Boston University’s Information Security group leads the University’s effort to protect its information. This objective is achieved by both using the latest in technology to help detect and prevent cyber threats, as well as working with and educating the BU community.
New and Improved Technology
As part of its ongoing effort to protect the personal information of our students, faculty, and staff, Information Services & Technology is introducing two new services this spring: a Restricted Use Data Finder and Vulnerability Management.
The Restricted Use Data Finder service uses software from Spirion to search for and identify personal information on the desktops and laptops used by Boston University. IS&T can then help move this data to a more secure place, or use Spirion to delete it if it is not needed. This minimizes the risk of a data breach by helping to reduce the number of computers where information such as credit card numbers, Social Security numbers, birthdates, and similar sensitive information are stored.
Spirion was recently introduced at the BU Dental clinics, the Ryan Center for Sports Medicine and Rehabilitation, and Human Resources. We hope to further expand the usage of the tool into other administrative units to help further protect our student and employee data.
In coming weeks, Information Security will also be introducing Vulnerability Management, a new IS&T service which helps protect university data, minimizes unplanned downtime, and mitigates the risk of accidental loss, unauthorized access, theft, or malicious destruction.
The Vulnerability Management service consists of two activities:
- Vulnerability Scanning, which helps BU technology managers identify risks in applications and systems and prioritize efforts to repair these issues.
- Patch Management, which enhances tools available to BU technology managers to quickly install updates when a new vulnerability is announced.
How can you help keep our data safe?
There are some cybersecurity risks that the University faces that are harder to solve through technology. In fact, our top security risk is the compromise of BU student, faculty and staff accounts. One of the top reasons our accounts are compromised is phishing.
You are our single best defense against phishing!
One of the best ways to spot phishing messages is to look for unsolicited messages, often from unfamiliar or generic senders, with a sense of urgency. Whether it is inviting you to track a package you haven’t ordered, reset your password ahead of an impending upgrade, or expounding on a limited time offer, these messages all want you to click on a link as soon as possible.
If you find yourself being rushed to act, take a moment to be mindful. Stop and think. Does this seem like a normal communication from your bank or from BU? Is there really a need to rush? Consider verifying the request by other means, using phone numbers, e-mail addresses, or a website you know to be associated with the real organization.
You can report phishing attempts to IS&T as well. If you fall victim to a phishing message you should immediately change your password, scan your computer for spyware and viruses, and seek help from the IT Help Center!
Are there other cybersecurity topics you’d like to discuss? Reach out to Information Security and we will be happy to come talk with you!