Sunday, October 20, 2019

Cyber World Reality Facts

  1. Microsoft Security Intelligence Report and Consumer Reports
  2. AARP, “Caught in the Scammer’s Net: Risk Factors That May Lead to Becoming an Internet Fraud Victim,” 2014
  3. Norton Cyber Security Insights Report Q1, 2017
  4. Ponemon Institute, “2015 Cost of Cyber Crime Study: Global,” 2015
  5. Facebook
  6. Federal Trade Commission, “The Top Frauds of 2017”
  7. staysafeonline.org

For more information on this topic review The Facts Get Clued into the Cyber World Reality.

Be Secure Online! Refer to Manhattan College's Cyber Safety site for additional resources.



Refer to Manhattan College's Email Signature Knowledge Base 
Article for instructions on how to create your own email signature. 

Friday, October 18, 2019

25Live Training Resources

25Live is the site our campus community uses to schedule an event or book a meeting room on campus.  The ITS Training Team has put together a training course with 25Live materials.  The course contains instructions for the 25Live Mobile View and the 25Live Pro View and resources for the best way to book a room on campus using 25Live.  Clients who complete this course will be awarded a 25Live Digital Badge.

This course is located on the Moodle Pro Dev server please access the course here:  

25Live Training Course 
The ITS Knowledge Base also has 25Live Resources.

25Live Mobile View:  Best option to book a room.

25Live Pro View:  Additional resources for power users and room approvers.

Feel free to contact ITS with any questions:
email:  its@manhattan.edu       TEL . 718-862-7973



Sunday, October 13, 2019

Step Up to Stronger Passwords

Weak and reused passwords continue to be a common entry point for account or identity takeover and network intrusions. Simple steps and tools exist to help your end users achieve unique, strong passwords for their dozens of accounts. Help your community members improve their individual and collective security by sharing the following tips.

A password is often all that stands between you and sensitive data. It’s also often all that stands between a cybercriminal and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.
  • Always: Use a unique password for each account so one compromised password does not put all of your accounts at risk of takeover.
  • Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and/or symbols — such as pAMPh$3let. Complex passwords can be challenging to remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also difficult to type on a smartphone keyboard (for an easy password management option, see “best” below).
  • Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes its exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger — such as rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read on.
  • Best: The strongest passwords are created by password managers — software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account. Keep reading!
  • Step it up! When you use two-step verification** (a.k.a., two-factor authentication or login approval), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive an authorization check on your smartphone or other registered device. Without that second piece, a password thief can’t get into your account. It’s the single best way to protect your account from cybercriminals.
**Please note: this option is not available for Manhattan College accounts but should be considered for external (personal) accounts.




    How to pick a proper password.

    Partially reposted from http://er.educause.edu/blogs/2016/11/may-2017-step-up-to-stronger-passwords

    Monday, October 7, 2019

    IT Services Training Team presents on Digital Accessibility


    Alberto DeAngelis and Anita McCarthy presented at the Montgomery County Community College Technology and Learning Conference on October 4th. Their presentation on Digital Accessibility was among 1 of 25 hot topics facing education institutions today.  Close to 300 participants attended the technology conference in Blue Bell, PA .
    The Training Team has created an online, self paced Digital Accessibility course.

    If interested in this topic feel free to reach out to ITS with any questions:




    Sunday, October 6, 2019

    Stop That Phish

    Overview




    phishing computer screen

    Email and messaging services (such as Skype, Twitter, or Snapchat) are one of the primary ways we communicate. We not only use these technologies every day for work, but also to stay in touch with friends and family. Since so many people around the world depend on these technologies, they have become one of the primary attack methods used by cyber attackers. This attack method is called phishing. Learn what phishing is and how you can spot and stop these attacks, regardless if you are at work or at home.

    What Is Phishing

    Phishing is a type of attack that uses email or a messaging service to fool you into taking an action you should not take, such as clicking on a malicious link, sharing your password, or opening an infected email attachment. Attackers work hard to make these messages convincing and tap your emotional triggers, such as urgency or curiosity. They can make them look like they came from someone or something you know, such as a friend or a trusted company you frequently use. They could even add logos of your bank or forge the email address so the message appears more legitimate. Attackers then send these messages to millions of people. They do not know who will take the bait, all they know is the more they send, the more people will fall victim.

    Protecting Yourself

    In almost all cases, opening and reading an email or message is fine. For a phishing attack to work, the bad guys need to trick you into doing something. Fortunately, there are clues that a message is an attack. Here are the most common ones:
    • A tremendous sense of urgency that demands “immediate action” before something bad happens, like threatening to close an account or send you to jail. The attacker wants to rush you into making a mistake.
       
    • Pressuring you to bypass or ignore your policies or procedures at work.
       
    • A strong sense of curiosity or something that is too good to be true. (No, you did not win the lottery.)
       
    • A generic salutation like “Dear Customer.” Most companies or friends contacting you know your name.
       
    • Requesting highly sensitive information, such as your credit card number, password, or any other information that a legitimate sender should already know.
       
    • The message says it comes from an official organization, but has poor grammar or spelling or uses a personal email address like @gmail.com.
       
    • The message comes from an official email (such as your boss) but has a Reply-To address going to someone’s personal email account.
       
    • You receive a message from someone you know, but the tone or wording just does not sound like him or her. If you are suspicious, call the sender to verify they sent it. It is easy for a cyber attacker to create a message that appears to be from a friend or coworker.
    Ultimately, common sense is your best defense. If an email or message seems odd, suspicious, or too good to be true, it may be a phishing attack. 
    Be Secure Online! Refer to Manhattan College's Cyber Safety site for additional resources.

    Refer to Manhattan College's Email Signature Knowledge Base 
    Article for instructions on how to create your own email signature.

    Using a Manhattan College email signature is important because it is the perfect opportunity to brand every message you send. By creating a cohesive email signature for each employee on your team, you create brand recognition in every person to whom your employees sends emails. 

    Reach out to IT Services with any questions:


    Friday, October 4, 2019

    Complete: Banner Upgrade - Banner will be unavailable this weekend

    UPDATE;
    The Banner upgrade has been completed, all ancillary applications (Self-Service, Workflow, Banner Communications Manager, etc...) here been restored. Thank you for your patience.

    Information Technology Services



    Dear Manhattan College Community,

    Tonight at 7:00pm, ITS will begin the scheduled Banner Upgrade process.  Banner and its ancillary applications (Self-Service, Workflow, Banner Communications Manager, etc...) will be offline throughout the weekend and will be back up on Monday, October 7th.  Thank you.

    Information Technology Services

    Tuesday, October 1, 2019

    UPDATE: Campus-Wide Network Outage - Resolved

    UPDATE: ITS has corrected the issue and internet has been restored to Upper and Lower Campus. 


    Previous: There is currently an issue/outage with the network on Upper and Lower Campus as of around 2:30pm. ITS is investigating the situation and will update the community as soon as we can.