Keeping Information Private

National Cyber Security Awareness Month continues, and this week we’re passing along info about keeping personal information private.

In 2016, over 15 million people fell victim to identity theft, with financial losses totaling over $16 billion.  Here at Widener we take information privacy seriously. We ask (and have approved policy) that users do not share Social Security numbers (SSN’s) via email.  Email services are insecure by default, and if your WUMail message is going to an outside address, it’s at risk.

Also remember that Credit Card numbers are Personally-Identifiable Information (PII). Industry rules guide our use of these, and misuse represents a great risk of loss to the cardholder.

Below is a list taken from our Information Security and Compliance Program that shows the actions we should take with PII.

 

Classification Level: Confidential

Examples: SSN, Passwords, Credit Card Numbers

In electronic form: Must be encrypted when on the network and in electronic or physical data storage. Data must be protected with strong passwords. Data cannot be copied onto portable media without managerial consent (including laptops).

In print form: Must not be posted on any website or sent through email. Trash documents must be shredded. Retained documents must be stored in locked cabinets.

Classification Level: Restricted

Examples: Personally identifiable (combination of name, address, date of birth) student records, student grades, infrastructure design

In electronic form: Data must be protected with strong passwords. Data cannot be copied onto portable media without executive consent (including laptops).

In print form: Retained documents must be stored in locked cabinets.

Classification Level: Public

Examples: Not confidential or sensitive. Information on University website.

In electronic form: May be posted externally with appropriate approval (department head). May be sent through email.

In print form: Trash documents do not require shredding.

 

If your department is required to provide PII to other organizations or agencies and you need assistance with securing private info, installing encryption software, or any other issue, please contact the Helpdesk at x1047.

October is Cyber Security Awareness Month

The National Cyber Security Alliance (NCSA) is running its 14th annual campaign to increase security awareness online.

At Widener, we value and protect your online security and privacy.  Each week in October, we’ll feature information to help you strengthen your online safety. 2017’s theme is “Our Shared Responsibility,” recognizing that we’re all in this together, and that we help each other when we’re safer online.

Kicking off with a focus on the campaign “STOP. THINK. CONNECT.™, below are some tips to keep in mind as you live your digital life.  Remember that if you ever have questions, or feel uneasy about an email or a link, call the Helpdesk at x1047, and we’ll walk you through.

BasicTipsAndAdviceSTC

For more information, you can also visit the National Cyber Security Alliance (NCSA).

Ransomware outbreak and opinion

Many news articles over the past weekend drew attention to ransomware known as “WannaCry” and the global impact it is having.

While the damage to some users is severe, the systems that it has affected are older and unpatched. Microsoft released a security update for this flaw in March 2017, and the systems here at Widener are set to automatically update.  As a result, we’ve received no reports of this malware impacting our systems.

Microsoft’s President and Chief Legal Officer wrote a blog post about the event and offers some wisdom around security and the responsibilities of organizations to prevent the proliferation of hacking tools.

https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/

Please remember to regularly update your personal computers and handheld devices.  If you need assistance, please contact the ITS Helpdesk at 1047, or at helpdesk@widener.edu.