Oct 152014
 
Everyone wants to exercise best practices and stay safe while online, though doing so is often easier said than done. For most, convenience outweighs security and as a result, we put ourselves and others at risk for identity theft and other cyber threats. In keeping with the shared responsibility theme for National Cyber Security Awareness Month, we wanted to bring you an opportunity to not only hear about the typical dangers and pitfalls that come with being online, but more importantly, for you to know which ones (as an individual), you are most susceptible to.

One of the National Cyber Security Alliances’ partners (EMC2/RSA) has kindly provided an “Online Identity Risk Calculator” quiz, to help you find out your personal identity risk score and based on that – they will provide practical tips on how you can keep your online identity protected.Just answer 10 questions and discover how your online activities – from banking and shopping to the types of social networking sites you visit – may potentially make you more vulnerable to identity theft and fraud. Click HERE to play! – IDENTITY RISK GAME

Are you unwittingly putting ECU at risk?…Now that we have looked at our personal habits and the potential consequences of such, we wanted to give everyone a chance to take a similar evaluation to determine if and how their behavior differs while at work.

Just answer 12 questions to calculate your workplace security risk score.  Discover how behaviors like sharing passwords, or using your work computer to check personal emails or download music could make the university vulnerable to hacking, malware and other attacks. Click HERE to play! – WORKPLACE SECURITY GAME

 

Did your online risk score(s) surprise you? Did you think that you were being more careful than you really are? Are you practicing safer habits at home than you are at work or vice-versa? – If so, why?

We would love to hear feedback from staff and faculty across campus to help us understand and target the areas of concern. Please post to this blog, our Technology Digest blog or our ITCS Facebook page with your results and/or comments!

ITCS on Facebook: https://www.facebook.com/ITCSatECU

ECU Technology Digest blog: http://blog.ecu.edu/sites/techdigest

Apr 152013
 

Do you know what to do if your ECU computer is stolen? What if you actually respond to a phishing email? These two scenarios and more are termed a security incident, and it’s important to report them to the IT Help Desk.*

The term, security incident, is any computer, network or paper-based activity which could result in misuse, damage, denial of service, compromise of integrity or loss of confidentiality of the ECU network, your computer (which is connected to the ECU network) and data (paper or digital).

Threats, misrepresentations of identity or harassment of or by individuals using these resources can also result from a security incident.

It is important that all incidents, whether benign and accidental or malicious and deliberate, be reported so that appropriate resolution is undertaken with the least data loss or compromise.

Security incidents you are required to report include, but are not limited to, the following:

  • Lost or stolen computer or smart device
  • Lost or stolen files containing sensitive information
  • Unauthorized access to sensitive information
  • Unauthorized access to your computer
  • Compromise of your ECU user account passphrase
  • Compromise of your personal computer
  • Unauthorized use of your user account
  • Unauthorized access to your locked office or files
  • Unusual activities on your computer or network
  • Unauthorized scans of your computer or the network
  • Accidental disclosure of personally identifiable or sensitive information in response to a phishing scheme
  • Virus, worm or Trojan horse activity on your computer
  • Disclosure of sensitive data, including paper disclosure, email release or inadvertent posting of data on a website
  • Suspected information technology policy violation

To report any security incident, call the IT Help Desk 252.328.9866 or 800.340.7081. If you’re unsure whether or not an activity is a security incident, call the IT Help Desk who can help make a determination.


*Do not call the IT Help Desk if you receive a threat to yourself or others. Report any threats to yourself or others to the appropriate law enforcement agency.

 

Jan 092013
 

As the semester begins, ITCS reminds the campus community to avoid mobile phone and email scams, hoaxes and phishing schemes circulating on the Internet. NEVER provide your passphrase or other personally identifiable information* in response to these bogus inquiries.

Although the IronPort spam filter blocks most scam messages from reaching your email, you may receive an occasional hoax email or a fake text message.

A few recent examples include emails from:

  • East Carolina University
  • Service Helpdesk
  • ECU IT
  • ECU Helpdesk
  • Web Master
  • Webmail
  • IRS
  • Any financial institution

If you do receive a phishing message, here’s what to do:

  • NEVER provide personal or sensitive information* in response to any unsolicited email or text message
  • DO NOT open unsolicited email attachments no matter how realistic or enticing the message. You must remain vigilant in not responding to an email or phone hoax or scam
  • NEVER deposit a check sent to you as a result of an email or phone message. Just delete it!

If you receive a message and feel unsure about what to do, contact the IT Help Desk – 252.328.9866/1.800.340.7081.

ITCS will always post legitimate announcements at http://help.ecu.edu. Users can go there to verify the authenticity of an IT-related announcement.

If you have provided personal or sensitive information* in response to an email scam and don’t know what to do, please contact ECU’s IT Help Desk at 328.9866/1.800.340.7081 or http://help.ecu.edu. If you believe you have fallen victim to a criminal scam, please contact the ECU Police Department or your local law enforcement office.

Visit the IT Security website, www.ecu.edu/itsecurity for examples of e-mail scams and additional information on avoiding them.