Welcome back, students!
Faculty and staff have been preparing for your return all summer. As we start another academic year, I want to bring to everyone’s attention some of the events and communications planned and coordinated by Information Security.
Security awareness posters will return to residence halls and offices next week. The original plan was to resume these in August, but with everything going on in preparation for the new academic year, the decision was made to wait until September.
Information Security will have a table in Krannert lobby one day a month to answer questions, provide informational materials, and (hopefully) snacks. Check the “Events” tab on the InfoSec News and Alerts website at infosec.berry.edu to see the schedule.
At least once a month there will be short training sessions offered during the lunch hour. These are called LunchITS. That’s Lunch + Information Technology Security. Bring a sack lunch or grab something in Viking Court and sit in on a fast-paced one hour training session. Topics will vary, but include account security, passwords and password managers, how to spot phishing and scam emails, and general online safety and privacy. Again, check the “Events” tab on the Infosec News and Alerts website to see the schedule for times and locations. All are welcome at these sessions.
Faculty, staff and students are all encouraged to request multi-factor authentication (MFA) be added to their Berry account. MFA is also called two-factor or second factor authentication (2FA) and is available for everyone. If you don’t know what that is, you can check out my May 2019 article here on the InfoSec News and Alerts site, which is all about MFA. Here is the exact URL – https://cybersecurity.berry.edu/?p=209 or you can click here to go there now. You can request MFA be enabled on your account by emailing firstname.lastname@example.org.
Speaking of MFA…Information Security encourages everyone to be vigilant at all times when handling unexpected emails. For the record, you will never be asked for your username and password via email or over the phone, and if you are, you should refuse and contact email@example.com to report the incident. Also, the Office of Information Technology (OIT) will never ask you to log in to “fix” or “prevent deactivation” of your account. Any email like this is an attempt to steal your username and password. Again, please report these emails or phone calls. Emails can be reported using the “Report Email as Phishing” button in supported mail clients.
If you fall victim to one of these emails and your account is abused to send fraudulent emails or other activities, you will be required to use MFA on your account. You will also be required to complete a short training module on how to recognize phishing emails. OIT will be happy to assist you with the initial setup of MFA.
To raise your awareness of how to spot phishing emails, you can preemptively take security awareness training. There is training available for faculty, staff and students. Faculty and staff should email firstname.lastname@example.org to request access to the security awareness training. Students can access this training by going to myapps.berry.edu and logging in using their email username and password. Click on the KnowBe4 Home Security app and install the secure sign-in extension when prompted. Once you have completed the install, click on the app again and it will request a password. The password to use is “homecourse”.
Finally, October is right around the corner and Berry will again be participating in National Cyber Security Awareness Month (NCSAM). The theme for this year is “Own IT. Secure IT, Protect IT.” There will be weekly emails about different information security topics each week of October, plus giveaways each week. Visit the InfoSec table in Krannert lobby each Tuesday in October to enter the weekly drawing.
That’s all for now.
Be Vigilant, Informed, and Conscientious!