade

There’s no easy way to undo the upgrade or simply roll it back. Reverting from Big Sur to a previous version of macOS is an inconvenient process.  At best, this would require taking your computer, erasing your hard drive, reimaging it, reinstall software, and restoring your data and/or reconnecting your OneDrive. Alternatively, it could require restoring your computer to its original factory settings. Of course, this means you won’t be able to use your computer while this is being done.  This can be especially cumbersome now with the pandemic and working remotely.

Once we are confident that Big Sur will work well in our environment, ITS staff will be happy to assist with a safe and workable upgrade process for our faculty and staff.

Cybersecurity Month wraps up

Protect IT! Final tips for keeping your data safe

It’s essential to take proactive measures to enhance cybersecurity at home, on campus, at work, and when you’re out and about. In previous weeks, we addressed how to best own and secure your personal information. Now, we need to safeguard all of that invaluable data.

If You Connect, You Must Protect

Turn on automatic updates, if you can, and protect your devices with antivirus software.

Stay Protected While Connected

Before you connect to any public wireless hotspot – like at an airport, hotel, coffee shop or café – confirm the name of the network and exact login procedures with appropriate staff. Avoid sensitive activities (e.g., banking) that require passwords or credit cards.  If you just can’t avoid it, try to use a VPN (Virtual Private Network) connection, whether it’s provided by your employer or one you pay monthly for yourself.

If You Collect It, Protect It

If you’re involved in collecting data for or about people, it’s important that you treat it with care. It is vital that organizations of all sizes take measures to keep customer/consumer data and information safe.

 

Thanks for reading!  As always, if you ever have a question about any computer or device, please call the Helpdesk at x1047, or email at helpdesk@widener.edu.  If you get a phishing or questionable email, please forward it to phish@widener.edu.
 


 
Study the NCSAM Guide for additional info on this and more cybersecurity concepts.

PHISHING : Cybersecurity Awareness

PHISHING

Phishing attacks use email or malicious websites to infect your machine with malware and viruses in order to collect personal and financial information. Cybercriminals attempt to lure users to click on a link or open an attachment that infects their computers, creating vulnerability to attacks. Phishing emails may appear to come from a real financial institution, ecommerce site, government agency, or any other service, business, or individual. The email may also request personal information such as account numbers, passwords, or Social Security numbers. When users respond with the information or click on a link, attackers use it to access users’ accounts

HOW CRIMINALS LURE YOU IN

Creating a strong password is easier than you think. Follow these simple tips to shake up your password protocol:

SIMPLE TIPS:

Play hard to get with strangers. Links in email and online posts are often the way cybercriminals compromise your computer. If you’re unsure who an email is from—even if the details appear accurate—do not respond, and do not click on any links or attachments found in that email. Be cautious of generic greetings such as “Hello Bank Customer,” as these are often signs of phishing attempts. If you are concerned about the legitimacy of an email, call the company directly.

• Think before you act. Be wary of communications that implore you to act immediately. Many phishing emails attempt to create a sense of urgency, causing the recipient to fear their account or information is in jeopardy. If you receive a suspicious email that appears to be from someone you know, reach out to that person directly on a separate secure platform. If the email comes from an organization but still looks “phishy,” reach out to them via customer service to verify the communication.

• Protect your personal information. If people contacting you have key details from your life—your job title, multiple email addresses, full name, and more that you may have published online somewhere—they can attempt a direct spear-phishing attack on you. Cyber criminals can also use social engineering with these details to try to manipulate you into skipping normal security protocols.

• Be wary of hyperlinks. Avoid clicking on hyperlinks in emails and hover over links to verify authenticity. Also ensure that URLs begin with “https.” The “s” indicates encryption is enabled to protect users’ information.

• Double your login protection. Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring. Read the Multi-Factor Authentication (MFA) How-to-Guide for more information.

• Shake up your password protocol. According to NIST guidance, you should consider using the longest password or passphrase permissible. Get creative and customize your standard password for different sites, which can prevent cyber criminals from gaining access to these accounts and protect you in the event of a breach. Use password managers to generate and remember different, complex passwords for each of your accounts. Read the Creating a Password Tip Sheet for more information.

• Install and update anti-virus software. Make sure all of your computers, Internet of Things devices, phones, and tablets are equipped with regularly updated antivirus software, firewalls, email filters, and anti-spyware.
 

For more information on ways you can safeguard your information, visit the National Security Agency’s Cybersecurity
Information page.

Creating a Password : Cybersecurity Awareness Month

CREATING A PASSWORD

Creating a strong password is an essential step to protecting yourself online. Using long and complex passwords is one of the easiest ways to defend yourself from cybercrime. No citizen is immune to cyber risk, but #BeCyberSmart and you can minimize your chances of an incident.

SIMPLE TIPS:

Creating a strong password is easier than you think. Follow these simple tips to shake up your password protocol:

• Use a long passphrase. According to NIST guidance, you should consider using the longest password or passphrase permissible. For example, you can use a passphrase such as a news headline or even the title of the last book you read. Then add in some punctuation and capitalization.

• Don’t make passwords easy to guess. Do not include personal information in your password such as your name or pets’ names. This information is often easy to find on social media, making it easier for cybercriminals to hack your accounts.

• Avoid using common words in your passwords. Substitute letters with numbers and punctuation marks or symbols. For example, @ can replace the letter “A” and an exclamation point (!) can replace the letters “I” or “L.”

• Get creative. Use phonetic replacements, such as “PH” instead of “F”. Or make deliberate, but obvious misspellings, such as “enjin” instead of “engine.”

• Keep your passwords on the down-low. Don’t tell anyone your passwords and watch for attackers trying to trick you into revealing your passwords through email or calls. Every time you share or reuse a password, it chips away at your security by opening up more avenues in which it could be misused or stolen.

• Unique account, unique password. Having different passwords for various accounts helps prevent cyber criminals from gaining access to these accounts and protect you in the event of a breach. It’s important to mix things up—find easy-to remember ways to customize your standard password for different sites.

• Double your login protection. Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring. Read the Multi-Factor Authentication (MFA) How-to-Guide for more information.

• Utilize a password manager to remember all your long passwords. The most secure way to store all of your unique passwords is by using a password manager. With just one master password, a computer can generate and retrieve passwords for every account that you have – protecting your online information, including credit card numbers and their three-digit Card Verification Value (CVV) codes, answers
to security questions, and more.

Cybersecurity While Traveling : Cybersecurity Month

CYBERSECURITY
WHILE TRAVELING

In a world where we are constantly connected, cybersecurity cannot be limited to the home or office. When you’re traveling— whether domestic or international—it is always important to practice safe online behavior and take proactive steps to secure Internet-enabled devices. The more we travel, the more we are at risk for cyberattacks. #BeCyberSmart and use these tips to connect with confidence while on the go.

Simple Tips: (Before You Go)

  • If You Connect IT, Protect IT. Whether it’s your computer, smartphone, game device, or other network devices, the best defense against viruses and malware is to update to the latest security software, web browser, and operating systems. Sign up for automatic updates, if you can, and protect your devices with anti-virus software. Read the Phishing Tip Sheet for more information.
  • Back up your information. Back up your contacts, financial data, photos, videos, and other mobile device data to another device or cloud service in case your device is compromised and you have to reset it to factory settings.
  • Connect only with people you trust. While some social networks might seem safer for connecting because of the limited personal information shared through them, keep your connections to people you know and trust.
  • Keep up to date. Keep your software updated to the latest version available. Maintain your security settings to keeping your information safe by turning on automatic updates so you don’t have to think about it and set your security software to run regular scans.
  • Double your login protection. Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any other service that requires logging in. If MFA is an option, enable it by using a trusted mobile device, such as your smartphone, an authenticator app, or a secure token—a small physical device that can hook onto your key ring. Read the Multi-Factor Authentication (MFA) How-to-Guide for more information.

Simple Tips: (During Your Trip)

  • Stop auto connecting. Some devices will automatically seek and connect to available wireless networks or Bluetooth devices. This instant connection opens the door for cyber criminals to remotely access your devices. Disable these features so that you actively choose when to connect to a safe network.
  • Stay protected while connected. Before you connect to any public wireless hotspot—such as at an airport, hotel, or café—be sure to confirm the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate. If you do use an unsecured public access point, practice good Internet hygiene by avoiding sensitive activities (e.g., banking) that require passwords or credit cards. Your personal hotspot is often a safer alternative to free Wi-Fi. Only use sites that begin with “https://” when online shopping or banking

Study the NCSAM Guide for additional info on this and more cybersecurity concepts.

 

Cyber Secure At Work : Cybersecurity Month

5 WAYS TO BE CYBER SECURE AT WORK

Businesses face significant financial loss when a cyber attack occurs. In 2019, the U.S. business sector had 17% increase in data breaches: 1,473 breaches. § Cybercriminals often rely on human error—employees failing to install software patches or clicking on malicious links—to gain access to systems. From the top leadership to the newest employee, cybersecurity requires the vigilance of everyone to keep data, customers, and capital safe and secure. #BeCyberSmart to connect with confidence and support a culture of cybersecurity at your organization.

Simple Tips:

      • 1) Treat business information as personal information. Business information typically includes a mix of personal and proprietary data. While you may think of trade secrets and company credit accounts, it also includes employee personally identifiable information (PII) through tax forms and payroll accounts. Do not share PII with unknown parties or over unsecured networks.

     

      • 2) Don’t make passwords easy to guess. As “smart” or data-driven technology evolves, it is important to remember that security measures only work if used correctly by employees. Smart technology runs on data, meaning devices such as smartphones, laptop computers, wireless printers, and other devices are constantly exchanging data to complete tasks. Take proper security precautions and ensure correct configuration to wireless devices in order to prevent data breaches. For more information about smart technology see the Internet of Things Tip Card. Read the Internet of Things Tip Sheet for more information.

     

      • 3) Be up to date. Keep your software updated to the latest version available. Maintain your security settings to keeping your information safe by turning on automatic updates so you don’t have to think about it and set your security software to run regular scans.

     

      • 4) Social media is part of the fraud toolset. By searching Google and scanning your organization’s social media sites, cybercriminals can gather information about your partners and vendors, as well as human resources and financial departments. Employees should avoid oversharing on social media and should not conduct official business, exchange payment, or share PII on social media platforms. Read the Social Media Cybersecurity Tip Sheet for more information.

     

    • 5) It only takes one time. Data breaches do not typically happen when a cybercriminal has hacked into an organization’s infrastructure. Many data breaches can be traced back to a single security vulnerability, phishing attempt, or instance of accidental exposure. Be wary of unusual sources, do not click on unknown links, and delete suspicious messages immediately. For more information about email and phishing scams see the Phishing Tip Sheet.

Study the NCSAM Guide for additional info on this and more cybersecurity concepts.

 

ref. § Identity Theft Resource Center, “2019 End-of the Year Data Breach Report”, 2019

National Cybersecurity Awareness Month Begins

Every year, the National Cyber Security Alliance designates this month of October to remind us: STOP. THINK. CONNECT.

The “bad guys” are always changing their tactics, and trying every way they can – phishing emails, ads on websites, even texts on our smartphones – to trick us.  Keeping up a layered defense is our best approach. There are three main messages :

Own IT.

  • Never Click and Tell: staying safe on social media
  • Update Privacy Settings on your phone and on social
  • Keep Tabs on Your Apps: best practices for apps on your devices

Secure IT.

  • Shake Up Your Passphrase Protocol: create strong, unique passphrases
  • Double Your Login Protection: turn on multi-factor authentication
  • Shop Safe Online: making sure your purchases are secure
  • Play Hard To Get With Strangers: how to spot and avoid phish

Protect IT.

  • If You Connect, You Must Protect: updating to the latest security software, web browser and operating systems
  • Stay Protected While Connected: Wi-Fi safety
  • If You Collect It, Protect It: keeping personal information safe

 

In the upcoming weeks, stay on the lookout here and in the myWidener Portal where we will periodically post throughout the month and explore these concepts.  If you ever have a question about an email, please forward it to phish@widener.edu. You can also call the Helpdesk at x1047, or email at helpdesk@widener.edu.

Happy October, and safe computing!