Web Content Display Web Content Display

Minimize

Last modified by portal admin on 8/22/19 at 3:03 PM


Director's Message Director's Message

Minimize
"Most of us have been forced to work remotely recently. This ability has allowed us to be flexible and safe while still fulfilling the St. Mary's mission. There are added risks when working remotely. Be safe by making sure your devices are up to date, require a password to access and are locked when unattended". Frank Niewierski
Executive Director
Client and Systems Support Services

Last modified by portal admin on 6/18/20 at 1:39 PM


Previous Editions Previous Editions

Minimize

Last modified by portal admin on 10/28/21 at 9:49 AM


Let's talk Malware Let's talk Malware

Minimize

Protecting your devices against malware that will turn them into bots used for malicious purposes its not only important for you, but for the entire Internet.

Unless you want your laptop or fridge to power the next attack on Internet routers in Germany or another part of the world, here's what you have to do:

  • Change default usernames and passwords on your devices and online accounts
  • Use strong passwords (set up a password manager) and NEVER reuse passwords for multiple accounts
  • Use basic security measures, such as antivirus
  • Keep your software up to date on all your devices (including your IoT gadgets – web cameras, fridges, etc.)
  • Regularly scan your devices for malware and keep an eye out for strange behavior
  • Unplug devices when you don't use them (maybe not your fridge, but your toaster doesn't need to stay plugged in – you get the picture).

These basic measures will help reduce your risk of infection and make the Internet a safer place for all!

Last modified by portal admin on 6/18/20 at 1:40 PM


Edition 3 Vol 4 :: Working Remotely Edition 3 Vol 4 :: Working Remotely

Minimize

A blessing, for some, and a burden for others. Unfortunately, the difficult times we are going through has forced us to reassess the work-schooling from home idea. The COVID-19 pandemic should not be taken lightly.

Although you're no longer connected to the University IT resources, you should still keep an eye on your cyber-defenses. Hackers haven't ceased their attempts to compromise your system, steal personal data, or empty your bank account.

Unfortunately, they're more active than ever, proven by the fact that ransomware attacks have increased by a factor of ten since the beginning of the COVID-19 pandemic. The person responsible for keeping data and devices safe in your household is probably you.

When you don't have an entire IT department looking over your shoulder and handling cyber security as a full-time job, someone has to step in. If you've assumed this responsibility, maybe you can also impart some of your cyber security wisdom with your family members and friends.

While working from home, be sure to maintain the same cybersecurity hygiene as you do at the office or school: don't click on a suspicious link, don't open attachments unless they're from trusted sources, always ask your managers to confirm financial-related requests (i.e. transferring money to a third-party) and refrain from accessing potentially malicious websites.

Last modified by portal admin on 6/18/20 at 1:38 PM


Is your Antivirus protecting you? Is your Antivirus protecting you?

Minimize

How does antivirus software protect you against an unknown malware?

In two words, by using heuristic analysis. This is a process in which antivirus carefully looks at the behavior of a suspicious file to see if it behaves like a known malware. If the file behaves too much like a malware program, then the antivirus will immediately quarantine and eliminate it.

Because of this, we strongly recommend the heuristic analysis functions of your antivirus be always activated.

Have you ever wondered if your antivirus is still alive? I mean, it last gave of an alert 6 months ago, so it's probably active, right?

Well, you can use an EICAR test to see if it's still doing its job.

To do an EICAR test, simply open a notepad and copy the following text in it:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Save the document on your desktop and wait for your antivirus to do its magic. The text you just copied in the file will trick your antivirus into believing it's a malware (trust us, it isn't). If your antivirus is still active, it should immediately trigger to remove the EICAR test file.

This is a standard test done in the cybersecurity industry to test antivirus, so it's perfectly safe.
 

Last modified by portal admin on 6/18/20 at 2:08 PM


Five Security Myths Five Security Myths

Minimize

Myth #1: You're not important enough to be a target.
High-profile individuals (such as executives, celebrities, and government officials) will always rank as top targets for cybercriminals. But assuming that you don't have anything of value because you're not a high-profile individual is a dangerous mistake.  Scammers have no bias and will target anyone and everyone, both professionally and personally, in every industry, at organizations of all sizes. Assuming you're not on their radar makes you an easier target. 

Myth #2: Malicious hackers are the only threats worth worrying about.
Which is more likely: suffering a data breach at the hands of highly sophisticated cybercriminals, or suffering a data breach because of human error caused by someone within the university?  Hopefully, you guessed the latter. Believe it or not, insider threats pose more risk than external actors. That's why it's vital that all employees, from the front desk to the President, receive adequate security awareness training. 

Myth #3: Cybersecurity is a highly technical process.
Quite the opposite. Security relies on human firewalls who use common sense and think before they click. Yes, modern technology,  such as network monitoring and real-time threat detection software, helps organizations prevent security incidents. But at the end of the day, maintaining the confidentiality, integrity, and availability of data and systems requires human effort.  

Myth #4: Security awareness only matters at work.
 While you don't need to worry about violating security policies or compliance regulations in the comfort of your own home, the awareness training you receive at work absolutely matters in your personal life. Your personally identifiable information carries a lot of value and, if it falls into the wrong hands, you and other members of your household could become victims of identity theft or have your accounts hacked. 

Myth #5: Smart devices are rarely targeted.
From mobile phones to the Internet of Things, the attack surface of smart devices is massive, and will only continue to grow. In fact, it's not hard to imagine a future where smart devices are the default targets of scammers.  That's why it's important that we secure our world of connected gadgets and treat mobile devices like the computers they are! This means (among other things) protecting them with strong passwords, utilizing antivirus and anti-malware software, and ensuring that they stay up to date with the latest security patches. 

Stop believing these myths! Stay alert, use common sense, always follow policy, and take security personally to avoid becoming a victim.

Last modified by portal admin on 6/18/20 at 2:14 PM


What about Ransomware? What about Ransomware?

Minimize

The rise of ransomware is one of the biggest cybersecurity trends of the past few years. One of the most efficient ways to prevent the threat of ransomware from wreaking havoc and locking your sensitive data is to remain vigilant and be proactive.

What to do?

We strongly recommend you apply these basic and simple steps:

  • Backup regularly and keep a recent backup copy off-site. There are dozens of ways, other than ransomware, how files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won't have to worry about the backup device falling into the wrong hands.
  • Don't enable macros in document attachments received via email. Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of malware infections rely on persuading you to turn macros back on, so don't do it!
  • Be cautious about unsolicited attachments. The crooks are relying on the dilemma that you shouldn't open a document until you are sure it's one you want, but you can't tell if it's one you want until you open it. If in doubt, leave it out.
  • Don't give yourself more login power than you need. Most importantly, don't stay logged in as an administrator any longer than is strictly necessary, and avoid browsing, opening documents or other "regular work" activities while you have administrator rights.
  • Consider installing the Microsoft Office viewers. These viewer applications let you see what documents look like without opening them in Word or Excel. In particular, the viewer software doesn't support macros at all, so you can't enable macros by mistake!
  • Patch early, patch often. Malware that doesn't come in via document macros often relies on security bugs in popular applications, including Office, your browser, Flash and more. The sooner you patch, the fewer open holes remain for the crooks to exploit.

Last modified by portal admin on 6/18/20 at 2:20 PM


Staging Enabled