Cyber Security Awareness

October is National Cyber Security Awareness Month (NCSAM). Help spread the word and learn about how you can be more #CyberAware!

For 2017, there are a number of contests and events going on at Tufts to help the community become more #CyberAware.

Contests

Events/Guest Speakers

  • Thursday, October 5th, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Ashley Hedberg, Software Engineer at Google (Tufts Class of 2015).  She will be giving a talk on her cyber security work(s) at Google.
  • Friday, October 13th, 5 p.m. - Saturday, October 14th, 3 p.m. | Tufts Polyhack | 574 Boston Ave (CLIC). Register: https://roam1.typeform.com/to/Ke9bGC
  • Tuesday, October 24th, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Steve Christey Coley, Principal Information Security Engineer at MITRE.  He will be giving a talk on CVE, CWE, vulnerabilities, and medical device security.
  • Tuesday, October 31st, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Lindsay Kaye, Lead Software Systems Engineer at MITRE.  She will be giving a talk on reverse engineering.
  • Thursday, November 2nd, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Bill Langenberg, Technical Manager at Software Engineering at TripAdvisor (Tufts Class of 2001).  He will be giving a talk on credential-probing attacks.
  • Thursday, November 9th, 4:30 - 5:45 PM in Barnum / Dana Hall 104: Christine Cunningham and Doug Stetson (Tufts alumnus) from MIT Lincoln Laboratory will be giving a talk on static and dynamic analysis.

Themes for October 2017

There are four main themes for October 2017.

  1. Securing your devices
  2. Using Two Factor Authentication (2FA)
  3. Tips for Success in Staying Safe Online (INFOGRAPHIC: The basic steps to online safety and security)
  4. Don't Get Tricked - phishing and more

Stay tuned for information on these topics and more!

Our Shared Responsibility

Securing the Internet and information is our shared responsibility. Below are some tips for staying safe online.

Passwords

Passwords are your lock and key! Don't share or reuse!

Your username and password are a target and valuable online. If they get stolen, you want to minimize the impact. Here are some tips for keeping passwords protected:

  • Don’t reuse the same password at multiple places
  • Don’t share your password with others or send it in an email
  • Choose strong passwords or enable 2-step verification (Use a combination of letters, numbers, and symbols or passphrases)
  • Forgetful? Use a password storage app that is encrypted. You can find a password manager at: https://it.tufts.edu/sec-pass

If you suspect your password has been stolen:

  • Change passwords on all of your accounts
  • If it's your Tufts account, contact the TTS 24/7 Service Desk at 617-627-3376 or it@tufts.edu.

For more tips on passwords, go to:https://it.tufts.edu/sec-pass

Check out information on passwords in the SANS Newsletter.

Phishing and the Internet

Anyone can be a target for information theft through work, school, and personal accounts. Tufts (and all legitimate businesses) will NEVER ask for passwords and you should NOT reply to any email message asking for personal information.

Tips to avoid phishing and stay safe on the internet:

Protect your identity

  • Be naturally suspicious of emails with links or attachments and think before you click or reply
  • Enable email filters to reduce spam in your inbox
  • Don’t click on links in emails; instead enter the URL
  • Check the URL in the address bar to make sure it is legit and displays a padlock icon
  • Be skeptical of any email that you aren't expecting

For more tips on safe email practices, go to:https://it.tufts.edu/sec-email

Stay away from dangerous downloads

  • Avoid unknown or suspicious links
  • Be wary of shared files on peer-to-peer networks
  • Enable desktop firewalls and security tools
  • Don’t share or download copyrighted files
 
It’s a dangerous Web out there
  • Don’t reveal too much about yourself, including on Twitter or your Facebook page
  • Be skeptical of offers on the Web or in email that sound too good to be true

File Sharing/Copyright

Respect copyright laws related to music, movies, TV shows, and printed materials.

Important information about downloading and file sharing:

  • Be careful of what you store in your shared folders. You could be breaking the law!
  • File sharing can expose you to malware and unwittingly share your personal files.
  • Do not download files unless you paid for them
  • Even if you have paid for files, you are not authorized to share them with others
  • If you do share files for which you do not own the copyright, you could be subject to legal sanctions from external entities as well as within Tufts based on the code of conduct, up to and including dismissal from the University

Know the facts!

  • Read the Tufts policy
  • Educate yourself about copyright infringement

For more info on copyright and file sharing, go to: it.tufts.edu/dmca

Antivirus

Antivirus software that is kept up-to-date is critical for a safe and secure network
 
Tips to protect your computer from malware:
  • Keep your operating system and all software updated
  • Install antivirus software and keep it updated
  • Obtain software from reputable sources

 For more info on antivirus applications, go to: https://it.tufts.edu/antivirus