Information Protection and Security

Confidential information (NPPI) should never be stored on mobile equipment.  This includes credit card numbers, passwords, bank numbers (etc.), and the personal information of other people. The information, itself, is usually more valuable than the equipment it’s stored on. Loss, theft, or negligence in the care of private information could lead to legal problems if the information is breached or compromised, especially if you’re handling the information for the university or a corporate entity.  If it’s necessary to transport NPPI on portable equipment, make sure it’s encrypted, and protect it like your wallet.  Stop. Think. Secure IT!

Several people have expressed interest watching What is New For Security In Windows 7 and Server 2008-R2 in Davidson Hall next Thursday.   Seating is limited, but there is room for more registrants.   For details, browse to Webcast Information.  Questions to binde@rutgers.edu.    Hope to see you!

Because they're mobile, they're easy to lose or have stolen.  It may be that your information on the equipment is even more valuable than the equipment itself (not a smart idea on mobile equipment).  Lock mobile equipment with complex passwords and encryption if possible.  Smart phones, and netbooks need maintenance and security, just as your laptop and desktop computers.  Though they have less powerful processors they are still vulnerable to viruses and worms from visiting websites infected with malware, downloading infected applications, and insecure wireless networks.  Thumb drives are a problem because they’re easier to lose, or have stolen. When you copy infected information into the drive it's easily spread to other machines. Protect your mobile information with encryption, and complex passwords, work on a secure network, and beware of  cyber cafes. Stop. Think. Secure IT!
 

Remember the Conficker worm? It uses flaws (yes, it's still around) in Windows software to remotely take over computers and link them into a virtual computer that can be commanded remotely by its authors. In August, 2009, Conficker had more than five million computers under its control — government, business and home computers in more than 200 countries.  Compromises like this can be avoided by regular patching (updating software). You can protect yourself from malware like conficker which can ultimately lead to identity theft, financial loss, and/or cyber crime.  Make sure your machine is patched up to date.  It’s easy and takes no time if you do it automatically.  The same with Rutgers Antivirus Delivery Service…it’s free (for Rutgers faculty, staff and students), automatic and covers spyware, too. Do yourself a favor and consider maintenance a priority.  Stop. Think. Secure IT!

Microsoft's Security Essentials was released this month and has recieved good reviews in comparison to AVG and Avast (the other options for free AV tools.)

Credit problems can be even more of a problem if you fall for the Credit Repair scams according to a CNN report this morning.  These people will social engineer you into believing that they can fix all of your credit problems for a price.  These companies can only attempt to fix credit mistakes made in stores or credit bureaus. The FTC says the credit repair companies cannot charge you before they do the job.  There’s no easy way around credit problems, except to be aware that they can happen.  Keep your private information private, beware of phishing, and choose complex passwords.  Stop. Think. Secure IT!

OIT is pleased to offer the following security training possibilities: 
 

Don’t you just love the holidays and all the spam and “great” offers they bring?  Here comes the warning…Beware of the greeting cards and ads for shopping bargains.  Theft of personal information brings cash to cybercriminals who are getting more and more sophisticated.  The information you give them will be sold to other criminals whose expertise is to exploit them for cash and merchandise.  Don’t click that link for a greeting card.  It could contain malicious software that’s automatically downloaded to your machine.  Stop. Think. Secure IT!
 

I haven’t found a better way than a password protected screensaver to protect my computer from "unauthorized users" when it’s unattended.

Hackers  are placing ads on websites and browsers to trick users into visiting malicious sites.