September News From Information Security

September already!?!?

Hard to believe, but this entire year has been hard to believe, so why should anything change now? Lots of things to pass along to all of you in this newsletter, from mandated notifications to announcements of new and returning resources, to the upcoming Cyber-Security Awareness Month.

By far, the most important item is the reminder that downloading or distributing copyrighted material, including through peer-to-peer file sharing applications, without the permission of the copyright owner is against the law. Illegal downloading or distribution of copyrighted materials can result in your being prosecuted in criminal court and/or sued for damages in civil court. Criminal penalties for first-time offenders can be as high as five years in prison and $250,000 in fines. If sued in civil court, you may be responsible for monetary damages, attorneys’ fees, and civil penalties up to $150,000 per work distributed.

Use of Berry’s resources for unauthorized distribution of copyrighted materials is forbidden. The College prohibits illegal copyright infringement through its Acceptable Use Policy. You are required to adhere to all college policies including those that relate to copyrights and fair use. This information is posted on the Berry website at https://berry.edu/policies/ . The Memorial Library has an excellent resource: http://libguides.berry.edu/copyright

There are many legal sources available for copyrighted material such as music, movies, and TV shows. Some are free and some charge a nominal fee. We’ve all grown VERY aware of the possibilities over the last few months, at least those of us who were required to isolate ourselves or who did so voluntarily in response to the coronavirus. Please be responsible in your use of copyrighted materials.

Whew!

With that out of the way here are a couple of new resources from Information Security. While we won’t get to meet and chat in Krannert for the foreseeable future, it doesn’t mean Information Security is taking a break. The cyber-criminals definitely don’t.

On this site in the next few days you will see a new item in the main menu. The Berry College “Phishbowl” will feature past and current phishing emails curated from submitted emails from Berry faculty, staff, and students. All emails have been anonymized, unless they came to a non-personal account like “Financial Aid” (one of the phishers favorite targets).

You’ll be able to see a variety of phishing emails, with commentary on the various indicators that betray it as a phishing email. Eventually, you’ll be able to sort and filter emails based on type, i.e., sextortion emails versus financial fraud versus fake notifications (this capability is still “under construction”). I hope seeing these emails with their tell-tale indicators will help you be able to spot a phishing email and not get caught in the future.

Another new resource is a twist on an old resource. Last year, I held a series of lunchtime training opportunities I affectionately called “LunchITS”. Well…that’s not gonna happen this year, at least for a while, so I am launching a new opportunity for one-hour training sessions via Zoom. I hope to hold the first one mid-September, then have them regularly, every other week or so, through the end of the semester.

Topics will include old standbys like phishing and account management, to new sessions with more narrowly focused topics like how to effectively and easily use a password manager, or how to choose and safely use Internet of Things (IoT) devices like “smart” coffee pots and home automation equipment. Sessions will be repeated throughout the semester, so I hope you get the opportunity to attend one. Details will be posted on this site as general posts and to the events calendar hosted here, when it returns. Check back for more info, or if you are part of a club, office, department, or other group and want to get customized “in-person” (via Zoom, of course) training, just let me know. Check the About page for my contact information.

With this being September, as mentioned before, that means that next month is October, which is Cyber-Security Awareness Month! There will be weekly posts on the nationally chosen topics, plus, in lieu of a table in Krannert every week, there will be a weekly competition, culminating in a grand prize drawing for some exciting prizes. More details will be posted here on this site throughout September, so check back for more info.

In addition to details about the October fun, there will continue to be warnings posted about current phishing emails, breach notifications, and other information security events that could affect you, so bookmark the beautiful new front page and check back often.

Now for the usual reminders (or for those who have never been here before, some important information you should definitely read).

If you haven’t signed up for multi-factor authentication (MFA), what are you waiting for? This adds an additional layer of protection to your Berry account and lets you keep the same password for a whole year! Setup takes only a few minutes. Make your request by emailing computing@berry.edu to tell them you want MFA!

If I’m not covering a topic of information security you are interested in or concerned about, please let me know. I want to be your first and best resource on information security, so let me know how I can help and inform you.

If you’re not following Berry OIT on Facebook (@BerryCollegeOIT), Twitter (@berryoit), or Instagram (@berrycollegeoit), you should be, as more information from OIT and specifically Information Security, will be provided using these outlets. Remember, you can always check back here for warnings about current phishing emails, confirmations of valid emails you might have a question about, and data breach notifications. There’s also the Q&A section, where you can ask a question and get an answer directly from me, and the events calendar, once it makes its triumphant return.

Thanks for persevering to the end of this rather long newsletter!

Photo Credit: No Piracy billboard by Descrier (CC BY 2.0) https://flic.kr/p/faTECf