Tag: security

You’ve likely sent a text to your mom that started as innocent—until autocorrect had some fun with your message. But have you ever sent an email to the wrong auto-completed address? Or written an email while angry and then accidentally replied to an entire group of coworkers? Including your boss?

In the September edition of OUCH!, a monthly security newsletter from the cybersecurity experts at SANS Institute, you can learn simple email etiquette, appropriate for all your personal and professional communications.

As of Monday, September 12, BuckeyePass is protecting your personal information in the Employee Self Service (ESS) system within Human Resources. BuckeyePass is a multi-factor authentication service that provides a second layer of protection for university. You may already be using multi-factor authentication to log in to your bank account, email or social media accounts.

What would happen if you lost access to all the files and programs on your computer or mobile device? What would you do if a cybercriminal encrypted all your important files or your entire device—and then asked you to pay them a ransom to get all that data back (possibly…)?

You are likely a pro at spotting phishing emails—the ones with poor grammar, asking you to log into your bank account through a suspiciously long link. But how do you defend against fraudulent emails that appear to be coming from the CEO? Your boss? Someone from a company you regularly do business with?

An ongoing challenge to managing information security at Ohio State is making sure university organizations comply with federal and state regulations regarding privacy and security. That’s why Enterprise Security has released updated versions of Ohio State’s Information Security Standard (ISS) and Information Security Control Requirements (ISCR).

We want to alert Ohio State students to a fraudulent scheme involving a third party offering to pay your Ohio State tuition charges in order to save you money. This information has also been shared with students by Ohio State Enrollment Services.

In this scam, a person asks for your Ohio State username and password to pay your tuition charges by credit card. Once you receive a confirmation of the credit card payment, you are instructed to send the person a wire transfer payment or a check for that amount less 5 percent.

Despite receiving a confirmation of the credit card payment, the payment is fraudulent and will eventually be rejected by the credit card company, leaving you with a balance still due to Ohio State.

It’s easier to be comply with legal and regulatory requirements if you’re aware they exist. In the Information Security Standard, LEG1.1 legal and regulatory review requires that organizations periodically perform a cyber-legal review, to ensure they keep up-to-date with applicable laws and regulations. To assist Ohio State organizations with that task, Enterprise Security is pleased to offer this course presented by cyber-legal expert Chris Ingram who explains the current regulatory environment and changes that everyone need to be aware of.

Winter is coming! IT Security professionals at every organization know that at some point they could be under some kind of cybersecurity attack.

It’s the need for such preparedness that drives the information security industry and the demand for professionals to work in that field. At Ohio State, we have an Enterprise Security internship program to help us develop up-and-coming security professionals for our community and our institution, to aid in thwarting such attacks.

Beginning Monday, September 12, Enterprise Security will be implementing BuckeyePass to protect your personal information in the Employee Self Service (ESS) system within Human Resources. BuckeyePass is a multi-factor authentication service that provides a second layer of protection for university. You may already be using multi-factor authentication to log in to your bank account, email or social media accounts.

While Pokémon Go has taken the world by storm, the app’s success has been accompanied by a stark reminder that users need to be aware of the risks that mobile apps can pose to their personal safety. Play safe: be aware of the risks posed by access to you Google account information and location services and by the potential for criminals to use their knowledge of PokeStop and Gym locations to target victims.