%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> /XObject << /I1 16 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text /ImageC ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20211201054459+00'00') /ModDate (D:20211201054459+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 4084 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 134.071 521.469 612.663 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 134.446 520.719 611.913 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(INFORMATION SECURITY AWARENESS TRAINING)] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [(Part of living in a connected world is understanding that our )] TJ ET BT 61.016 553.044 Td /F3 9.0 Tf [(private information is more vulnerable. ID theft and data breaches )] TJ ET BT 61.016 542.055 Td /F3 9.0 Tf [(are no longer isolated incidents, they happen every single day.)] TJ ET BT 61.016 522.066 Td /F4 9.0 Tf [(So why would a university be targeted?)] TJ ET BT 61.016 502.077 Td /F3 9.0 Tf [(Universities hold a great deal of information that could be )] TJ ET BT 61.016 491.088 Td /F3 9.0 Tf [(exploited if it gets into the wrong hands. This information includes )] TJ ET BT 61.016 480.099 Td /F3 9.0 Tf [(personal details and research data.)] TJ ET BT 61.016 460.110 Td /F4 9.0 Tf [(Consequences and why it matters:)] TJ ET BT 61.016 440.121 Td /F3 9.0 Tf [(Though not all data security incidents will lead to the loss or theft )] TJ ET BT 61.016 429.132 Td /F3 9.0 Tf [(of information, they will expose information to unwanted risk.)] TJ ET BT 61.016 407.343 Td /F3 9.0 Tf [(A full data security breach will involve a known disclosure or inappropriate access to information, which is a more serious )] TJ ET BT 61.016 396.354 Td /F3 9.0 Tf [(incident. Any data security incident could potentially be disastrous for both you and the institution.)] TJ ET BT 61.016 376.365 Td /F3 9.0 Tf [(In an effort to create awareness around some of the typical hacks that we all fall prey to, we have made an Information )] TJ ET BT 61.016 365.376 Td /F3 9.0 Tf [(Security Awareness training programme available. This is a self-study programme with fun quizzes in-between. This is by )] TJ ET BT 61.016 354.387 Td /F3 9.0 Tf [(no means a programme that you will need to have a pass record. This course is strictly informational so that you will have )] TJ ET BT 61.016 343.398 Td /F3 9.0 Tf [(the necessary tools when it comes to Information Security.)] TJ ET BT 61.016 323.409 Td /F3 9.0 Tf [(To access the course, go to)] TJ ET 0.373 0.169 0.255 rg BT 174.074 323.409 Td /F3 9.0 Tf [(https://learn.sun.ac.za)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 174.074 322.258 m 262.121 322.258 l S 0.400 0.400 0.400 rg BT 262.121 323.409 Td /F3 9.0 Tf [(. When the SUNLearn main page opens, click on the "Information )] TJ ET BT 61.016 312.420 Td /F3 9.0 Tf [(Security Awareness Training" link and log in with your network username and password. If you're successfully logged in, )] TJ ET BT 61.016 301.431 Td /F3 9.0 Tf [(scroll down and click on the "Enrol me" button to enrol yourself for the course and to access the training material.)] TJ ET BT 61.016 281.442 Td /F3 9.0 Tf [(If you are unable to log on to SUNLearn and you are certain that the network credentials you have entered are correct and )] TJ ET BT 61.016 270.453 Td /F3 9.0 Tf [(active, please log a request via)] TJ ET 0.373 0.169 0.255 rg BT 187.079 270.453 Td /F3 9.0 Tf [(https://learnhelp.sun.ac.za)] TJ ET 0.18 w 0 J [ ] 0 d 187.079 269.302 m 292.136 269.302 l S 0.400 0.400 0.400 rg BT 292.136 270.453 Td /F3 9.0 Tf [(for SUNLearn support.)] TJ ET BT 61.016 250.464 Td /F3 9.0 Tf [()] TJ ET BT 61.016 230.475 Td /F3 9.0 Tf [()] TJ ET BT 61.016 210.486 Td /F3 9.0 Tf [()] TJ ET BT 61.016 190.497 Td /F3 9.0 Tf [()] TJ ET BT 61.016 170.508 Td /F3 9.0 Tf [()] TJ ET BT 61.016 152.019 Td /F3 9.0 Tf [(Posted in:News,Notices,Security,Training | | With 0 comments)] TJ ET q 225.000 0 0 150.000 325.984 422.824 cm /I1 Do Q endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 174.0737 322.5766 262.1207 331.7341 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (https://learn.sun.ac.za/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 187.0787 269.6206 292.1357 278.7781 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://learnhelp.sun.ac.za/) >> endobj 16 0 obj << /Type /XObject /Subtype /Image /Width 300 /Height 200 /ColorSpace /DeviceRGB /Filter /DCTDecode /BitsPerComponent 8 /Length 17392>> stream JFIF``BExifMM*J PiZ >SONYSLT-A99V '  (00004 0 2015:04:09 14:56:522015:04:09 14:56:52250mm F1.4 }http://ns.adobe.com/xap/1.0/ 2015-04-09T14:56:522015-04-10T13:14:47 C    !'"#%%%),($+!$%$C   $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$,"N !1AQa"2q#BCR$Sbr%34DETsU&6c,!1AQ#"aq2 ?ʣ#橴) E 8H~Cph3sFUk&Ap efui'IO <غ9(5xK,X홢H8wfz6(J%oG7g%OJ#s{W [pK쾔 _".i>u뵱EID@@0ް.=_8HP*?SR-T^eTnpN9+m CC͑И K`xVlkc͏ k^ީ5_LRmL:wf+cG''^SūsOʓ'Z+N<&| 槩) #U Yu#-f҆O7*-q2$.1b U+ep\y!u7Hahqj+GfJ{BѵHt˷-[w$m#SNڊ3ЌɰU׮wk>`~<>״)H~\D|^E4eѧ5(=vm=ZO$ULn)❧) iKA[女ݢ%B^4dQnoU0_ (U쥠hՔtCƘAJ!ùFXridv)E/Ih= N 훸?SN\Ɔ BzIW|l\ unTݟ!(זZ{y릤]҇FCT+_Ltڅ=,ɇMHRƜ׈ZKjZOna{0*[Q3ALL BM tn(t)yD&DkJM!yv)GN"jn@xǿ"eoW>e1~*N/lY?ho?m H0۩7;D]wS'&)0oHAo1R˿eh'j-f*ʻxK=lշ6ɡ:M@ta^ZG勯D5QͶRtaV)ȭ3ҟt$ zCL*];gNЈ)$okB :Zú6T˰3y~Vgn[jX̵XuX|Ni#ZeE]qں|w&{5on w+\1v*|Zeb] plnГQ/+EDZ2{P3|)zOc W;F%A^2i-tEEqfjY[i&Nл[8@L;fJTxoSWrQ|R˃q[XՕJy6dAɞc_7s> yh--hkĢA&վ e7- R4 C6vED=|c*Bnwh6-Z6#xyÊ繥Ҕ=M.ii'tR ZqM0sTrƑ[mnBu93(I(oCɤV]mMI@XMnK!ぜ>wN(UaP vfَ骨:aΓP8aXXrXCm:y2&baxtawG[YM⚇F)N]K*;'ٲG? +)ۭ)ƞfVMܺesᒷz, (SgbN*X~Z2ء>{aqY7<i3FnI2xR &0d$II0:-%Yxͷ5@=(>*4jGYݫ`10r WݗP#OT42/bC#wyZo,:0W_e[eCh.Ϋ&%cl >^Omi+ߩ~H᙮*KG2 qW( SF^6x^\hJ+ ۬[κ(ۜ3Q8(2D^d*JlX ‰5#,+E(t7;ڎJ0U$=,rVhwX\B=> E: I`G"жŃPA[ nR|cTo0uc)y]LZdm1UI~M')a}`ܦPlOL;zG3J'oR}qMlG6a;+*\|V1TRB@ w{ts╹{Bi"1UcR kpo{Lgnٿ_sOe4ysnrIZ +e*Ta0:,Jhw=:iz.+ϗtKQWJ vF*JFntiPmH惣&mum%c ߍNʥmR\gPCY#FIeu?[_.vc@St{8#/ߑNa,9>6@SWJ0 ~5VAI!/hij.r [V䳶CRΪ4t*Tu1DkZr7-)ʔKA-ƻpc ȫMm9cO>N[hat3 JutѶ?!{"Kρ6nkCw@al &WGlW<Uko//һkyIq]ظe\wnv~lIz~ ?}꥟LZd H8\^>,O DaTćeE1ݔ] Nn#L)6[P?eo17i5eRA ;8 S_5Uhm24ӄζX%dLM.왢TRi٧'3Pu ssz=9mwQ<{!Se|8Fkv[kxYjX%EG%D g2g o% r촻S -`n^X)ќHܽZ[CK+᜜JhT׎)䠈Qm5pH!MMƀxȘH0 jeuϡv㾻hj V*0 wwv`9/c2;u_' &тxZ)}K[ⷀ/Di|C,kTXk`; mUt8ppM\jM\7B\%d\R(Ğ 𶊺u 끌+}Xoٽ\SIh*$N0պFђye Y. Z$kOjdӵ0 ܨvV7kbWGa$2t!/x@0y"C/qCWM2XrJ80O0/[qIa+n}kZ֗h*j?D aP[csF:nM?RZqhhHM1=(fVD'kgn!}4! l( ,ci*?Q/U_k*(5PN?A섯Ɔ3hF򅦆J7׼e7ߑ9qՕh"d/]KLx<?HUk <Σ2Ѻh\0< Wr$ te ƈ;fؚ;0AܻOX`2a81ハI6k-j߄dL598c^WK;ѣMtp h+ga[ pGհ4k{J}MN%vg'՛;?F(ѿ~)hv sO0#uIэ%n0,Xny.zog(-r֣*Sp&CSvcՌ.wkz\I9% 1JCK |g[3[ޕuG) nWDR^g 1y֨Vkwzj _Z5'ԷjX#:xm kG Y.>[А7^խ+<,2Ǵ3Nc=[waNCZio~J_7> QG4 $(+9 3EPAdm+L9[Si%̐cyom#qOKp4ÙSnkˈEC.׊8 \ZMB3y㙿7O`.hʝ$ -7S_ kqڜnGwO n,kq#3nۿoa$3K98,DutuS޳V#ވG%K ϳ[ o8(L޾dBc7vt}oNԘP1ҟ~+˅.tW ?ZS4w۹fU 2>KMH}gJ>tT*i(m-.S6tpAL~K-pu搯k~ Ck>v76^e5E8ɛ!%r48]O*߂6.뭒%p3FLo兘e2Qx,U#~Gw24 sa ${u3L܁)X? oQ,[;fPٶ,S<#tݽHMlE]!Ckj7{ža*WQJb؝lҥ$`c `ќ~e}3ƑU>+:XnQ*.j e}‡B0*OJ6SŕCPBԏ5;zJn\ghC'c9j:L٩trO61\S<"Qjn .=GdKd?EG5S";]s J6]rNأ nNHkQJp3&/KT 3V؍YMIۛ:odRy7tL8P{AFZI|X;~?4QxM+h6žrҾ 9QڳmU[2GZ2Zqy)n~tK LdfQ4Q! [ĬkժS`4;6m:آL K׊Gى$wzӢ[E=;[+w nU59Mlékwqκ"hYQU-^qt u4(sxy3nJmDovrO*M-#fcnԦ-ߖC(mr&8M.4ժg;0w)`_w[P>U{3FԳӢ^qZgz]]qS7 Mun[~!ve8 `[[e2I##w=TI㭤x#GgTsc29)#2 +.n5UV=3tb<04o rלIe+δ}WYE1(xXʑSmрVJۭuq~ॶS5c+c '*Ƒ,w:XA{4 +BXD1c)%`[k$ ΰjӪ 6ݨ$2[jᇘWS* Nvs*XVzJ'ccuK; F۔ts '5~8}6]vZȃV+J2S~JZ8 mcf8O[%>Z噠V޺i|(\_A]O*ӎOZM-|6|dUz8Kޤ4Z cӄr?FI6- =xKiSƪ5Lug/is909'z / (iTʧPSu;͓pd_s':*H2hzr$.F@l}nQ|Fw|pn°?i)dmUc'cUGV̝5F1r}a8kG`Ʒ5uR}X䀼;Ėcx瑪`2ь:hNI&!\]$8`oJjL?C0Se{{dPnQ.\DGY{W9`˓<\'kZ #˒|J(NٛyϐY\E /Qk6:H˓Y8!y=zt3kK DA}r.Vu1%h ɤ\xerc'ꊑiV f?\@TZFx%\Ѯ{``˓tx EPQp h=%`fMi%qQW;B=r8Qbޯc 5X\$0,*ձr3G˓@p ig)K80rhF5M88.\q4B/ endstream endobj xref 0 17 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000332 00000 n 0000000369 00000 n 0000000504 00000 n 0000000593 00000 n 0000004729 00000 n 0000004841 00000 n 0000004948 00000 n 0000005064 00000 n 0000005184 00000 n 0000005312 00000 n 0000005388 00000 n 0000005516 00000 n 0000005596 00000 n trailer << /Size 17 /Root 1 0 R /Info 5 0 R >> startxref 23157 %%EOF Security « Informasietegnologie
Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

Security

Why is MFA essential?

Tuesday, November 30th, 2021

Security risks and innovative cyber criminals are nothing new, however, when we work from home, these risks increase expeditiously. The only way we can combat security breaches is by adding extra measures of which multi-factor authentication (MFA) is one. 

Information Technology is currently rolling out MFA. Most staff and students have already registered. If you haven’t, we ask that you urgently do so as all users will require to use MFA to access some services. The first services that will need MFA authentication are the Microsoft365 applications. These include Outlook and Teams.

A guide on how to register is available at the bottom of this article and everything you need to know about MFA at Stellenbosch University can be found on our service catalogue.

WHAT IS MULTI-FACTOR AUTHENTICATION (MFA)?

Multi-factor authentication (MFA) seeks to decrease the likelihood that others can access your data.  

Specifically, it enhances the security of your UserID by using your phone, tablet or other device to verify your identity when you attempt to access Stellenbosch University’s network and resources.  

It takes two items to access and update your information: “something you know” (e.g. your password) and “something you have” (e.g. your phone). For example, when you visit an ATM, one authentication factor is the ATM card you use to start the transaction – that’s the “something you have.” Next, you enter a PIN, which is the “something you know.” Without both these factors, your authentication will fail.  

WHY DO I NEED TO USE MFA?  

Passwords are becoming increasingly easy to compromise. They can be stolen, guessed and hacked and new technology and hacking techniques combined with the limited pool of passwords most people use for multiple accounts means information online is increasingly vulnerable. You might not even know who else has your password and is accessing your accounts.  

In addition, experience has shown that people are not as good at recognising malicious email as you might think. Every day, members of the Stellenbosch University community fall prey to cyber scams. Imagine you work on the University’s financial system. You click on what seems to be a legitimate email, typing in your username and password. A criminal now has your login details and can access everything you can access – including, potentially, bank details. In this way HR systems can be accessed and hacked preventing salaries from being paid paid out, etc. The possibilities are endless if someone has usernames and passwords. 

We must take steps to ensure that we are more than just a single click away from having our pay check stolen or becoming a victim of identity theft.  

Multi-Factor Authentication adds a second layer of security to your account to ensure that your account stays safe, even if someone else knows your password. This second factor of authentication is separate and independent from the UserID and password step — MFA never uses or even sees your password. 

HOW DO I REGISTER FOR MFA?

You can register for MFA by following the steps in this guide.

Read more on MFA: 

MFA FAQ’s

Back to basics: Multi-factor authentication (MFA)

What is Multi-factor authentication? And why is it important?

Video on MFA by tech expert Tom Scott.

Phishing scam from compromised university account

Tuesday, November 23rd, 2021

Please keep an eye out for an e-mail from a sun email address with the subject line of FYI_Order/Approval. 

It is a phishing scam with a link to a website that is designed to compromise security and steal details such as banking details, login names and passwords. 

The owner of the affected account has already put an Out-of-office notification on her account telling people to ignore the mail sent from her account, but the account is probably still compromised and under the control of the scammers.

Once in the university domain the scammers will continue to attack the university network to steal more information or to obtain bank account details, etc.

Here is an example of one of the mails:

 

Please report this phishing mail if you receive it from the above mentioned address or any other sun address. Here is how you report it:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Go to https://servicedesk.sun.ac.za/jira/servicedesk/customer/portal/6/create/115.​​

Fill in your information and add the email as an attachment. Your request will automatically be logged on the system.​​ Please add the suspicious email as an attachment to the request.

​​~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you have accidentally clicked on the link and already given any personal details to the phishers it is vitally important that you immediately go to the USERADM page (either http://www.sun.ac.za/password or www.sun.ac.za/useradm and change your password immediately.) Make sure the new password is completely different and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts. Contact the IT Service Desk if you are still unsure. 

[ARTICLE BY DAVID WILES]

Upgrade to Office 365 and Windows 10

Wednesday, November 3rd, 2021

Microsoft recently sent out a notification that some versions of Office 2013 and Office 2016 may experience connectivity issues due to the retirement of support for these versions. It is therefore imperative that all users who still use  Office 2013 and Office 2016 immediately upgrade their Office software to Office 365. 

Users whose devices are still using Windows XP, Windows 7 and Windows 8 as operating systems are also required to urgently upgrade their devices as this software is no longer supported by Microsoft.

Benefits of upgrading your software

With the challenges we’ve faced over the few months, why do we have to sacrifice valuable time to have my software upgraded?

New malware is released daily, putting your data and the University at risk.  So, apart from gaining new features by updating your software you are also protected from outsider threats as the new software has better security features, is more reliable and has better performance. 

When must I do this?

We recommend that users do this upgrade as soon as possible to ensure that you don’t fall prey to malware and lose valuable data.

Who will help me with the upgrade?

A support ticket can be logged on the ICT Partner Portal.  As soon as the ticket is logged, you will receive a reference number via email after which an IT technician will contact you to arrange an appointment to assess if an upgrade is possible on the device.

[Article by Ronel Reynecke]

­­­­­­­­­­­­­­­­­­­­­­­

Information Security Awareness Training

Tuesday, October 5th, 2021

Part of living in a connected world is understanding that our private information is more vulnerable. ID theft and data breaches are no longer isolated incidents, they happen every single day.

So why would a university be targeted?

Universities hold a great deal of information that could be exploited if it gets into the wrong hands. This information includes personal details and research data.

Consequences and why it matters:

Though not all data security incidents will lead to the loss or theft of information, they will expose information to unwanted risk.

A full data security breach will involve a known disclosure or inappropriate access to information, which is a more serious incident. Any data security incident could potentially be disastrous for both you and the institution.

In an effort to create awareness around some of the typical hacks that we all fall prey to, we have made an Information Security Awareness training programme available. This is a self-study programme with fun quizzes in-between. This is by no means a programme that you will need to have a pass record. This course is strictly informational so that you will have the necessary tools when it comes to Information Security.

To access the course, go to https://learn.sun.ac.za. When the SUNLearn main page opens, click on the “Information Security Awareness Training” link and log in with your network username and password. If you’re successfully logged in, scroll down and click on the “Enrol me” button to enrol yourself for the course and to access the training material.

If you are unable to log on to SUNLearn and you are certain that the network credentials you have entered are correct and active, please log a request via https://learnhelp.sun.ac.za for SUNLearn support.

 

 

 

 

 

Why is cyber security important?

Tuesday, October 5th, 2021

Cyber security is the skill and ability of protecting networks, devices, and data from unlawful access or criminal use and the practice of guaranteeing confidentiality, integrity, and availability of information.

Communication, transportation, shopping, and medicine are just some of the things that rely on computers systems and the Internet now. Much of your personal information is stored either on your computer, smartphone, tablet or possibly on someone else’s system. Knowing how to protect the information that you have stored is of high importance not just for an individual but for an organisation and those in it.

Did you know that:

  • As of 2021, there is a ransomware attack every 11 seconds, up from 39 seconds in 20191,2
  • 43% of cyber-attacks target of small businesses, and they have grown 400 percent since the outbreak began

More tips and resources can be found here

The US government’s Cybersecurity and Infrastructure Security Agency has made a collection of tip sheets available for use. These downloadable PDF documents contain all the information you need to protect yourself from cyber security risks in a convenient, compact format. 

More tips and resources can be found here

[SOURCE:  Cybersecurity and Infrastructure Security Agency, United States Government

 

© 2013-2021 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.