Practice Safe Computing - Attend Safety Fair Oct. 1
October is National Cyber Security Month
By Jody Record, Campus Journal Editor
September 24, 2008
The television commercials about stolen credit card numbers are clever and funny. The reality isn’t. Neither is having sensitive information pirated from your computer. Or inadvertently emailed to the wrong person.
What to do? Educate yourself to the ways of safe computing. Be aware of the risks. And know what steps to take to eliminate those risks as much as possible.
In October, National Cyber Security Month, Computing and Information Services is providing a way to do all three; throughout the month CIS is offering a speakers’ series, CIO forum, town hall meetings and free informational classes.
Petr Brym, CIS’s director of information technology security, says everyone who sends or stores data on a computer is at risk of having it compromised.
“No one’s ever safe, much like they are never safe from getting a cold. They may wash their hands and do everything they can to avoid it but the threat is always there,” Brym says.
He adds that most people are taking basic precautions—like using virus software--but some misconceptions still exist. One of the big ones is using email that isn’t password protected to send sensitive communications.
“The old adage about not putting anything in an email that you don’t want others see still applies,” Brym says. “Departments that transmit sensitive data via email need to rethink the method.”
UNH classifies information into three categories: restricted, sensitive and public.
Social security numbers, personally identifiable information or that requiring federal or state protection (such as affirmative action, disability regulation and HIPPA) are examples of restricted data.
Sensitive information includes any whose access is controlled by an institutional policy, contract or proprietorship, for ethical reasons, or is at risk of damage or inappropriate access. Data that, if compromised, would lead to high costs or harm to clients or reputation also falls into this category. Examples include intellectual property and technological infrastructure and design.
Public data is unrestricted and may be provided to anyone.
“The first thing is to have the awareness,” Brym says. “If you’re aware, you are better able to protect yourself.”
Start by attending the Safety Fair being staged at the MUB Oct. 1. From 10 a.m. to 1 p.m., members of the UNH Police Department will staff an information table by the mailroom, offering tips on how to avoid being the victim of a computer crime.
Go to the Computer Store between 10 a.m. and 3 p.m. to learn about computer lock down and backup systems. At 1 p.m. in the MUB Theatre, Bud Fitch of the state Attorney General’s Office will talk about New Hampshire as it pertains to information technology.
And don’t miss the Phishing Derby that kicks off Oct. 2 at 1 p.m. in the MUB Theater. Prizes will be awarded based on the rarity, method of identification, and sophistication of the phishing attempt.
What’s phishing? You know those emails from the poor Nigerian widow who has millions and will share it if you just give her your bank account number to send it to? That’s phishing. It’s an attempt to get personal information such as usernames, passwords, social security numbers, bank accounts and credit card details to someone who is pretending to be trustworthy.
“The biggest threat at UNH right now is phishing. We find that people are still responding to these emails even with aggressive education,” Brym says.
For list of events going on this month go http://cis.unh.edu/safecomputing.