SEARCH

  • [:en]Recent Posts[:af]Onlangse bydraes

  • [:en]Categories[:af]Kategorieë

  • [:en]Archives[:af]Argiewe

Security

« Older Entries
Newer Entries »

[:en]Data Privacy day[:af]Dataprivaatheidsdag[:]

Saturday, January 30th, 2021

[:en]

In South Africa, we’re a bit late to the Data Privacy Day party. In Europe, it’s been around since 2007, while The United States joined in 2009. 

Data Privacy Day (known in Europe as Data Protection Day) is an international holiday that occurs every 28 January. The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. 

Even though data Privacy Day has been around for more than ten years, awareness around the protection of data is becoming a critical issue. The reason is twofold. Firstly, data breach incidents across the world are occurring on a more regular basis and it’s happening to large companies who should have strict measures in place to protect their users’ data. Which brings us to the second reason – the implementation of GDPR and POPI. Before both these data laws, there was little to enforce companies to protect users’ data. The GDPR and POPI acts changed this. Now companies are held accountable and can be heavily fined for compromising their clients’ personal information.

Why is data so important, though? According to Mark Barrenechea, CEO at OpenText, “[e]very day we are building, brick by brick and bit by bit, a digital copy of ourselves, whether we are aware of it or not.” A bigger digital footprint makes it easier to find information about you, whether it’s personal information such as usernames and passwords, your physical location or your interests or hobbies. Algorithms can track your actions and anticipate your behaviour. Every little piece of information adds up to a bigger picture and can be used to your disadvantage. 

Sharing data is easy, which makes it critical that you take responsibility for protecting your own information. We can no longer depend on companies or social networks to keep our digital identities safe. This we’ve clearly seen over the past few year with multiple data breaches – many including large companies such as Facebook and Google. 

Data Privacy is just one day in the year to make data owners (that’s anyone using a digital platform!) aware of the importance of protecting data. However, we should be aware of the risks every day. How can you protect your data?  www.digitalguardian has an extensive guide, but here are 10 basic tips:

  1. Use encrypted networks when you’re accessing important information. Even though open and free Wi-Fi is tempting, it comes at a high risk. If you’re browsing websites not using https, know that whatever you do can be seen by someone else.
  2. Choose strong passwords. Don’t know how? Here are some tips. The general trend is using two-factor authentication. Better even, use a password manager as it’s the most secure solution.
  3. Protect your passwords. Don’t write them down. Don’t share them. And most importantly, don’t use the same password for all your social networks or websites. 
  4. Update your software when it prompts you to. Don’t ignore it because you don’t have time – it might be an important security update which will prevent that you are at risk.
  5. Update your antivirus software regularly. New versions of viruses, malware, etc. are released regularly to explore weaknesses. If you don’t update, you’ll be an easy target. Also, consider an anti-virus for your mobile devices – they are even more vulnerable.
  6. Check and configure privacy settings on your phone. Consider carefully which apps you give access to use certain services on your phone, for example the camera function.
  7. Lock your smartphone and tablet devices when you are not using them. Mobile devices are used to access social media, banking services and various other apps containing personal information.
  8. Enable remote location and device-wiping. If your mobile device is stolen, no-one will be able to access your information.
  9. Delete your data from old devices, for example, smartphones, before you sell, discard or pass them onto someone else. 
  10. Back up your data on a daily basis. If your device is infected with malware or stolen, you’ll still have your data. 

[SOURCES: https://www.forbes.comhttps://www.techradar.com]

[:af]

Dataprivaatheidsdag is nog in sy kinderskoene in Suid-Afrika. Dié inisiatief is reeds sedert 2007 aktief in Europa en twee jaar later het Amerika ook begin deelneem. 

Dataprivaatheidsdag (in Europa ook bekend as Databeskermingsdag) ʼn internasionale dag wat jaarliks op 28 Januarie herdenk word en die bewustheid rondom die beskerming van persoonlike data bevorder. 

Alhoewel Databeskermingsdag reeds vir meer as tien jaar bestaan, is die bewustheid oor die beskerming van data van kritiese belang. Die rede is tweeledig. Eerstens is die voorkoms van databreuke kommerwekkend, ook by groot maatskappye wat voldoende maatreëls in plek behoort te hê om kliënte se data te beskerm.

Wat ons bring by punt twee – GDPR. Voorheen was maatskappye nie wetlik verplig om kliënte se data te beskerm nie. GDPR en POPI-wetgewing het dit verander. Maatskappye word nou verantwoordelik gehou vir kliëntedata en kan swaar beboet word as hulle inligting onbeskermd laat.

Maar hoekom is data so belangrik? Volgens Mark Barrenechea, Hoof Uitvoerende Beampte by OpenText, bou ons elke dag stukkie vir stukkie ʼn digitale weergawe van onsself. Deur middel van jou digitale voetspoor is dit dan maklik om inligting oor jou te kry – persoonlike inligting soos gebruikersname en wagwoorde, jou fisiese bewegings wat deur Google afgeloer word of jou belangstellings, gunsteling-restaurant of vriende. Algoritmes kyk na jou inligting en voorspel jou optrede. Elke stukkie inligting maak deel uit van die groter prentjie wat tot jou nadeel gebruik kan word.

Tegnologie maak dit maklik om data te deel en daarom moet jy self verantwoordelikheid neem vir die beskerming daarvan. Ons kan nie meer staatmaak op maatskappye of sosiale netwerke om ons digitale identiteit te beveilig as ons dit self vrywilliglik blootstel nie. Dis duidelik uit verskeie databreuke oor die afgelope paar jaar – insluitende groot maatskappye soos Facebook en Google.

Databeskermingsdag is net een dag in die jaar waar data-eienaars (enigiemand wat ’n digitale platform gebruik) bewus gemaak kan word van die belangrikheid van data. Ons moet egter elke dag kennis dra van die risiko’s. Hoe kan jy jou data beskerm? Jy weet reeds, jy moet dit net begin doen of beter doen. www.digitalguardian het ʼn deeglike gids oor databeskerming, maar hier is 10 wenke om mee te begin:

  1. Gebruik netwerke met enkripsie wanneer jy toegang nodig het tot belangrike inligting. Gratis Wi-Fi is handig, maar dis ’n risiko. Indien jy webwerwe besoek wat nie https gebruik nie, onthou dat jou data deur enigiemand anders gesien en misbruik kan word.
  2. Kies sterk wagwoorde. Weet nie hoe nie? Hier is ʼn paar wenke. Gebruik twee-faktor bekragtiging of nog beter – ’n wagwoordbestuurprogram.
  3. Beskerm jou wagwoorde. Moet dit nie neerskryf nie. Moet dit nie deel nie. En die belangrikste van almal – moenie dieselfde wagwoord gebruik vir al jou sosiale netwerke of ander webwerwe gebruik nie.
  4. Dateer jou sagteware op wanneer dit jou por. Moet dit nie ignoreer omdat jy haastig is nie – dit kan ʼn belangrike sekuriteitsopdatering insluit.
  5. Dateer gereeld jou an-tivirus sagteware op. Nuwe weergawes van virusse en malware word daaglikse vrygestel. As jy dit nie opdateer nie, is jy ’n maklike teiken. Gebruik anti-virus programmatuur vir jou mobiele toestelle – hulle is selfs meer kwesbaar as jou rekenaars.
  6. Gaan die privaatheidverstellings op jou slimfoon na. Dink voordat jy sommer vir ’n toepassings toegang gee tot jou foon.
  7. Sluit jou slimfoon en tablet wanneer jy dit nie gebruik nie. Jy gebruik dit vir sosiale media en bankdienste en dit bevat al jou persoonlike inligting. 
  8. Aktiveer die “remote location” en die toestel-skoonvee funksies. Indien jou mobiele toestel gesteel word, kan niemand toegang tot jou inligting kry nie.
  9. Verwyder jou data van ou toestelle, byvoorbeeld ou slimfone wat verkoop, weggegooi of vir iemand anders gegee word.
  10. Rugsteun jou data op ʼn daaglikse basis. As jou jy jou toestel verloor of dit malware kry, het jy nog ’n kopie.

 [BRONNE: https://www.forbes.comhttps://www.techradar.com]

[:]

Email

Tags: , ,
Posted in Academic IT, Security | Comments Off on [:en]Data Privacy day[:af]Dataprivaatheidsdag[:]

[:en]Phishing alert: Zoom invite[:]

Thursday, November 5th, 2020

[:en]

Please be on the lookout for a new tactic that phishing scammers are employing to get your personal details, passwords and to gain access to your university account.

These scammers are using “Zoom” video conference invitations to fool their intended victims and steal passwords and other personal details.

 

Above is one such example. Take note of the highlighted the warning signs that reveal the scam. This particular scam is “custom” programmed for specific university e-mail addresses and might target your address, as the e-mail addresses are embedded into the phishing web page and the e-mail itself.

If you do get such an e-mail please report it to IT Cyber Security as soon as possible on the ICT Partner Portal.

If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally important that you immediately change your password. Make sure the new password is completely different, and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.

After changing your password, also log a request on the ICT Partner Portal in order for your devices to be checked for malicious software. 

[ARTICLE BY DAVID WILES]

[:]

Email

Tags:
Posted in News, Security | Comments Off on [:en]Phishing alert: Zoom invite[:]

[:en]Safelinks protecting you against phishing[:af]Safelinks beskerm jou teen strikroof[:]

Thursday, October 8th, 2020

[:en]

 In January 2020 Information Technology activated a preventative security tool called Safe Links to protect all staff and students from email phishing attempts.

You might have noticed that some of the links in your emails suddenly started displaying a very long link which starts with https://eur03.safelinks.protection.outlook.com/ followed by the rest of the web link. This is an extra obstacle built in to our Microsoft security features which checks if a site has been listed as dangerous and prevents you from clicking on it. If you do click on it, you will see the following warning:

Definition of Safe Links

“Safe Links is a feature in Office 365 Advanced Threat Protection that provides URL scanning and rewriting of inbound email messages in mail flow, and time-of-click verification of URLs and links in email messages and other locations. Safe Links scanning occurs in addition to the regular anti-spam and anti-malware protection in inbound email messages in Exchange Online Protection (EOP). Safe Links scanning can help protect your organisation from malicious links that are used in phishing and other attacks.”  

With this added feature we eliminated some of the risk facing staff and students when it comes to phishing and other security attacks from hackers. However, this does not mean you shouldn’t still be vigilant when you open an email.

Familiarise yourself with the basic tell-tale signs of a phishing email. Think before you click on a link or open an attachment. Information Technology can only protect you up to a point, the rest is your responsibility – this is especially true in these times when you work from home.

 

 

[:af]

In Januarie 2020 het Informasietegnologie Safe Links,`n voorkomende sekuriteitshulpmiddel, geaktiveer om personeel en studente te beskerm teen strikroofaanvalle.

 Jy sou moontlik opgemerk het dat die skakels in jou e-posse die afgelope paar maande skielik `n ekstra lang adres wys as jy met die muis daaroor beweeg. Die skakel sal begin met https://eur03.safelinks.protection.outlook.com/ gevolg deur die webwerf se skakel. Hierdie proses is `n ekstra hekkie wat in ons Microsoft sekuriteitsfunksie gebou. Die funksionaliteit gaan na of `n webwerf as gevaarlik of hoë risiko gelys is en indien wel, keer dit dat jy op die skakel kliek. Indien jy op die skakel kliek sal die volgende waarskuwing verskyn. 

Definisie van Safe Links

“Safe Links is a feature in Office 365 Advanced Threat Protection that provides URL scanning and rewriting of inbound email messages in mail flow, and time-of-click verification of URLs and links in email messages and other locations. Safe Links scanning occurs in addition to the regular anti-spam and anti-malware protection in inbound email messages in Exchange Online Protection (EOP). Safe Links scanning can help protect your organisation from malicious links that are used in phishing and other attacks.”  

Met hierdie addisionele funksie word sommige van die strikroof- en sekuriteitsrisikos waarmee personeel en studente gekonfronteer word verminder. Dit beteken egter nie dat jy gerus moet wees wanneer jy e-posse oopmaak nie.

Maak seker jy weet wat die basiese tekens is van `n strikroof e-pos. Dink en lees voor jy op `n skakel kliek of `n aanhangsel kliek.
Informasietegnologie kan jou slegs beskerm tot op `n punt, die res is jou verantwoordelik. Dit is, in besonder, van toepassing terwyl ons tans van die huis af werk. 

 

 

[:]

Email

Posted in News, Notices, Security | Comments Off on [:en]Safelinks protecting you against phishing[:af]Safelinks beskerm jou teen strikroof[:]

[:en]Reminder to enrol for MFA[:af]Onthou om te registreer vir MFA[:]

Tuesday, September 8th, 2020

[:en]

Last month we told you about the planned implementation of MFA (Multi-factor Authentication). Thank you to the 28 671 staff and students who have already enrolled to use MFA.

If you are still unsure what MFA entails, here is some information

Although we have not activated MFA yet, soon all staff and students will be required to use multi factor authentication when using any of the Microsoft 365 applications (Outlook, Sharepoint Online, OneDrive for Business, etc.) to protect their information university’s network. If you haven’t enrolled yet, we strongly advise you do so as soon possible by following these steps.

If you have any questions first consult our FAQs and if this does not answer your question, please log your request on our ICT Partner Portal and a technician will contact you. If you have any questions you would like to add to our FAQs, you’re welcome to send an email to help@sun.ac.za and we’ll add them to the list.

[:af]

Verlede maand het ons jou vertel van die beplande implementering van MFA (Veelfaktor-bekragtiging). Dankie aan die 28 671 personeel en studente wat reeds registreer het vir die gebruik van MFA. 

Indien jy steeds onseker is oor hoe MFA werk, hier is meer inligting.

Alhoewel ons nog nie MFA aktiveer het nie, sal daar van alle personeel en studente verwag word om veelfaktor-bekragtiging te gebruik vir enige van die Microsoft 365-toepassings (Outlook, Sharepoint Online, OneDrive for Business, ens.) sodoende hulle inligting en die universiteit se netwerk te beskerm. Indien jy nog nie registreer het nie, beveel ons aan dat jy dit so gou moontlik doen deur die volgende stappe te volg.

Indien jy enige vrae het, kyk asb. na ons FAQ-dokument en as jou vraag nog nie beantwoord word nie, teken asb. jou versoek aan op die ICT Partner Portal waarna ʼn tegnikus jou sal kontak. Jy is ook welkom om vrae vir ons te stuur na help@sun.ac.za en ons sal dit byvoeg by die FAQs. 

[:]

Email

Posted in General, Notices, Security | Comments Off on [:en]Reminder to enrol for MFA[:af]Onthou om te registreer vir MFA[:]

Multi-factor authentication (MFA) FAQs

Thursday, August 6th, 2020

Information Technology recently enabled MFA for our staff and students. Soon all staff and students will be required to use multi factor authentication to secure their information and the university’s network. 

FREQUENTLY ASKED QUESTIONS 

What is MFA?  

Multi-Factor Authentication adds a second layer of security to your account to ensure that your account stays safe, even if someone else knows your password. This will mean that, for certain services, including Microsoft Outlook, Teams, etc. you will be prompted to provide more information in order to authenticate your identity as a Stellenbosch University student or staff member. More about MFA here. 

Why is it so important that I enrol for MFA?  

By enrolling for MFA, you ensure that your account is more secure.  You are protecting your own data (including your HR, payment details, etc.), your colleagues and the university.

How do I enrol for MFA? 

By following the steps set out in the .pdf document. 

What must I do if the document does not open? 

If the document does not open, it could be due to a slow internet connection or you do not have a PDF reader (e.g. Adobe Acrobat) installed. Please also clear your browser history or try to open the link in a different browser.  

How can a PDF reader be installed? 

Please raise a request on the ICT Partner Portal that is available at https://servicedesk.sun.ac.za  

What can I do if I have problems to enrol for MFA? 

If you are struggling to enrol for MFA, please log a request on the ICT Partner Portal and a technician will contact you.  

When do I have to enrol for MFA? 

Please enrol for MFA as soon as possible. It is critical that all our staff and students use two-factor authentication. 

How will I know that I have successfully enrolled for MFA? 

A confirmation message will be displayed on the last screen of the enrolment process. 
You are now enrolled for Multi Factor Authentication.

What must I do if I don’t see the  screens as indicated on the enrolment document? 

Raise a request on the ICT Partner Portal at https://servicedesk.sun.ac.za  

Will I be charged for the MFA authentication SMS’s? 

No, the SMS’s are at the cost of the University. 

Can I enrol for MFA if I stay in an area without cell phone signal? 

No, you need a cellphone with reception to enrol for MFA.

Which IT services will be activated for MFA? 

For the first phase all Microsoft365 (Outlook, Sharepoint Online, OneDrive for Business, etc.) applications will require MFA authentication. 

What will happen if a service is activated for MFA? 

Before you can access the service you will be requested to enter the one-time pin number that will be sent to the cell phone number that you have indicated during the enrolment process. Or if you chose to use the Authenticator App a message will be sent to your phone via the app which request that you approve and in some cases it might also ask for a scan of your thumbprint. 

Email

Posted in Security | Comments Off on Multi-factor authentication (MFA) FAQs

« Older Entries
Newer Entries »