Securely Sharing Files with Restricted Data

Although email is a useful and necessary means of communicating, it is not necessarily the most secure method for sharing important or sensitive documents. For example, an email does not simply go from the sender to the recipient instantaneously. Most emails have to travel across multiple networks and servers before arriving in their intended audience’s inbox. These pause points expose emails to attack, usually due to unsecured networks, vulnerable servers, and the people savvy enough to hack them.

The Division of Information Technology recommends that you share specific documents or entire folders using OneDrive (and/or SharePoint). You can review and edit permissions at any time.

Click here to view entire recommendation and step-by-step instructions.

Tech Tips from IT Staff – Staying Secure

Zoom Security Updates by Ikram Muhammad, Information Security Engineer

To maximize security and minimize risks while working remotely, please follow University safety and security that can be found on the Information Technology website. Zoom regularly releases software updates including updated security features. You should see reminders from Zoom and should apply these updates on a timely basis.

Safeguard your credentials as report information by Maureen Castaldi, Manager Database Management

While working from home remember to safeguard your credentials as well as output from reports that you run from Banner Admin, ARGOS and/or Employee Applications. Output should be saved to onedrive and/or H:/G: drives. In addition, reports run from Banner Admin can be saved to the database as documented here.

Duo is required to access remote.scranton.edu by Don McCall, Technology Support Center Analyst

Just a quick reminder that Duo is required to access remote.scranton.edu, but it does work a little bit different than usual. Right after signing in, the system automatically sends the Duo request, so be sure to have your phone handy the moment you sign in. In some cases, it even bypasses the popup notification on your phone. In that case, you may want to open the Duo app directly so that you can see the incoming login request.

Securely Sharing Files with Restricted Data

Although email is a useful and necessary means of communicating, it is not necessarily the most secure method for sharing important or sensitive documents. For example, an email does not simply go from the sender to the recipient instantaneously. Most emails have to travel across multiple networks and servers before arriving in their intended audience’s inbox. These pause points expose emails to attack, usually due to unsecured networks, vulnerable servers, and the people savvy enough to hack them.

The Division of Information Technology recommends that you share specific documents or entire folders using OneDrive (and/or SharePoint). You can review and edit permissions at any time.

Click here to view entire recommendation and step-by-step instructions.

Security Spotlight: Restricted Data

Restricted data is the University’s most sensitive data and requires the highest level of safeguarding. Restricted data includes, but is not limited to, social security numbers, credit and debit card numbers, bank account numbers, driver’s license numbers, PINs and passwords.  Here are some tips for securing restricted data:

  • Know what restricted data you have in your files and computer.
  • Don’t keep restricted data you do not need.
  • Refrain from storing restricted data on your local hard drive. Store restricted data on secure locations like departmental Groups drive (G:), your (H:) drive, or One Drive/SharePoint.
  • Properly dispose of what you no longer need, such as deleting files from your computer, clearing the files in the Downloads folder and emptying your computer Recycle Bin.
  • Do not email restricted data unless it is encrypted.
  • Do not store credit card numbers under any circumstances.

Remember, if restricted data isn’t absolutely necessary, don’t use it.

Getting a new cellphone during the holidays? Register a second device with Duo to maintain your My.Scranton access.

If you plan to purchase a new cellphone during the holidays, you will need to re-enroll your account and reconfigure your device. Since our offices close during the holidays, we recommend that users that are planning to replace their cellphones enroll a second device in Two Step today.

Registering a second device prior to getting a new phone, will allow users to continue to log into the My.Scranton portal until IT support resumes on Thursday, January 2.

Register a Secondary Device

Device options include a smartphone, tablet and a hardware token (tokens can only be obtained by visiting the Technology Support).

Adding a Secondary Device

  • Go to https://duo.scranton.edu/
  • Choose an existing authentication method to log into your account
  • Select + Add another device
  • Choose Mobile phone or Tablet (iPad, Nexus 7, etc.)
  • Follow the prompts to add the new device

Upon completion of the onscreen prompts, you will have enrolled a secondary device which can be used to authenticate with. The next time you log into my.scranton, you will be able to select your device and authentication method.

Enroll Your New Phone

If the new device has the same phone number as the older device, then you will need to reactivate the new device.

  • Go to https://duo.scranton.edu/
  • Choose an authentication method to log into your account
  • Next to your cell phone device, select Device Options
  • Click Reactivate Duo Mobile
  • Verify the type of phone
  • Install and open the Duo App
  • Tap the “+” button.
  • Scan the barcode on the screen
  • Click Continue

If the new device has a different phone number as the older device, you need to add it as a new device.
Go to https://duo.scranton.edu/

  • Choose an authentication method to log into your account
  • Select + Add another device
  • Choose Mobile phone
  • Follow the prompts to add the new mobile phone

Technology Support Center

The Technology Support Center is located on the first floor of AMH. Please contact us for questions at 570-941-4357 or techsupport@scranton.edu.

We will be closed or operating on an alternate schedule during the following times:

– Thursday, Nov. 28 – Saturday, Nov. 30: Closed (Thanksgiving Break)
– Saturday, Dec. 14: 8:00 a.m. to 5:00 p.m. (Finals Week)
– Sunday, Dec. 15: Closed (Finals Week)
– Monday, Dec. 16 – Friday, Dec. 20: 8:00 a.m. to 6:00 p.m.
– Saturday, Dec. 21 – Tuesday, Jan.1: Closed (Holiday Break)

Security Spotlight: Microsoft Advanced Threat Protection

Information Technology has begun testing a new product that will help protect the University from unknown email-based malware and viruses. Microsoft Advanced Threat Protection (ATP) is an email filtering service that provides the following protections:

  • ATP Safe Attachments analyzes all messages and attachments that don’t have a known virus/malware signature and routes them to a special environment where ATP uses a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the message is released for delivery to the mailbox.
  • The ATP Safe Links feature proactively protects your users from malicious URLs by dynamically blocking suspected unsafe links while good links can be accessed.
  • ATP Anti-Phishing checks incoming messages for indicators that a message might be a phishing attempt. Incoming messages are evaluated by multiple machine learning models that analyze messages and take appropriate action based on the configured policies.

Stay tuned for more information as ATP gets closer to roll out.

Security Spotlight: Improved Wireless Security

In the past, the RoyalSecure wireless network was all-encompassing – all users were using the same network and had access to the same services. This differed from the wired network, where classes of users are separated (or segmented) into their own network spaces. This segmentation allows for different services to be allowed on different network segments. In an effort to improve security, we have segmented the RoyalSecure wireless network to mirror the wired network. One of the benefits of this change is that faculty and staff can now access the file shares G: and H: from the RoyalSecure wireless network.

Two Step Required in remote.scranton.edu

Two Step (through DUO) will be required when using our remote (VDI) environments. This does not apply to VDI in classsrooms.

What does this change mean?

After August 19th, when you log into remote.scranton.edu and you enter your credentials (Royal ID and Password), you will receive a push notification on your mobile device. As soon as you authenticate by selecting the green checkbox, you will be able to access remote. If you are using a token, you will be prompted for a temporary code on the login page.

Video Instructions

Stop Unwanted SPAM and Robocalls

Your Caller ID may include “SPAM?” for known robocallers since December, 2018. This is an attempt by telecommunications carriers to help their customers determine if the call is valid or not. Scam calls made up a large share of the estimated 4.7 billion robocalls to mobile devices in May, according to YouMail, an app that helps block them. That’s more than double the amount from two years ago. The Federal Trade Commission receives about 10,000 robocall complaints per day.

“We’re all fed up with the tens of billions of illegal robocalls we get every year,” Andrew Smith, director of the FTC’s Bureau of Consumer Protection, said in a statement. Fighting “this scourge remains a top priority for law enforcement agencies around the nation.” Carriers are always improving the algorithm used to determine which calls match the SPAM criteria. However, we will still continue to receive unsolicited calls from spammers/scammers.

The University’s Information Technology Division frequently receives requests to block SPAM or other unwanted calls but we are faced with determining if the phone number is actually valid. The spoofed number may belong to someone who justifiably needs to contact the University so we cannot just simply block all requests for unwanted calls. Normally, the calls cease within a few days.

In an attempt to help, you can register your phone numbers with the “Do Not Call” list by calling 1-800-382-1222 from the phone number you wish to register or by adding the number through www.donotcall.gov. You can also register your personal wireless number to the “Do Not Call” list.

However, if your department is receiving an influx of calls, please contact the Technology Support Center at 570-941-4357 in order to immediately block the number and cease the interruption to your business day. If we determine the spoofed number is valid, we will need to unblock the number after a few business days and set up a time to test to see if the calls begin again.

For additional information on Caller ID Spoofing, visit https://www.fcc.gov/consumers/guides/spoofing-and-caller-id

Sources

“FTC, Law Enforcement Partners Announce New Crackdown on Illegal Robocalls.” Federal Trade Commission, 5 July 2019, https://www.ftc.gov/news-events/press-releases/2019/06/ftc-law-enforcement-partners-announce-new-crackdown-illegal.

 

 

Security Spotlight: Security Awareness Training Matters

Cybersecurity, data breach, privacy, phishing attempts– I am sure you are most familiar with these words, as they have been frequently used these past years in our campus presentations, national news reports and articles in industry magazines (just to name a few). The threats these words represent are escalating, complicated and quite frankly too important to dismiss.

Listed as the single most pressing issue in the Top 10 IT Issues 2019 from Educause (a non-profit association that helps higher education optimize the impact of IT), it is a University-wide challenge that we must address – together.

Our Information Security Office (ISO) has seen a steady increase in the number of phishing and social engineering attempts. Thankfully, in part due to our programming and outreach (such as cybersecurity month, wellness day presentations, email notices and training) constituents have become more aware of these types of attempts and are increasingly reporting them to the ISO and the Technology Support Center.

The ISO encourages everyone to take advantage of the security awareness training available through SANS to learn more about phishing and social engineering, and recommends that everyone regularly perform a “Malwarebytes Full Scan” to guard against malware (this program is already installed on our campus computers).

As we continue to develop our University security strategies, we ask that you remain vigilant, and never hesitate to call or email us to confirm the validity of an email or phone call. You can reach the Information Security Office at 570-941-4226 or email infosec@scranton.edu.

Free Security Resources

  • The  THINK. CONNECT. ™ Campaign is a national public awareness campaign aimed at increasing the understanding of cyber threats. https://www.stopthinkconnect.org/resources
  • Through StaySafeOnline, the National Cyber Security Alliance (NCSA) empowers users at home, work and school with the information they need to keep themselves, their organizations, their systems and their sensitive information safe and secure online and encourage a culture of cybersecurity. https://staysafeonline.org/
  • Report identity theft to the Federal Trade Commission online at IdentityTheft.gov or by phone at 1-877-438-4338.
  • Get the latest information on IRS Tax Scams / Consumer Alerts. https://www.irs.gov/newsroom/tax-scams-consumer-alerts

Free Security Software Resources (for home)

  • uBlock Origin Extension (in Google Chrome Browser) is a free and open-source, cross-platform browser extension for content-filtering, including ad-blocking. https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en
  • Malwarebytes protects you against malware, ransomware, malicious websites, and other advanced online threats that have made traditional antivirus obsolete. https://www.malwarebytes.com/
  • Have I Been Pwned allows you to search across multiple data breaches to see if your email address has been compromised. https://haveibeenpwned.com/
  • LastPass is a password manager that stores encrypted passwords online. https://www.lastpass.com/

 

 

 

Security Spotlight: “Are You Available” Gift Card Email Scam Targeting Faculty and Staff

Our Information Security Office has received several reports of email scams targeting University faculty and staff that involves the purchase of gift cards.

The email begins with subjects like “Follow up” or “Are you available?” and if the recipient replies, the attacker continues to portray a University leader explaining that they are in a meeting and can’t take calls. They urge the recipient to buy gift cards for them promising to reimburse them later.

The end goal is for the criminal to be sent gift cards on the “leader’s behalf” and email pictures of codes to them with the promise of later reimbursement.

**If you receive such an email, DO NOT RESPOND and forward the email to infosec@scranton.edu**.

If you received a similar email and you purchased gift cards, please contact the University Police for assistance and forward the original message to infosec@scranton.edu.

Previous story related to this topic:
Office Tip: Forward an Email Message as an Attachment