April News from Information Security

Welcome to April. The semester plows ahead, even as we grow weary of it. April brings us showers, tax deadlines, and the light at the end of the semester tunnel. It also brings us cybersecurity awareness training, but don’t despair, this spring edition of cybersecurity awareness training is laser-focused and comparatively shorter than previous instances. I’ll ask for about 15 minutes of your time to concentrate on spotting phishing emails. We’ve seen a significant rise in phishing email volume and recent phishing emails have been slightly better crafted than before. They certainly have been attempting to push more sensitive buttons, with topics such as salaries, insurance, employee policy, and password/account expiration all in play over the last few weeks.

You’ll get an email this week letting you know that cybersecurity awareness training is ready for you to complete. Please take the few minutes required to complete it. To preemptively derail the rumor train, I will reiterate up front that failure to complete this training will not keep you from graduating, will not cause you to incur a fine, and will not leave a mark on your permanent record. The training is designed to remind you of simple ways to spot phishing emails and will allow you to apply what you learn immediately.

Those of you who (like me) have not yet filed your taxes have only days to finish the task or file an extension. Tax Day is April 17th. Be careful with any emails concerning taxes – double and triple check any emails you receive in regards to taxes, either about completing the filing of or in relation to making a payment or receiving a refund. Phishers are not picky about how they manage to trick you into giving up sensitive information. If you file online, file only with a reputable institution. Choose good passwords and don’t reuse any when filing your taxes.

A few of you may have noticed that I was a bit AWOL during the middle of March. We also did not produce any security awareness posters for the month of March, and that’s a shame because I saw the drafts my student worker created, and they were wonderful, as all of them over the last few months have been. My mother died on the 15th, and I was out of the office for a few days. I bring this up to apologize for any delays in responding to your questions and also to relate an observation I made in the middle of that life event. As my sister and I were sorting through all of the things you must sort through in these situations, I realized that my 83-year-old mother had not reused any of her passwords for her online accounts. Granted, they were not all great passwords, but they were at least unique. Believe me, if she can do it, so can you, so take a look at the password manager Quick Info page here on the site, pick a password manager, and stop reusing passwords.

I hope April is a great month for everyone. I will leave you with some food for thought at the bottom of this article, and please take a few moments in the next couple of weeks to complete the spring cybersecurity awareness training. Your invitation email is coming soon.

All Berry students, faculty and staff have MFA enabled on their Berry account, and you should use it in the most secure way via the Microsoft Authenticator app on your smart phone. But don’t stop there! Use the Microsoft Authenticator as your second factor on any site that supports Google Authenticator. Turn MFA/2FA on everywhere you can. Yes, it will take you another few seconds to log in, but your data and account will be safer.

Please continue to report those phishing emails! We are holding a drawing at the end of every month for a small prize and all you need to do to enter the drawing is to report a phishing email.

If I’m not covering a topic of cybersecurity you are interested in or concerned about, please let me know. I want to be your first and best resource on cybersecurity information, so let me know how I can help and inform you.

If you’re not following Berry OIT on Facebook (@BerryCollegeOIT), Twitter (@berryoit), or Instagram (@berrycollegeoit), you should be, as more information from OIT and specifically Information Security, will be provided using these outlets. If you are not into social media, you can also subscribe to get updates via email. Just use the link available in the right-hand sidebar on the website.

You can always check back here for warnings about current phishing emails, confirmations of valid emails you might have a question about, and data breach notifications. There’s also the events calendar where events will be posted, like Cybersecurity Awareness Month.

Food For Thought

I present a ten-year-old YouTube video from one of my favorites CGP Grey. The video is on the future of education, and while he is guardedly optimistic on the prospects of the Internet helping in education, I fear that society has failed to help it make the impact that it could. Take a peek at what one forward thinker thought about how the Internet could help education evolve.

Featured Image: Jennifer Hernandez-Argueta for Berry College

Author

(Visited 163 times, 1 visits today)