As of Monday, September 12, BuckeyePass is protecting your personal information in the Employee Self Service (ESS) system within Human Resources. BuckeyePass is a multi-factor authentication service that provides a second layer of protection for university. You may already be using multi-factor authentication to log in to your bank account, email or social media accounts.
What would happen if you lost access to all the files and programs on your computer or mobile device? What would you do if a cybercriminal encrypted all your important files or your entire device—and then asked you to pay them a ransom to get all that data back (possibly…)?
You are likely a pro at spotting phishing emails—the ones with poor grammar, asking you to log into your bank account through a suspiciously long link. But how do you defend against fraudulent emails that appear to be coming from the CEO? Your boss? Someone from a company you regularly do business with?
An ongoing challenge to managing information security at Ohio State is making sure university organizations comply with federal and state regulations regarding privacy and security. That’s why Enterprise Security has released updated versions of Ohio State’s Information Security Standard (ISS) and Information Security Control Requirements (ISCR).
We want to alert Ohio State students to a fraudulent scheme involving a third party offering to pay your Ohio State tuition charges in order to save you money. This information has also been shared with students by Ohio State Enrollment Services.
In this scam, a person asks for your Ohio State username and password to pay your tuition charges by credit card. Once you receive a confirmation of the credit card payment, you are instructed to send the person a wire transfer payment or a check for that amount less 5 percent.
Despite receiving a confirmation of the credit card payment, the payment is fraudulent and will eventually be rejected by the credit card company, leaving you with a balance still due to Ohio State.
It’s easier to be comply with legal and regulatory requirements if you’re aware they exist. In the Information Security Standard, LEG1.1 legal and regulatory review requires that organizations periodically perform a cyber-legal review, to ensure they keep up-to-date with applicable laws and regulations. To assist Ohio State organizations with that task, Enterprise Security is pleased to offer this course presented by cyber-legal expert Chris Ingram who explains the current regulatory environment and changes that everyone need to be aware of.
The information security landscape is ever changing, but you can keep up with regular trips to cybersecurity.osu.edu, a new, one-stop shop for the Ohio State community. You’ll find the same information security data that you’ve always counted on OCIO to provide, as well as the most up-to-date information about security. It’s all in a new, updated interface that’s easy to search and use.
Some questions you can find answers to on the site include:
Winter is coming! IT Security professionals at every organization know that at some point they could be under some kind of cybersecurity attack.
It’s the need for such preparedness that drives the information security industry and the demand for professionals to work in that field. At Ohio State, we have an Enterprise Security internship program to help us develop up-and-coming security professionals for our community and our institution, to aid in thwarting such attacks.
Beginning Monday, September 12, Enterprise Security will be implementing BuckeyePass to protect your personal information in the Employee Self Service (ESS) system within Human Resources. BuckeyePass is a multi-factor authentication service that provides a second layer of protection for university. You may already be using multi-factor authentication to log in to your bank account, email or social media accounts.
While Pokémon Go has taken the world by storm, the app’s success has been accompanied by a stark reminder that users need to be aware of the risks that mobile apps can pose to their personal safety. Play safe: be aware of the risks posed by access to you Google account information and location services and by the potential for criminals to use their knowledge of PokeStop and Gym locations to target victims.
