Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

News

Why is MFA essential?

Tuesday, November 30th, 2021

Security risks and innovative cyber criminals are nothing new, however, when we work from home, these risks increase expeditiously. The only way we can combat security breaches is by adding extra measures of which multi-factor authentication (MFA) is one. 

Information Technology is currently rolling out MFA. Most staff and students have already registered. If you haven’t, we ask that you urgently do so as all users will require to use MFA to access some services. The first services that will need MFA authentication are the Microsoft365 applications. These include Outlook and Teams.

A guide on how to register is available at the bottom of this article and everything you need to know about MFA at Stellenbosch University can be found on our service catalogue.

WHAT IS MULTI-FACTOR AUTHENTICATION (MFA)?

Multi-factor authentication (MFA) seeks to decrease the likelihood that others can access your data.  

Specifically, it enhances the security of your UserID by using your phone, tablet or other device to verify your identity when you attempt to access Stellenbosch University’s network and resources.  

It takes two items to access and update your information: “something you know” (e.g. your password) and “something you have” (e.g. your phone). For example, when you visit an ATM, one authentication factor is the ATM card you use to start the transaction – that’s the “something you have.” Next, you enter a PIN, which is the “something you know.” Without both these factors, your authentication will fail.  

WHY DO I NEED TO USE MFA?  

Passwords are becoming increasingly easy to compromise. They can be stolen, guessed and hacked and new technology and hacking techniques combined with the limited pool of passwords most people use for multiple accounts means information online is increasingly vulnerable. You might not even know who else has your password and is accessing your accounts.  

In addition, experience has shown that people are not as good at recognising malicious email as you might think. Every day, members of the Stellenbosch University community fall prey to cyber scams. Imagine you work on the University’s financial system. You click on what seems to be a legitimate email, typing in your username and password. A criminal now has your login details and can access everything you can access – including, potentially, bank details. In this way HR systems can be accessed and hacked preventing salaries from being paid paid out, etc. The possibilities are endless if someone has usernames and passwords. 

We must take steps to ensure that we are more than just a single click away from having our pay check stolen or becoming a victim of identity theft.  

Multi-Factor Authentication adds a second layer of security to your account to ensure that your account stays safe, even if someone else knows your password. This second factor of authentication is separate and independent from the UserID and password step — MFA never uses or even sees your password. 

HOW DO I REGISTER FOR MFA?

You can register for MFA by following the steps in this guide.

Read more on MFA: 

MFA FAQ’s

Back to basics: Multi-factor authentication (MFA)

What is Multi-factor authentication? And why is it important?

Video on MFA by tech expert Tom Scott.

Makerspace at the library

Tuesday, November 30th, 2021

The Stellenbosch University Library Makerspace is a vibrant, user-centred facility enhanced by technology to elevate learning and digital literacy at Stellenbosch University. There are bookable design & construction workstations where patrons will have access to equipment and services such as:

  • 3D Printing and Scanning
  • AutoDesk software
  • Arduino UNO and Raspberry Pi
  • Soldering stations
  • Oscilloscopes
  • Dremel & hand tools

Where:

Upper floor, Stellenbosch University Library

Make a reservation:

https://sun.ac.za.libcal.com/reserve/Makerspace

https://libguides.sun.ac.za/makerspace

 

sun-e-HR system not available

Tuesday, November 30th, 2021

Please take note that as a result of critical system upgrades and maintenance, the sun-e-HR system will not be available from Thursday 16:30, 15 December 2021 to Monday 08:00, 20 December 2021.

Should you have any queries, please contact Wessel Nolte.

Phishing scam from compromised university account

Tuesday, November 23rd, 2021

Please keep an eye out for an e-mail from a sun email address with the subject line of FYI_Order/Approval. 

It is a phishing scam with a link to a website that is designed to compromise security and steal details such as banking details, login names and passwords. 

The owner of the affected account has already put an Out-of-office notification on her account telling people to ignore the mail sent from her account, but the account is probably still compromised and under the control of the scammers.

Once in the university domain the scammers will continue to attack the university network to steal more information or to obtain bank account details, etc.

Here is an example of one of the mails:

 

Please report this phishing mail if you receive it from the above mentioned address or any other sun address. Here is how you report it:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115.​​

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​ Please add the suspicious email as an attachment to the request.

​​~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password or www.sun.ac.za/useradm and change your password immediately.) Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT Service Desk if you are still unsure. 

[ARTICLE BY DAVID WILES]

Information Security Awareness Training

Tuesday, October 5th, 2021

Part of living in a connected world is understanding that our private information is more vulnerable. ID theft and data breaches are no longer isolated incidents, they happen every single day.

So why would a university be targeted?

Universities hold a great deal of information that could be exploited if it gets into the wrong hands. This information includes personal details and research data.

Consequences and why it matters:

Though not all data security incidents will lead to the loss or theft of information, they will expose information to unwanted risk.

A full data security breach will involve a known disclosure or inappropriate access to information, which is a more serious incident. Any data security incident could potentially be disastrous for both you and the institution.

In an effort to create awareness around some of the typical hacks that we all fall prey to, we have made an Information Security Awareness training programme available. This is a self-study programme with fun quizzes in-between. This is by no means a programme that you will need to have a pass record. This course is strictly informational so that you will have the necessary tools when it comes to Information Security.

To access the course, go to https://learn.sun.ac.za. When the SUNLearn main page opens, click on the “Information Security Awareness Training” link and log in with your network username and password. If you’re successfully logged in, scroll down and click on the “Enrol me” button to enrol yourself for the course and to access the training material.

If you are unable to log on to SUNLearn and you are certain that the network credentials you have entered are correct and active, please log a request via https://learnhelp.sun.ac.za for SUNLearn support.

 

 

 

 

 

 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.