Technology Update - Data Privacy Issue
January 28, 2021
DATA PRIVACY DAY
January 28th is Data Privacy Day, an international day to raise awareness and promote privacy and data protection. Read this newsletter for tips, best practices, and resources to help you protect your privacy and data from identity thieves, payroll robbers, scammers, intellectual property spies, and other bad actors. Stay safe online.
2021’s Tips for Better Cybersecurity
New year, new passwords! - Experts recommend updating your passwords often, using longer, easy to remember passwords or passphrases, different passwords for every account, a password manager, and implement multi-factor authentication (MFA) when available. Using multi-factor authentication (MFA) adds an additional layer of security to your account.
Lookout for scams - Scams are fraudulent messages soliciting sensitive information (e.g., Drexel sign-in credentials, bank accounts, credit card numbers). Scams can be sent via text messages, emails (e.g., phishing emails), or even phone calls. Some recent scams include: COVID-19 cures and vaccinations, gift cards, unemployment, job opportunities, etc. For more information on protecting yourself against scams, visit Protect Yourself from Email Scams webpage. Check out a list of scams we saw last year by visiting https://drexel.edu/it/news/news/coronavirus/.
Report Phishing Emails - Phishing attacks often impersonate legitimate organizations and solicit sensitive information (e.g., username, password, security number, etc.) from you. Some signs can include: a strong sense of urgency, lack detail, outlandish requests, demands for action, and spelling errors. Check out some examples on our Debunking Email Scams webpage.
Remote Learning and Working Tips
Due to COVID-19, Drexel University conducts many of its operations remotely. These are some tips to keep information safe during this time.
- Use Drexel-provided information technology services.
- Have a dedicated, secure place that is safe from virtual and physical break-ins.
- Do not share meeting links or passwords on social media or other public networks.
- Do not leave sensitive information exposed physically or online.
- Lock your device when you are away.
- Call in person before complying with requests for sensitive information.
Additional tips can be found on the Information Security Office's Best Practices website.
ANOTHER ONE BYTES THE DUST
A recent phishing campaign was thwarted by a user who completed the Drexel University Security Training (DUST). Unfortunately, 75 users provided the bad actor with their passwords. Don't be tricked, take the DUST!
In this training, participants learn how to protect against cyberthreats and receive a SANS security training certificate upon completion. To request access to this training, students should email firstname.lastname@example.org. Faculty and staff can access the training via Career Pathway in DrexelOne.
Students who complete the DUST training by February 14, 2021 at 11:59 PM will get a chance to win a $25, $50, or $75 Amazon gift card from our security partner, Tenable. To participate, email email@example.com.
Information Security Resources
To stay informed about cybersecurity news, common scams, FAQs, and other information, visit the Drexel Information Security website at https://drexel.edu/it/security.
For tips on information security while learning and working remotely, please visit the Information Security Best Practices webpage.
Report any cybersecurity incident to firstname.lastname@example.org.