Technology Update - Data Privacy Issue
January 28, 2019
DATA PRIVACY DAY NEWSLETTER
Today is Data Privacy Day, an international awareness day. Every 28th of January, we raise awareness and promote privacy and data protection best practices. Read below about what Drexel University is doing to protect the community against payroll robbers, identity thieves, spammers, intellectual property spies, and other bad actors.
TARGET DATE FOR TWO-FACTOR AUTHENTICATION AND UPDATE ON THE ADVANCED FIREWALL PROJECT
The Drexel University technology team continues to work with two leading technology companies, Microsoft and Palo Alto, to protect the community against cyber threats. By the next academic year, all University students, faculty, and professional staff will use two-factor authentication. To minimize disruptions, professional staff and faculty will benefit from this security technology first. Students will follow. We will sign in to Drexel systems with something that we know—a password—and something that we have—for example, a code sent to our mobile phones.
Over the winter break, the University successfully completed the first phase of a multi-year project to install advanced firewalls and other state-of-the-art protection technologies made by Palo Alto. The campus is now better protected against internet threats.
SECURITY AWARENESS PROGRAM
The University will soon offer new versions of information security awareness courses. The training mimics real-world situations, with interactive training modules, assessments, quizzes, and gamified content. These courses help us learn to actively defend against social engineering attacks in a comfortable online environment. Employees must take some of these courses every year. All courses are available to interested students and employees via Blackboard and the Career Pathway website, respectively.
Don’t fall for fake STUDENT JOB OFFERS! If a job offer looks too good to be true, then it probably is. They are attempts to steal your personal information, your financial data, or your money. Be cautious before clicking on links, opening attachments, completing forms or replying to job offer emails.
Did you receive an unusual email from another member of the University? Attackers impersonate University executives and other community members to send spoofed emails requesting money transfers or confidential information. This form of fraud is known as Business Email Compromise and costs organizations millions of dollars. The scammers write with a sense of urgency, and use persuasion to fool their victims. When in doubt, verify the sender’s identity by calling the sender on the phone.
With the rise of data breaches and cybercrimes, one in four people have experienced identity theft in the United States. Proactively protect your identity to prevent the need for fighting an identity theft case, which can be very costly and lengthy. The US government published some tips at https://www.usa.gov/identity-theft to protect yourself from identity theft. Drexel Voluntary Benefits also offers LifeLock Identity Theft Protection, a personal credit monitoring service, to all Drexel employees. LifeLock can detect and alert you about a potential identity theft. If you become a victim of identity theft, this service can help to resolve the case and restore your credit. For more information or to enroll, please visit https://www.drexelvoluntarybenefits.com.
BUG BOUNTY PROGRAM
The Bug Bounty Program is a new initiative created by the University's Information Security team and the Drexel CyberDragons club. The program rewards those who discover and report vulnerabilities of Drexel University systems, while respecting the six commandments of the program. Winners receive the gratitude of the University, a token of appreciation in the form of merchandise, and recognition on the website. More information about the program and the list of successful bug bounty hunters is online at https://drexel.edu/it/security/services-processes/bug-bounty.