Security Topics

Topics of general interest related to IT security

Biometrics — last modified 2007-07-27 11:27

Biometric technologies are becoming necessary for highly secure identification and personal verification solutions. As the level of security breaches and transaction fraud increases, the need for highly secure identification and personal verification technologies is becoming apparent. Biometrics are up and coming the future of authentication. Biometric-based authentication applications include workstation, network, and domain access, single sign-on, application logon, data protection, remote access to resources, transaction security and Web security.

Cell Phones — last modified 2007-07-27 11:27

As cell providers offer more services (email, web surfing, text messaging, etc.) the phones become vulnerable to the same attacks as computers, and other exploiting specific vulnerabilities. "Wipe" your old phone clean before discarding it or giving it away . When you're done with your old cell phone, safely delete your information or destroy the phone. Text messages, phone numbers, email addresses, pictures, etc. can be like opening your diary. Phone manufacturers usually provide instructions for safely deleting information, though it's not usually easy to find. The best way to destroy your old phone..."toss it under a large truck, or give it an acid bath."

Computer Abuse Incidents — last modified 2007-07-27 11:27

What is a computer abuse incident and how to report it.

Computer Viruses — last modified 2007-07-27 11:27

A large variety of computer viruses roam the Internet to 'infect' computers with an array of maladies from annoying to devastating. Most of these can be prevented.

Email — last modified 2007-09-06 12:28

Email is insecure. Sensitive information should not be sent via email. Any email (including "private") is often compared to a postcard in that anyone who comes in contact with it can read it. Email may also be read when it is stored on servers.

Identity Theft — last modified 2007-07-27 11:27

Identity theft is a federal crime in which an imposter obtains information by false pretenses for personal gain. Information (Social Security Number, drivers license, credit card numbers) can be snatched in a variety of ways...however, computers have contributed significantly to numbers in the past few years. Please visit the Judicial Affairs website for a comprehensive look at the identity theft and how you can take a proactive role to keep your identity safe.

The Internet — last modified 2007-10-17 06:35

You just never know who's listening...

Online Banking — last modified 2007-07-27 11:27

Credit card and online banking sites are convenient and easy ways to purchase and handle financial transactions. They are also the most often spoofed sites for phishing scams. Information you provide to online banking and shopping sites should be encrypted and site's URL should begin with 'https' . Some browsers have an icon representing a lock at the lower right of the browser window. The following link provides detailed information on online banking.

Peer to Peer File Sharing (P2P) — last modified 2007-07-27 11:27

File sharing technology and P2P software was designed to exchange music, movies, videos, and other files over the Internet. The sharing of music and movies through the use of file sharing peer to peer (P2P) software available on the Internet is discouraged due to copyright and security issues.

Phishing — last modified 2008-03-31 10:57

Phishing is the new word in consumer online security fraud for convincing the consumer to provide confidential information through a website or email. The information may be used for fraud, identity theft, or other compromise. The university community has recently seen emails falsely labeled from Citibank, PayPal, and others attempting to convince the user to surrender private information. The most hard-hit industry is currently financial.

Policies — last modified 2007-07-27 11:27

Current Federal, State and University Laws and Policies

Social Engineering — last modified 2007-07-27 11:27

Social engineering is the attempt to manipulate or trick a person into providing information or access to a system's information, by bypassing network security. A social engineering compromise can provide information on background, credit rating, medical history, and driving record, most of which is confidential. Colleges and universities are sometimes targeted for social engineering compromises due to inexperience of large numbers of students serving as part-time employees.

Social Networks — last modified 2007-07-27 11:27

Sharing information over the Internet is like shouting to a billion people. Everyone can see the pictures you post, and read the information you enter.

Spyware/Malware — last modified 2007-12-06 08:29

Spyware is programming that can be put into your computer to gather information about you without your knowledge as information to advertisers and other interested parties. Malware includes Viruses, Worms, Spyware, Adware, Browser hijacking, Web Bugs, and other software.

Trojans — last modified 2007-07-27 11:27

A trojan can be a hidden program transmitted by means of spam or e-mail, a downloaded file, a disk from a trusted source, or a legitimate program with the Trojan lurking inside. A Trojan Horse (Trojan) is computer code (a program) used to enter your computer undetected.

Instructions for Displaying Email Headers — last modified 2008-03-31 10:55

If you have an email problem or an incident you would like to report you will have to provide full email header information when you contact IPS. The instructions below will assist you in displaying full headers in your email software.