Tag: privacy

Cybersecurity Awareness

More tips for National Cybersecurity Awareness Month – Own IT!

Internet-based devices are everywhere in our lives: at home, school, work and on the go. An “always-on” network gives us ways to create, connect, and share, but also presents opportunities for cybersecurity threats that can compromise our most sensitive personal information.

This week we look at some of the ways to help keep us and our information safe. Here are the key messages to “Own IT.”

Never Click and Tell: staying safe on social media

Share With Care – remember that what you post – if you let it – goes to the whole world.

  • What you post can last a lifetime: Before posting online, think about what others might learn about you and who might see it in the future – teachers, parents, colleges and potential employers. Share the best of yourself online.
  • Be aware of what’s being shared: Be aware that when you post a picture or video online, you may also be sharing information about others or personal details about yourself like where you live, go to school or hang out.
  • Post only about others as you would like to have them post about you: The golden rule applies online as well. Ask permission before you tag a friend in a photo.
  • Own your online presence: It’s OK to limit who can see your information and what you share. Learn about and use privacy and security settings on your favorite online games, apps and platforms.

Keep Tabs on Your Apps: best practices for apps on your devices

  • Always lock your phone! If your phone gets lost or stolen, the first line of defense is a good lock.  Whether that’s a few numbers, a swipe pattern, or your fingerprint, always put something between your data and someone trying to get to it – and set it to auto-lock when you put it down.
  • Think twice if an app wants permission to use personal information (like your location) it doesn’t need before you say “OK.”
  • Pay attention to how much access the app wants – does it want access to your camera?  To your contacts list?  To your file system?  If so, why?  Does a game really need your camera or access to the people you know?  Make sure the app has a good reason for asking.
  • Always use approved app stores for your apps.  It’s not perfect, but apps from Apple and Google get checked for scams, viruses, malware far more  than anywhere else.

Update Privacy Settings on your phone and on social

Mobile devices – including smartphones, laptops and wearables – are always within reach everywhere we go, and they share a lot of information about us and our habits.  Check this link out to learn how to update your privacy settings on your phone and on the most popular online services to keep better control of your info: Managing Your Privacy

Our devices are a part of our lives, and it’s up to us to use them safely.  If you ever have a question about any computer or device, please call the Helpdesk at x1047, or email at helpdesk@widener.edu.  If you get a phishing or questionable email, please forward it to phish@widener.edu.

 

Study the NCSAM Guide for additional info on this and more cybersecurity concepts.

Cybersecurity Month wraps up

Protect IT! Final tips for keeping your data safe

It’s essential to take proactive measures to enhance cybersecurity at home, on campus, at work, and when you’re out and about. In previous weeks, we addressed how to best own and secure your personal information. Now, we need to safeguard all of that invaluable data.

If You Connect, You Must Protect

Turn on automatic updates, if you can, and protect your devices with antivirus software.

Stay Protected While Connected

Before you connect to any public wireless hotspot – like at an airport, hotel, coffee shop or café – confirm the name of the network and exact login procedures with appropriate staff. Avoid sensitive activities (e.g., banking) that require passwords or credit cards.  If you just can’t avoid it, try to use a VPN (Virtual Private Network) connection, whether it’s provided by your employer or one you pay monthly for yourself.

If You Collect It, Protect It

If you’re involved in collecting data for or about people, it’s important that you treat it with care. It is vital that organizations of all sizes take measures to keep customer/consumer data and information safe.

 

Thanks for reading!  As always, if you ever have a question about any computer or device, please call the Helpdesk at x1047, or email at helpdesk@widener.edu.  If you get a phishing or questionable email, please forward it to phish@widener.edu.
 

 
Study the NCSAM Guide for additional info on this and more cybersecurity concepts.

National Cybersecurity Awareness Month Begins

Every year, the National Cyber Security Alliance designates this month of October to remind us: STOP. THINK. CONNECT.

The “bad guys” are always changing their tactics, and trying every way they can – phishing emails, ads on websites, even texts on our smartphones – to trick us.  Keeping up a layered defense is our best approach. There are three main messages :

Own IT.

  • Never Click and Tell: staying safe on social media
  • Update Privacy Settings on your phone and on social
  • Keep Tabs on Your Apps: best practices for apps on your devices

Secure IT.

  • Shake Up Your Passphrase Protocol: create strong, unique passphrases
  • Double Your Login Protection: turn on multi-factor authentication
  • Shop Safe Online: making sure your purchases are secure
  • Play Hard To Get With Strangers: how to spot and avoid phish

Protect IT.

  • If You Connect, You Must Protect: updating to the latest security software, web browser and operating systems
  • Stay Protected While Connected: Wi-Fi safety
  • If You Collect It, Protect It: keeping personal information safe

 

In the upcoming weeks, stay on the lookout here and in the myWidener Portal where we will periodically post throughout the month and explore these concepts.  If you ever have a question about an email, please forward it to phish@widener.edu. You can also call the Helpdesk at x1047, or email at helpdesk@widener.edu.

Happy October, and safe computing!

 

Welcome from Information Security

Welcome (and welcome back) to Widener!

It’s a new academic year, and internet threats are ready and waiting as usual. Students, faculty, and staff are all busy preparing for a great year of learning, but the bad guys are trying to sneak past our guard. Here are some of the old classic threats that are still in use:

  • Impersonation emails that look like they’re from someone on campus (“Are you available?” gift card scams)
  • Random offers of on- or off-campus jobs (especially involving exchanges of gift cards or money orders)
  • PDF files that are nothing but a link, or try to get you to “log in”
  • Office365 document shares that don’t look like Widener emails
  • Warnings or threats about your Widener email account being closed or locked out, or that it “needs to be verified”
  • Voicemails or faxes that are supposedly waiting on you
  • Screen pop-ups that try to get you to click something (even legit ads are dangerous)

Please remember to be very careful with email links, especially from addresses you don’t know. The bad guys can also paste a real name onto a fake email, so take care when using your phone – phones often don’t show the email address. And they love to hit you during your commute.

When an email asks you to click a link, it’s best if you initiate the reply using a fresh start. Contact the person or department the way you’re familiar with, or check on my.widener.edu for the correct campus link.

Any phishing, scam, questionable, or just plain weird emails should be sent to phish@widener.edu. We’ll gladly check whether it’s real or a scam.

Follow our blog here at itsnews.widener.edu – we post on all types of ITS issues. Follow on Twitter at @WidenerISO for security news and current issues. If you ever have a question about email, passwords, viruses, or computer security in general, feel free to call the Information Security Office at ext. 1044, or open a ticket at the HelpDesk (quickticket.widener.edu).

Thanks, and have a great year!

Make Your Home a Haven for Online Safety

It’s National Cybersecurity Awareness Month again!

https://staysafeonline.org/ncsam/

Since 2004, the National Cyber Security Alliance has designated the month of October to remind us: STOP. THINK. CONNECT.™  ITS posts every week this month with a new theme to keep cybersecurity awareness at the top of mind.

This week’s theme is “Make Your Home a Haven for Online Safety.”  We live in an age where having the internet in your home is a fact of life.  Most of us have learned how to give our home router a strong password.  We are routinely connecting PCs and smartphones, as well as game consoles and tablets.  Many of us have more fully-connected homes with devices such as thermostats, security systems, cameras – even things like refrigerators, door locks, and light bulbs! Keeping these items secure is critical, since each is a small computer, and carries much of the same risk as your other data devices.

It’s also important to remember that, for many students, Widener is their home for most of the year.  ITS maintains many security measures, but keeping out the bad guys also means having a strong password and staying alert for scams and phishing.  Keep in mind that the bad guys hit us when we’re most busy, and for us that’s the start of the semester and finals.

If you ever have a question about an email, feel free to forward it to phish@widener.edu.  You can also call the Helpdesk at x1047, or email at helpdesk@widener.edu. And be sure to follow us on Twitter at @WidenerISO.  Happy October, and safe computing!

Keeping Information Private

National Cyber Security Awareness Month continues, and this week we’re passing along info about keeping personal information private.

In 2016, over 15 million people fell victim to identity theft, with financial losses totaling over $16 billion.  Here at Widener we take information privacy seriously. We ask (and have approved policy) that users do not share Social Security numbers (SSN’s) via email.  Email services are insecure by default, and if your WUMail message is going to an outside address, it’s at risk.

Also remember that Credit Card numbers are Personally-Identifiable Information (PII). Industry rules guide our use of these, and misuse represents a great risk of loss to the cardholder.

Below is a list taken from our Information Security and Compliance Program that shows the actions we should take with PII.

 

Classification Level: Confidential

Examples: SSN, Passwords, Credit Card Numbers

In electronic form: Must be encrypted when on the network and in electronic or physical data storage. Data must be protected with strong passwords. Data cannot be copied onto portable media without managerial consent (including laptops).

In print form: Must not be posted on any website or sent through email. Trash documents must be shredded. Retained documents must be stored in locked cabinets.

Classification Level: Restricted

Examples: Personally identifiable (combination of name, address, date of birth) student records, student grades, infrastructure design

In electronic form: Data must be protected with strong passwords. Data cannot be copied onto portable media without executive consent (including laptops).

In print form: Retained documents must be stored in locked cabinets.

Classification Level: Public

Examples: Not confidential or sensitive. Information on University website.

In electronic form: May be posted externally with appropriate approval (department head). May be sent through email.

In print form: Trash documents do not require shredding.

 

If your department is required to provide PII to other organizations or agencies and you need assistance with securing private info, installing encryption software, or any other issue, please contact the Helpdesk at x1047.




One University Place
Chester PA 19013
1-888-WIDENER

Maps & Directions
Virtual Tour



Explore All Programs

Library

Athletics

Campus Safety

WORK AT WIDENER


INFORMATION FOR
Accepted Students
Current Students
Faculty & Staff
Parents & Families
Alumni
Community & Partners