Cyber Security Awareness
October is National Cyber Security Awareness Month (NCSAM). Help spread the word and learn about how you can be more #CyberAware!
For 2017, there are a number of contests and events going on at Tufts to help the community become more #CyberAware.
- Enter the Cyber Security Awareness Online Scavenger Hunt!
- Enter the Annual Password Cracking Competition
- Thursday, October 5th, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Ashley Hedberg, Software Engineer at Google (Tufts Class of 2015). She will be giving a talk on her cyber security work(s) at Google.
- Friday, October 13th, 5 p.m. - Saturday, October 14th, 3 p.m. | Tufts Polyhack | 574 Boston Ave (CLIC). Register: https://roam1.typeform.com/to/Ke9bGC
- Tuesday, October 24th, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Steve Christey Coley, Principal Information Security Engineer at MITRE. He will be giving a talk on CVE, CWE, vulnerabilities, and medical device security.
- Tuesday, October 31st, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Lindsay Kaye, Lead Software Systems Engineer at MITRE. She will be giving a talk on reverse engineering.
- Thursday, November 2nd, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Bill Langenberg, Technical Manager at Software Engineering at TripAdvisor (Tufts Class of 2001). He will be giving a talk on credential-probing attacks.
- Thursday, November 9th, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Christine Cunningham and Doug Stetson (Tufts alumnus) from MIT Lincoln Laboratory will be giving a talk on static and dynamic analysis.
Themes for October 2017
There are four main themes for October 2017.
- Securing your devices
- Using Two Factor Authentication (2FA)
- Tips for Success in Staying Safe Online (INFOGRAPHIC: The basic steps to online safety and security)
- Don't Get Tricked - phishing and more
Stay tuned for information on these topics and more!
Our Shared Responsibility
Securing the Internet and information is our shared responsibility. Below are some tips for staying safe online.
Passwords are your lock and key! Don't share or reuse!
Your username and password are a target and valuable online. If they get stolen, you want to minimize the impact. Here are some tips for keeping passwords protected:
- Don’t reuse the same password at multiple places
- Don’t share your password with others or send it in an email
- Choose strong passwords or enable 2-step verification (Use a combination of letters, numbers, and symbols or passphrases)
- Forgetful? Use a password storage app that is encrypted. You can find a password manager at: https://it.tufts.edu/sec-pass
If you suspect your password has been stolen:
- Change passwords on all of your accounts
- If it's your Tufts account, contact the TTS 24/7 Service Desk at 617-627-3376 or firstname.lastname@example.org.
For more tips on passwords, go to:https://it.tufts.edu/sec-pass
Check out information on passwords in the SANS Newsletter.
Phishing and the Internet
Anyone can be a target for information theft through work, school, and personal accounts. Tufts (and all legitimate businesses) will NEVER ask for passwords and you should NOT reply to any email message asking for personal information.
Tips to avoid phishing and stay safe on the internet:
Protect your identity
- Be naturally suspicious of emails with links or attachments and think before you click or reply
- Enable email filters to reduce spam in your inbox
- Don’t click on links in emails; instead enter the URL
- Check the URL in the address bar to make sure it is legit and displays a padlock icon
- Be skeptical of any email that you aren't expecting
For more tips on safe email practices, go to:https://it.tufts.edu/sec-email
Stay away from dangerous downloads
- Avoid unknown or suspicious links
- Be wary of shared files on peer-to-peer networks
- Enable desktop firewalls and security tools
- Don’t share or download copyrighted files
- Don’t reveal too much about yourself, including on Twitter or your Facebook page
- Be skeptical of offers on the Web or in email that sound too good to be true
Respect copyright laws related to music, movies, TV shows, and printed materials.
Important information about downloading and file sharing:
- Be careful of what you store in your shared folders. You could be breaking the law!
- File sharing can expose you to malware and unwittingly share your personal files.
- Do not download files unless you paid for them
- Even if you have paid for files, you are not authorized to share them with others
- If you do share files for which you do not own the copyright, you could be subject to legal sanctions from external entities as well as within Tufts based on the code of conduct, up to and including dismissal from the University
Know the facts!
- Read the Tufts policy
- Educate yourself about copyright infringement
For more info on copyright and file sharing, go to: it.tufts.edu/dmca
- Keep your operating system and all software updated
- Install antivirus software and keep it updated
- Obtain software from reputable sources
For more info on antivirus applications, go to: https://it.tufts.edu/antivirus