IT Handbook - Directories - University of Cincinnati

More documents

Recommendations

Info

• Send Spam to spam@uce.gov and then delete it. • Report other e-mail abuses to abuse@uc.edu. A thorough review of “How To Fight Spam” will help to understand the world of spam and how you can help control it: http://www.uc.edu/infosec/info/fightspam.html Social Engineering and Phishing Attacks Social engineering is used by criminals to gain unauthorized access to a computer or secure building. This is a non-technical intrusion that relies on people’s complacency regarding the value of the information they possess and their responsibility to protect it. Social engineers’ ploys often involve tricking people into breaking normal security procedures. Examples of social engineering behavior include the following: • Someone calling on the phone asking for information such as a user ID and password. • Someone “dumpster diving” to find memos, system manuals, and printouts of sensitive information. • Someone pretending to be an outside consultant or temporary worker. • Someone “piggy-backing” entrance to a building by following in an authorized person, thus avoiding presenting ID. If you permit someone access, make sure you know who he or she is. • Someone creating a persona that makes him or her appear to be a person in authority, so people ask the hacker questions, rather than vice-versa. This is “reverse social engineering.” • Phishing uses e-mail or web sites to solicit personal (often financial) information. Attackers send e-mail, seemingly from a reputable credit card company or bank that requests account information. Often, the message suggests that there is a problem that needs their attention. • Learn more about phishing by watching this video: http://www.uc.edu/infosec/info/videos.html Phone / PDA / Mobile Device Security Tips • Set a password, lock pattern, or PIN on your phone to prevent unauthorized use and make it more difficult to hack if stolen or lost. • If your phone has Bluetooth functions, disable them until they’re needed, and then set visibility settings to “hidden” so that your device cannot be scanned by other Bluetooth devices. • Limit the amount of sensitive or personal information such as passwords and account information stored on your mobile device. • Consider purchasing anti-virus software for your phone and make sure it is frequently updated. • Only download apps from trusted sources. • Do not jailbreak your mobile device as this can open up security holes • Treat mobile devices as you would your wallet, keys, or laptop; don’t leave them in plain sight and keep them close to you at all times. USB Drives / Thumb Drives / Jump Drives and other Mass Storage Devices These drives are a very convenient and commonly used method to hold personal files and school work. Unfortunately, the small physical size of these devices makes them easy to lose or to steal. • If you use a mass storage device to store any important or sensitive data—class work, research data, clinical information, personal files, etc.—make sure that the data is protected by encrypting the device. • Many modern mass storage devices come with a security utility that can encrypt sensitive files. • If you do not have encryption on your mass storage device, don’t keep sensitive information on it. Social Media Safety What is social media? Social media refers to the means of interactions among people in which they create, share, and exchange information and ideas in virtual communities and networks. What are some examples of social media web sites? Several social media sites have become extremely popular in the last few years for internet users of all ages. Some examples include: Facebook, Twitter, LinkdIn, Instagram, and Tumblr. What are some advantages of using social media web sites? • Easy Information Exchange Facebook and similar sites allow users to gain access to personal information very quickly, including home and cell phone numbers, addresses, photos, videos, and events. 78
• Ability to Share Information Users of social media web sites can stay in contact with hundreds of people they have met (or not) and communicate with them by posting interesting things about themselves such as: Statuses, Images, Videos, Events, Locations, and so forth. What are some disadvantages of using social media web sites? • Easy Access If privacy settings are not set potential thieves, stalkers, or harassers can potentially find personal information through social media web sites very quickly, easily, and anonymously. Overly available personal information can also lead to issues when potential employers try to research you. By posting too much inappropriate information on social media sites, you put yourself to risk of not being hired, or possibly incriminating yourself. • Too Much Information Vast amounts of information coming from a large number of sources is constantly fed through social media sites to their users. Often this information can be biased, incorrect, or altered. This leads to many misinformed consumers. • Tool for Procrastinating or Wasting Time Surfing social media web sites can easily take up hours of time that could have been used for tasks such as studying, working, or anything else that may be productive. Your Personal Settings/What You Post The following questions are designed to help you make smart choices about your privacy settings, as well as what you decide to post on your site: • Would I want someone I don’t know to show up unannounced at my class, residence hall, or workplace? • Am I comfortable getting phone calls, e-mails, or other forms of attention from strangers? • Am I posting information about myself or my whereabouts that would leave me vulnerable to crime? • Would I be comfortable if a potential or current employer, parent, or close friend read what I posted? • What would my profile say about me to future roommates or neighbors? Would they form negative preconceptions about me? • Am I posting information or photos portraying me engaging in illegal activities that are against the law or Student Code of Conduct? • Online photos can be easily copied, downloaded, or manipulated. Am I posting photos that would embarrass or incriminate me if they were shown in other venues? Am I willing to take the risk that someone may use my photo in a way in which I would not approve? Manage Your Privacy Having secure privacy settings on your social media site accounts is extremely important. All major social media sites have settings that allow the user to choose who can see what on their profile. Consider how you should implement the following options: • Make your contact information private (Address, Phones Numbers, E-mail Addresses). • Limit who can search your profile in search engines. • Manage who can view the photos you post. • Manage who can view your posted statuses. • Do not post locations and or times as this opens up many opportunities for crimes against you. What Others Post Facebook and similar web sites do not have mechanisms in place to verify information posted in individual profiles. What you see is not always true information. Consider these questions before divulging additional information about yourself or deciding if you want to meet an online acquaintance in person: • Is the information I am reading from a reliable, verifiable source? • Am I considering meeting someone for the first time in a public setting with a way to get myself out of a situation if it is unsafe? • Would I be aiding/abetting a crime or policy violation if I follow instructions found on someone’s profile? • What are the possible advantages of getting to know this person better? Are there risks that I can reduce or eliminate before we proceed in deepening our involvement with each other? If you suspect that you have been a victim of a computer crime or abuse while at UC, please report the incident to abuse@uc.edu. Give as much detail as possible: who, what, when and where. 79
Page 1 and 2: IT Handbook UC Information Technolo
Page 3 and 4: uc.edu/ucit/students GoCharge Charg
Page 5: Desktop Security • When you need
Page 9 and 10: Blackboard Learning System http://b
Page 11 and 12: Blackboard Help Center For detailed
Page 13 and 14: If you have trouble connecting, cal
Page 15 and 16: 7. You may be presented with a Secu
Page 17 and 18: 16. The Extraction Wizard will appe
Page 19 and 20: 23. You have to make some changes b
Page 21 and 22: 27. During your anti-virus installa
Page 23 and 24: SafeConnect for Windows XP This exa
Page 25 and 26: 7. You may be presented with a Secu
Page 27 and 28: 16. Once extraction is complete, op
Page 29 and 30: 22. You have to make some changes b
Page 31 and 32: 26. During your anti-virus installa
Page 33 and 34: SafeConnect Directions for Macintos
Page 35 and 36: 6. When the download is complete, d
Page 37 and 38: Getting online: Securewireless Secu
Page 39 and 40: 3. Securewireless should be display
Page 41 and 42: Configuring Securewireless for Wind
Page 43 and 44: 115
Page 45 and 46: 117
Page 47 and 48: 119
Page 49 and 50: 121
Page 51 and 52: Configuring Securewireless for Vist
Page 53 and 54: 125
Page 55 and 56: 127
Page 57 and 58:
129
Page 59 and 60:
131
Page 61:
Configuring Securewireless for Linu
show all

IT Handbook - Directories - University of Cincinnati

Create successful ePaper yourself

Delete template?

Save as template?