Week 4: October 22, 2019

Cybersecurity While Traveling

Traveling is a must, as is staying connected. Pairing the two together puts us at a greater risk for cyberattacks. When you’re traveling – whether domestic or international – it is always important to prepare and keep cybersecurity on your to-do list along with packing. Which leads us to our…

TIP OF THE WEEK: Take cybersecurity on your trip (just like socks & underwear)

Before You Go

• Find my phone: Set up the “find my phone” feature on your devices. This will allow you to find, remotely wipe data and/or disable the device if it gets lost or into the wrong hands.
• Back up your information: Back up your contacts, financial data, photos, videos, and other mobile device data to another device or cloud service in case your device is compromised and you have to reset it to factory settings.
• Be up to date: Update your software to the latest version available, turn on automatic updates so you don’t have to think about it and set your security software to run regular scans.
• Keep it locked: Set your device to automatically lock after a short time when you are not using it.
• Double your login protection: Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media, and any service that offers it as an option like, for faculty and staff, BU Office 365 email, SharePoint and other applications. Faculty & staff, you can opt-in now!

During your trip

• Stay protected while connected: Before you connect to any public wireless hotspot – such as at an airport, hotel, or café – be sure to confirm the name of the network and exact login information to ensure that the network is legitimate. When you’re using a public access point, avoid activities that require passwords or credit cards. Your personal hotspot is often a safer alternative to free Wi-Fi .
• Stop auto connecting: Disable automatically connecting to available Wi-Fi or Bluetooth devices. This instant connection opens the door for cyber criminals to remotely access your devices.
• Never click and tell: Limit what information you post on social media – especially when and where you will be when you’re away from home. Check in and post those amazing travel shots when you arrive back home.
• Guard your mobile devices: Be mindful of physical security & keep your devices secured in taxis, at airports, on airplanes, and locked in your hotel room

We want you to enjoy traveling whether it’s for business or fun. Taking security precautions before and during a trip can prevent a major disruption like identity theft or access to your important information. For more info, check out our Simple Security Tips on travel and #BeCyberSmart.

Week 3: October 15, 2019

SECURING YOUR MOBILE DEVICES

Laptops, smartphones and tablets – rarely do we leave home without them. They are our navigation, online shopping, banking, working, gaming, texting, tweeting, Facebook-checking machines. We use them to do just about everything including taking the all important selfie! But whether it’s a hacked browser, unsecured Wi-Fi at the local coffee shop, or your own tendency to lose electronics (hey, it happens to the best of us), using your mobile devices as a centralized source for all of your information comes with big risks. And the more you’ve connected and stored, the more you stand to lose. Which leads us to our…

TIP OF THE WEEK: Keep a Clean Mobile Machine

Your mobile devices need to be protected. The following security precautions will help you enjoy the conveniences of technology with peace of mind while you are on the go:

• Lock your devices: Seems obvious, but many people don’t lock their phone because it’s inconvenient. Always use a passphrase, passcode or other features such as touch or facial recognition to lock your devices. Securing your device can help protect your information if your device is lost or stolen and keep prying eyes out.
• Be Wary of Wi-Fi hotspots: Public wireless networks and hotspots are not secure, which means that anyone could potentially see what you are doing on your laptop or smartphone while you are connected to them. Limit what you do on public Wi-Fi, and avoid logging in to key accounts like email, banking, and work accounts. Consider using a virtual private network (VPN) like the one offered here at BU, or a personal/mobile hotspot. Follow our instructions for installing and using a VPN on your device.
• Install an antivirus application: With your BU account you can download McAfee VirusScan software for FREE! Take advantage (immediately!).
• Turn on encryption: If setting a passcode does not automatically encrypt your device, make sure to enable the native encryption (encryption comes standard with most phones).
• Keep your system and applications up to date: Check to see that your device and applications are up to date, then set them to update automatically. This is the quickest way for the developer to provide you with the most up-to-date protection and can patch security holes that leave you vulnerable.
• Delete when done: Many of us download apps for specific purposes, such as planning vacations, and no longer need them afterwards, or we may have previously downloaded apps that are longer useful or interesting to us. It’s a good security practice to delete all apps you no longer use.
• Enable Find my Devices: Consider enabling services that allow you to locate your phone if it is lost, send a message to it, or even wipe its contents remotely if you need to.

Your mobile devices will thank you for keeping them and yourself secure. For more tips on proactively securing your mobile devices, visit Simple Security Tips on our website and #BeCyberSmart!

Have a safe and secure week, wherever you go!

Week 2: October 8, 2019

PHISHING

“Ninety percent of cyber threats start with email, making it the #1 threat vector. Phishing attacks paired with impersonation techniques have made these email threats more sophisticated and harder to detect.”

— “Fighting Phishing – 2020 Foresight.” Gartner, 2019

Email is a daily necessity in our lives, and when we click on a link or download an attachment WE become our biggest security risk despite increasingly secure technology safeguards. Think of all the information you have online and then multiply it by the over 52,000 members of the BU community. That’s a whole lot of data we need to protect and we haven’t even covered labs, research, and grant data (YIKES!). We have a huge responsibility as part of the BU community, which leads us to our tip of the week…

TIP OF THE WEEK: Don’t take the bait!

There is good news: being proactive and looking for the warning signs can and will protect you. Be wary of emails and be sure to stop and think before you take any action. Look for these clues you may have received a phish:

• Sense of Urgency: “Immediate action required” or “Click now before your account is disabled!”
• Requests for Information: The email requests highly sensitive information, such as your password, credit card number or social security number.
• Be wary of Hyperlinks & Attachments: Verify the link goes where it says it’s going, hover over links to display the web address or hold your finger on a link from your mobile phone. Stop before your download anything and verify it’s valid.
• Verify the Sender: Sent from an official organization but uses a personal email address like @gmail.com, @yahoo.com or @hotmail.com.
• Grammatical Errors: A reputable source uses spell check!
• Timing: Were you even expecting this email?

#BeCyberSmart and take a moment this week to read up on phishing and simple tips to protect yourself and the University.

In the unlikely event you do respond to a phishing email, the most important thing to do is change your password immediately and contact the IT Help Center.

Don’t forget! Our Fall Shred Event is happening today at the Kenmore Lot, 549 Comm Ave. from 10:00am-1:00pm, look for the truck! Tomorrow (10/9) we will be at the Agganis Lot and Thursday (10/10) we will be shredding at BUMC in front of the Talbot Building!

Have a phish-free week!

Week 1: October 1, 2019

PASSWORDS

Happy October! Today kicks off National Cybersecurity Awareness Month (NCSAM), a collaborative effort between the U.S. Department of Homeland Security and the cybersecurity industry to raise awareness about the importance of protecting your information online. This year’s NCSAM message is “Own IT. Secure IT. Protect IT.” and will focus on personal accountability and stress the importance of taking proactive steps to enhance your online security at home and in the workplace.

Every year, in alignment with NCSAM, the Information Security Team dedicates time to communicate resources and best practices in an effort to help our BU community become safer online. Each week this month we will be reaching out with simple tips and information on ways you can protect yourself and the University. Your information is important, and we want to help you keep it secure, so remember:

Own IT. Secure IT. Protect IT.

In addition, next week we will host our annual Fall Shred Events in partnership with sustainability@BU. This is an amazing and FREE opportunity to shred any and all paperwork, especially documents containing personal, sensitive, or confidential information. We will also be collecting hard drives for destruction. Don’t leave your data out there, SHRED IT! Sustainability@BU will be on site recycling all electronics, cords, batteries, lightbulbs, and toner. Check out the Information Security website and the BU Calendar for times and dates!

TIP OF THE WEEK: Treat your passwords like your toothbrush: choose a good one, don’t share it with anyone and get a new one regularly!

Passwords are the cyber keys to your online home and work place. There is so much data stored online, including financial & personal, and passwords allow access to ALL of that. Here are some simple tips to strengthening your passwords:

• Use a passphrase: A passphrase consists of sequence of words with upper & lower case, numbers and punctuation mixed in, for example: “IloveSt0rrowDr!” (Now you can’t use that!)
• Don’t make passwords easy to guess: We ALL know your birthday and pet’s name from Instagram!
• Keep your passwords to yourself: Always remember BU will NEVER ask for your password. Sharing is not caring in this case!
• Unique account, unique password: Your most important accounts such as Email, Banking, and Kerberos should all have their own passwords, different from each other and not used for any other accounts.
• Double your login protection: Use multi-factor authentication whenever and wherever it is an option.

For more simple tips for living your best password life, check out Creating a Password on our website. Extra brownie points for sharing this page and our tips in your office, classroom or dorm! Spread the word and #BeCyberSmart!