BSU

Security_Smart_Spring2016_Bridgewater

Issue link: http://bsuit.uberflip.com/i/674134

Contents of this Issue

Navigation

Page 0 of 3

SAFEGUARDING YOUR SECURITY AND PRIVACY AT WORK AND AT HOME NEWSLETTER SPRING 2016 SPRING 2016 SECURITY SMART 1 1 The Unsuspecting You're not really aware of the dangers lurking online, so you aren't concerned about protecting your smartphone or tablet. That makes you an easy target for social engineering scams and phishing attempts. "Attackers are definitely search- ing for the weakest point in the chain," says Lior Kohavi, CTO at Cyren, a pro- vider of cloud-based security systems. Unsuspecting types fall for basic scams, willingly clicking on links in unso- licited emails and entering their IDs and passwords on unfamiliar websites when asked. But phishing messages opened on mobile devices can infect laptops and company systems, says Stu Sjouwerman, co-founder of security training company KnowBe4. He offers this simple piece of advice: "Think before you click." 2 The Delayed Reactor When you misplace your tablet or smartphone, you hesitate to tell the IT department. After all, it'll turn up sooner or later, won't it? Jamisson Fowler, vice president of IT at WellPoint, an Indianap- olis-based health benefits company, has run up against this issue. "People wait a day or even three days and then admit that they thought they lost it—or they were just looking for it now—and they were 'pretty sure it has been misplaced,'" he says. Next time you lose track of your devices (if there is a next time), call your employer's IT department immediately. Any lag time can put devices and sensi- tive information at risk. 3 The Oversharer You like to post personal and work- related information freely on various social media sites. Beware: You're giving scammers a leg up when they try to in- filtrate your company's systems or steal your identity. They'll use those details to help them pretend to be a co-worker or acquaintance, and they'll try to persuade you to share credentials, passwords or other sensitive company data. "Any time people tie social media to events or work email addresses, it's a threat" to company data, says Chris Hadnagy, chief human hacker at Social- Engineer Inc., a training and consulting firm. "We find people who use their corporate email addresses for LinkedIn and Facebook. [Scammers] can search these online and then go to posts, blogs, forums where they've posted—to find personal things." 4 The Tech Genius You're proud to be tech-savvy, and you should be! But if you're not careful, you might turn into a security nightmare—es- pecially if you know how to reconfigure your smartphone to give yourself admin- istrator-level privileges. The most common platform compro- mises are "jailbreaking" on iOS devices or "rooting" on Android devices. These actions essentially turn a user into an ad- ministrator who can then access certain device resources that are normally inac- cessible, and they endanger data by re- moving important protections. They can also allow malware to be downloaded to the device and open it up to all sorts of malicious actions. The lesson here? Just because you can, doesn't mean you should. If you try to bypass your company's mobile device management tools, you may violate company policy as well as make your employer's network vulnerable. What Type of Mobile User Are You? How diligent are you when it comes to mobile device security? If you recognize your- self among the four types described below, it's time to re-evaluate your approach. For more information on staying safe online here at BSU or at home, contact security@bridgew.edu.

Articles in this issue

Links on this page

Archives of this issue

view archives of BSU - Security_Smart_Spring2016_Bridgewater