Cybersecurity
Getting Started
Cybersecurity is important for everybody. As more and more of our work and personal lives are online, it has become more and more important for everybody to be vigilant when it comes to security, both personally, and the community around them. Here are some things you can do to keep yourself, and UAS, cybersafe!
- Keep a strong password: The first line of defense is ensuring that no one can simply guess your password. Make sure to use a unique password for each and every account. Don't ever share passwords: websites, emails, coworkers or friends!
- Lock down your account with MFA: Multifactor Authentication (or MFA) is a second layer of account protection. In addition to something you know (your username and password), it requires something you have (cell phone, token, or other device) or something you are (fingerprint, faceID, or other biometrics).
- Stay up to date: keep all your software and devices up to date. Don't snooze on that Windows update, it might contain necessary security to counter the latest malicious software. Ensure your browser is always on the latest version. However, you should always acquire updates through the official source. Just like you wouldn't trust a laptop sold from a dark alley, don't trust updates coming from suspicoius sources.
- Cybersecurity isn't just digital: Pay attention to your devices, as well as your accounts. If you use your work computer, keep it secure. If you use your cell phone for authentication, make sure it doesn't leave your control.
- Stay vigilant: Pay attention to what's going on around you. Did that email phishing email come from an unexpected address? Did you receive notice about a change to an account you didn't know you had? If you are concerns, please reach out to the Helpdesk! You can also subscribe to receive Helpdesk Notifications when we're aware of widespread or targetted security concerns.
What to Look Out For!
Social Engineering is the name of techniques that bad actors will use in order to get access to your credentials and personal information. Things to watch out for:
- Phishing: ever see an email that is just a little bit off? It comes from someone you should trust, but is that really them? Someone giving away a grand piano, but that seems like a strange offer? Communication with these bad actors confirm you exist, and is one of the first steps to them breaching your account.
- Spear Phishing: as above, but these are targetted to someone in particular. Do you have access to important systems, such as Banner or Early Alerts? Then they could take aim at you.
- Suspicious Links: pay very close attention to any links sent over email. Scammers will often include links to login prompts, but these will never work! These fake pages are created only to steal your credentials, no matter how official they look. On most devices and browsers, mouse over the link to confirm where it's actually sending you. On mobile, press and hold to display this information.
- Lost Devices: be wary of any device that you find sitting around. That USB drive may not be lost at all. Bad actors will leave items such as USB drives in public, hoping someone will plug it into their computer. This opens up the computer and the entire network to all sorts of security problems.
What to Do When Things Go Wrong
So you think that someone has gotten access to your account. What now?
First, lock down your account. From a secure device, such as a separate computer, access ELMO and change your password immediately. Do not reuse your password, don't use personal information, don't let anyone know your new password.
If you are currently logged in anywhere, on any device, make sure to update this password. If possible, have the service (Google, Microsoft Office, etc) log you out on all devices.
Run a security scan on any device that might have been affected. For UAS machines, we recommend the onboard Windows Defender. You can also install software from the Security section of our Downloads page.
Let the Helpdesk know! Please provide as much information as you can: strange emails, login notifications, reports from coworkers. We can help you secure your account and have our technicians block further intrusions.
More Resources
You can check out the following videos on our Instructional Videos page:
- Password Management
- Stay Up to Date: Windows, Mac & Chromebook
- Cybersecurity: Social Engineering
Additional pages you should check out: