An ongoing challenge to managing information security at Ohio State is making sure university organizations comply with federal and state regulations regarding privacy and security. That’s why Enterprise Security has released updated versions of Ohio State’s Information Security Standard (ISS) and Information Security Control Requirements (ISCR).
Category: General Announcements
We want to alert Ohio State students to a fraudulent scheme involving a third party offering to pay your Ohio State tuition charges in order to save you money. This information has also been shared with students by Ohio State Enrollment Services.
In this scam, a person asks for your Ohio State username and password to pay your tuition charges by credit card. Once you receive a confirmation of the credit card payment, you are instructed to send the person a wire transfer payment or a check for that amount less 5 percent.
Despite receiving a confirmation of the credit card payment, the payment is fraudulent and will eventually be rejected by the credit card company, leaving you with a balance still due to Ohio State.
Beginning August 17, there will be a new automated process for university employees to request Instant Messaging and Presence (Lync). As previously announced, The Office of the Chief Information Officer will no longer be automatically provisioning all university employees to receive the service.
Current IM and Presence users will not need to take any action. This request process is only for the following types of users who do not currently have IM and Presence capabilities:
It’s easier to be comply with legal and regulatory requirements if you’re aware they exist. In the Information Security Standard, LEG1.1 legal and regulatory review requires that organizations periodically perform a cyber-legal review, to ensure they keep up-to-date with applicable laws and regulations. To assist Ohio State organizations with that task, Enterprise Security is pleased to offer this course presented by cyber-legal expert Chris Ingram who explains the current regulatory environment and changes that everyone need to be aware of.
This August the spotlight falls on SIS developer Chris Palmer. This 6-year Buckeye loves solving puzzles and working with his Enterprise Applications cohort. He’s held a wide range of jobs, but he gave in to the call of technology (even passing up laser tag!). When he’s not at Airport Drive, you can find him noshing on brunch at Northstar Café or heading as far west as his motorbike will take him. Get to know your OCIO comrade, Chris Palmer, in this month’s employee spotlight.
Winter is coming! IT Security professionals at every organization know that at some point they could be under some kind of cybersecurity attack.
It’s the need for such preparedness that drives the information security industry and the demand for professionals to work in that field. At Ohio State, we have an Enterprise Security internship program to help us develop up-and-coming security professionals for our community and our institution, to aid in thwarting such attacks.
Beginning Monday, September 12, Enterprise Security will be implementing BuckeyePass to protect your personal information in the Employee Self Service (ESS) system within Human Resources. BuckeyePass is a multi-factor authentication service that provides a second layer of protection for university. You may already be using multi-factor authentication to log in to your bank account, email or social media accounts.
It’s easy to forget your password if you’ve been away from Ohio State for a few months. Now there’s a new, easier way to reset your password by receiving using the SMS text message service on your phone (SMS is “Short Message Service”).
While Pokémon Go has taken the world by storm, the app’s success has been accompanied by a stark reminder that users need to be aware of the risks that mobile apps can pose to their personal safety. Play safe: be aware of the risks posed by access to you Google account information and location services and by the potential for criminals to use their knowledge of PokeStop and Gym locations to target victims.