As our world becomes more and more digital, so do the threats that it faces.
This week we are raising awareness that, like Health and Safety, cyber security is everyone’s responsibility.
Is your password strong enough? Could it easily be hacked, or even just guessed? Is it safe from prying eyes? Or do you have it written on a post it note taped to your laptop?
Would you leave your house or car unlocked? No? So why leave your computer unlocked? If you leave your computer logged on, anyone passing could access your account and all of the services that log you in through Single Sign On.
Can you trust that memory stick that you’re about to plug into your computer? Like they ask you at the airport – Is it yours? Did you pack it (put the data on it) yourself? Do you know where it has been at all times (or has it, maybe, been used in a virus infected machine)?
Can you trust the public Wi-Fi you have just connected your computer or mobile device to?
Can you really trust that link you’re about to click on? Or could it be a cleverly crafted scam to get you to disclose your personal data, which could end up costing you dearly (money, reputation, your job)?
No longer can we think, “It will never happen to me”.
Taking just a moment to think before you act will help to protect both yourself and the University from some potentially dire consequences.
The University will never send you an email asking you to provide us with your username and password, so if you receive one of these emails please look at it carefully. These are known as Phishing emails; if you provide your username and password, the originator then has access to everything on the network that you use. They can use your email account to send out further phishing emails which are more likely to be responded to because they have been sent from a legitimate account. They could obtain confidential or personal data (yours or other people’s) which could lead to identity fraud or worse. If you are not expecting such a message examine it carefully for anything suspicious – such as unusual wording, spelling and grammatical errors, hyperlinks that appear to be misspelled (e.g. amzon.co.uk instead of amazon.co.uk). If in doubt, seek advice from the Information Centre.
Similarly, we have had a number of people contacting us to say that they have had a suspicious phone call from someone purporting to be from Microsoft. Scams like this usually have the aim of getting you to disclose either your bank details or your username and password. Be aware, though, that Information Centre or other Information Services staff may ask to remotely connect to your staff PC to assist you with PC issues; but this will normally only happen when you made contact with us in the first instance, requesting assistance.
Before Christmas we asked our students to fill in the JISC digital survey. 99% of our students feel they are able to act securely online, with 90% able to create a positive online profile. A large portion of students felt that their passwords were very secure. Is your password long and/or complex enough? You could try using three random unrelated words e.g. ejournalsedur0amunion.
Make sure you apply software updates to your computer or mobile device when prompted. These updates will contain vital security upgrades to keep your device secure.
Staff and student logins do not have Admin rights on centrally supported staff and student computers. When a computer is used on a day to day basis with an account that has Admin privileges both the computer itself, and the network it is connected to, are more vulnerable to infection from viruses and malware. For Staff, if you need to install software on your PC, please contact the Information Centre for instructions on how you can do this.
Staff Computers have an inactivity time out of 30 minutes but, please, when you leave your desk lock your PC. If you don’t know how, please ask.
According to the BCI over 80% of security professionals identify ‘people’ as the biggest challenge for cyber security. Play your part in improving cyber resilience at the University Of Stirling.
Information Services