CISO Memo: Looking Back, Moving Forward
I've always found it fascinating when someone mentions to me "I can't believe the holidays are herealready. It seems like the year started only yesterday." I think that if they took the time to review the past year, they would be amazed at what they experienced, and it certainly would not feel like it had been only one day long.
As I sat down to practice what I preach, and to think about 2008 from a Brown Information Security perspective, this exercise proved true for us as well. Here are some of the highlights . . . «more...»
Focus on Mobile Security:
It keeps you connected with friends, entertains you, lets you edit a document on the run, tells you where you are, helps you remember who directed that film you saw last night, and it fits nicely in the palm of your hand. Smartphones are the next generation of mobile devices that offer the kind of functionality once only found on a computer.
As handheld mobile devices become ever more sophisticated, more of our work and personal information is stored on these small and familiar modern miracles... All that information -- your calendar, contacts, documents -- and so easy to be lost, filched or even hacked. «more...»
ISG reminds you to securely configure your laptop to protect it from threats like "viral SSIDs": ad-hoc wireless networks that sneak onto your laptop in the guise of "Free Public Wi-Fi". While many laptops come pre-configured to make it easier to connect wirelessly, this feature can have the unintended consequence of allowing an expanding series of "viral SSIDs" onto your computer without your knowledge. «more...»
Whether you call them thumb, flash or USB drives, those mobile memory sticks could become a headache if infected with malicious code. The National Cyber Alert System recently issued a warning about how some of the characteristics that make them convenient also introduce security risks. «more...»
It's Not Being Anti-Social, It's Being Safe:
Navigating Social Networking Sites Safely
Randi likes to spend her Saturdays rollerblading the Washington County bike path but is new in town and wants to find someone to skate with her. Howard is planning an overnight in Maine and would like to know more about his hotel choices than what appears on their web sites. Kyle loves everything about kites and wants to share his experiences, tips and photos with other like-minded enthusiasts.
Luckily we live in a Web 2.0 age that makes it easy to connect with others. «more...»
Welcome in the new year with a 2009 year-at-glance calendar from ISG. Choose from six colorful calendars, each with a timely security tip.
Visit our 2009 calendar web page to select just the right calendar to brighten your wall.
Make January "Change Your Password" Month
It should be almost automatic by now: Reset your clock for a time change and then check and/or replace the batteries in your smoke detectors.
ISG suggests that when you put up your calendar for the new year (see above for our offerings), it's time to change your passwords as well. While once a year should be considered a minimum for password changes (better to change them at least every six months), a new calendar can be a good prompt for "in with the new / out with the old"; stale passwords. «more...»
Protecting Brown Information in the Classroom and Online
Over 1,200 individuals have taken the "Protecting Brown Information" class to learn what constitutes "Brown Confidential Information"; where, when and how it's at risk; and what need to be done to mitigate that risk. Are you one of them?
Classes are held the third Wednesday of each month (sign up at the Training.brown.edu site) and also also available online for those unable to attend in person. Check there also for periodic Safe Computing Brown Bags. For access to the online class, or to make suggestions for brown bag topics, email us at firstname.lastname@example.org.
These common mistakes can ruin your computer or invite identity theft (reprinted with Consumer Reports' permission)
security software is protecting you
Security software is fully effective only when activated and frequently updated (Most products can update automatically.) To update most commercial software products, you must pay an annual fee. Last fall, the National Cyber Security Alliance and the software maker McAfee found that nearly half the users polled who thought their software was protecting them hadn't updated it regularly. Software bundled with a new computer requires special attention because its subscription may expire within weeks. «more...»