sections |
FEBRUARY 2018 CONTENTS – It’s About Security
Improving our information security: Two basic approaches that can make a huge difference For the 3rd year in a row, security tops the annual EDUCAUSE Top 10 IT Issues List of IT issues facing higher education. Headlines about IT security breaches or vulnerabilities regularly appear in the news. On the internet, no one is “centrally isolated” – the threats are real, and attacks regularly occur against Ithaca College, just like at other higher education institutions. The two most important things you can do to stay safe online are:
Keeping your devices and applications up-to-date Today’s technology is complex, and consists of millions of lines of code written by different people and companies, all of which must work together – and none of it is perfect. Flaws and vulnerabilities are always present, and new ones are discovered every day. Some vulnerabilities, such as the recent “Spectre” and “Meltdown” processor flaws, make national headlines, but others are less widely reported. Criminals take advantage of these vulnerabilities to gain access to systems or information, in order to spy, steal, blackmail, hold data for ransom, or defraud individuals and institutions. Fortunately, technology vendors issue security updates (patches) that address most of these vulnerabilities before attackers figure out how to use them. So, regularly applying available security updates (patching) your software, apps, and operating system, and restarting if necessary greatly reduces the likelihood of falling victim. What we’re doing about this at Ithaca College:
What you can do to be more secure:
Protecting your user accounts As our computers, mobile devices, servers, and applications become inherently more secure and better able to protect themselves, we humans become the easiest targets. We are all, by now, familiar with phishing attacks (email-based fraud or scams). We have all received email messages purporting to come from our banks, the FBI, or tech support asking us to login to verify our account or something right away (often stating that if we don’t do it right now, before taking time to think about it, something terrible will happen). By logging into a fraudulent site, we give the attackers our username and password. By replying to the email, opening an attached file, or clicking a malicious link, we may give them other information or allow them to install malicious software on our computers. The thing to keep in mind is that phishing and other forms of online crime are an industry. There are thousands of people in countries all over the world who get up in the morning and go to work at jobs attacking us and others. Just like any other job there are specialists, departments, and service providers with various duties: researching vulnerabilities, developing malicious software, researching targets, writing phishing emails, using stolen credentials to access email and other systems, mining stolen data to find anything that can be sold or that may be useful for subsequent attacks, etc. Just like any industry, this one is maturing. Phishing (email-based fraud), is being complemented by vishing (voice-based) and smishing (SMS-based) fraud. Criminal organizations have built or hired professional call centers (posing as Microsoft, Apple, or other tech companies) to ensure that victims successfully install malicious software on their computers, or to assist with ransomware remediation, often paying over the phone for the privilege. What we’re doing about this at Ithaca College:
What you can do to be more secure:
EDUCATIONAL TECHNOLOGY DAY – THURSDAY, MARCH 22 The college’s 28th annual Educational Technology Day will be held Thursday, March 22nd from 9 AM to 3 PM in the campus center. Ed Tech Day features over 60 national and regional technology vendors (including Apple, Dell, Microsoft, and many others), seminars, and faculty, staff and students showing how they are using technology in and out of the classroom. Featured sessions this year include:
Ed Tech Day is free and open to all. No registration is required. Visit www.ithaca.edu/edtechday for details. Complete schedule to be posted in early March. THE LAST BIT Last month EDUCAUSE published their annual list of Top 10 IT Issues for 2018. The 2018 Top 10 IT Issues show how digital technology is remaking higher education through four key themes: institutional adaptiveness, improved student outcomes, improved decision-making, and IT adaptiveness – all topics that we’re actively exploring here at IC. I encourage you to read through the article and related resources on the EDUCAUSE site, and take advantage of various opportunities to engage with us and around these topics, whether it is at Ed Tech Day, liaison meetings, one-on-one conversations, or email. The complete list is below. As always, if you have any suggestions or comments, please send them to cio@ithaca.edu. Thanks! -Dave Weil, Chief Information Officer, Information Technology, Ithaca College. EDUCAUSE Top 10 IT Issues for 2018:
|
© Copyright Ithaca College. All rights reserved; unauthorized use prohibited. All material on this server is produced by our community but, except for designated pages, is neither approved nor verified by Ithaca College.