OIT’s Cybersecurity department coordinates University information security initiatives, creates awareness for information security issues, and investigates information security incidents.
National Cyber Security Awareness Month!
October is Cybersecurity Awareness Month, a global effort to help everyone stay protected whenever and however you connect. The overarching theme for the month is, ‘Do Your Part. #BeCyberSmart.’ and Boise State University is proud to be a champion and support this online safety and education initiative this October.
WEEK 2 – SECURING DEVICES AT HOME AND WORK
2020 saw a major disruption in the way many work, learn, and socialize online. Our homes are more connected than ever. Our businesses are more connected than ever. With more people now working from home, these two internet-connected environments are colliding on a scale we’ve never seen before, introducing a whole new set of potential vulnerabilities that users must be conscious of. Week 2 of Cybersecurity Awareness Month will focus on steps users and organizations can take to protect internet-connected devices for both personal and professional use.
WEEK 2 – FACTS & FIGURES
The global smart home market is forecast to reach a value of more than $141 billion by
2023. (Statista Research)
92% of employees said they believe it’s the organization’s job to secure remote working,
yet over two-fifths (42%) claimed current security policies make it difficult to do their
90% of IT professionals believe remote workers are not secure and 70% think remote
staff poses a greater risk than onsite employees. (OpenVPN)
WEEK 1 – IF YOU CONNECT IT. PROTECT IT.
The line between our online and offline lives is indistinguishable. This network of connections
creates both opportunities and challenges for individuals and organizations across the
globe. The first week of Cybersecurity Awareness Month will highlight the ways in which
internet-connected devices have impacted our lives and will empower all users to own their
role in security by taking steps to reduce their risks.
WEEK 1 – FACTS AND FIGURES
The number of cellular Internet of Things (IoT) connections is expected to reach 3.5
billion in 2023 – increasing with an annual growth rate of 30%. (Ericsson)
Gartner forecasts that 25 billion connected things will be in use by 2021. (Gartner)
63% of people find connected devices ‘creepy’ in the way they collect data about
people and their behaviors. (Consumers International & Internet Society)
Once plugged into the internet, connected devices are attacked within 5 minutes and
targeted by specific exploits in 24 hours. (NETSCOUT)
Use Boise State's Virtual Private Network (VPN) While Working Remote
The Office of Information Technology (OIT) reminds all faculty and staff to use the university’s virtual private network (VPN) service when working remote.
The remote access policy (policy 8130) details the requirements for remote access to Boise State computing resources and serves to minimize potential exposure to Boise State from damages caused by unauthorized use, including loss of protected data, intellectual property and harm to critical university systems.
All faculty and staff (including active student employees) have access to the Boise State VPN service. Information about installing and using VPN is available on OIT’s website.
For questions or additional information about Boise State’s VPN service, contact the Help Desk at (208) 426-4357 or email@example.com.
“Are you available ?” – Phishing Scam
This phishing scam is trying to get clicks in University emails. Some users have reported they received an email (which looks like it’s coming from a supervisor) that is trying to solicit a conversation/reply email.
Here is a sample of the message:
Subject: ARE YOU AVAILABLE
Date: February 1, 2020 at 9:37:12 AM MST
To: [Your email]
Are you available?
While this email is simple and doesn’t have any malicious attachments it is using social engineering to get a response email from an unsuspecting user, but the sender isn’t the correct email and most do not come from a boisestate.edu domain.
Once this type of scam has been interacted with, the scammer usually makes up an excuse about being in a meeting and wants the recipient to do an important favor as soon as possible. The favor the scammer wants is for the recipient to purchase iTunes gift cards, scratch off the pin numbers and send them back a picture of the cards and pin.
Tips to avoid becoming the victim of a scam
Always check the address of who the email is coming from. Many times scammers will use a similar name or try and add Boise State in the address to trick users. One important part is to look for what comes after the “@” symbol – this is the domain part. Domains listed with @yahoo.com, @aol.com, @gmail.com, @hotmail.com are not university emails and users should exercise cautions before responding to these emails.
If using a mobile device sometimes the full email address does not show automatically. You can check the address by clicking on the view details. This is usually located at the top of the email with the sender, recipient, and date information. All mobile devices and mail apps differ so it’s best to confirm with your manufacturer and/or application on the best way to view details.
If you are unsure about an email contact the Help Desk at (208) 426-4357, email at firstname.lastname@example.org, or chat online.