Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

Security

« Older Entries
Newer Entries »

Data Privacy day

Saturday, January 30th, 2021

In South Africa, we’re a bit late to the Data Privacy Day party. In Europe, it’s been around since 2007, while The United States joined in 2009. 

Data Privacy Day (known in Europe as Data Protection Day) is an international holiday that occurs every 28 January. The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. 

Even though data Privacy Day has been around for more than ten years, awareness around the protection of data is becoming a critical issue. The reason is twofold. Firstly, data breach incidents across the world are occurring on a more regular basis and it’s happening to large companies who should have strict measures in place to protect their users’ data. Which brings us to the second reason – the implementation of GDPR and POPI. Before both these data laws, there was little to enforce companies to protect users’ data. The GDPR and POPI acts changed this. Now companies are held accountable and can be heavily fined for compromising their clients’ personal information.

Why is data so important, though? According to Mark Barrenechea, CEO at OpenText, “[e]very day we are building, brick by brick and bit by bit, a digital copy of ourselves, whether we are aware of it or not.” A bigger digital footprint makes it easier to find information about you, whether it’s personal information such as usernames and passwords, your physical location or your interests or hobbies. Algorithms can track your actions and anticipate your behaviour. Every little piece of information adds up to a bigger picture and can be used to your disadvantage. 

Sharing data is easy, which makes it critical that you take responsibility for protecting your own information. We can no longer depend on companies or social networks to keep our digital identities safe. This we’ve clearly seen over the past few year with multiple data breaches – many including large companies such as Facebook and Google. 

Data Privacy is just one day in the year to make data owners (that’s anyone using a digital platform!) aware of the importance of protecting data. However, we should be aware of the risks every day. How can you protect your data?  www.digitalguardian has an extensive guide, but here are 10 basic tips:

  1. Use encrypted networks when you’re accessing important information. Even though open and free Wi-Fi is tempting, it comes at a high risk. If you’re browsing websites not using https, know that whatever you do can be seen by someone else.
  2. Choose strong passwords. Don’t know how? Here are some tips. The general trend is using two-factor authentication. Better even, use a password manager as it’s the most secure solution.
  3. Protect your passwords. Don’t write them down. Don’t share them. And most importantly, don’t use the same password for all your social networks or websites. 
  4. Update your software when it prompts you to. Don’t ignore it because you don’t have time – it might be an important security update which will prevent that you are at risk.
  5. Update your antivirus software regularly. New versions of viruses, malware, etc. are released regularly to explore weaknesses. If you don’t update, you’ll be an easy target. Also, consider an anti-virus for your mobile devices – they are even more vulnerable.
  6. Check and configure privacy settings on your phone. Consider carefully which apps you give access to use certain services on your phone, for example the camera function.
  7. Lock your smartphone and tablet devices when you are not using them. Mobile devices are used to access social media, banking services and various other apps containing personal information.
  8. Enable remote location and device-wiping. If your mobile device is stolen, no-one will be able to access your information.
  9. Delete your data from old devices, for example, smartphones, before you sell, discard or pass them onto someone else. 
  10. Back up your data on a daily basis. If your device is infected with malware or stolen, you’ll still have your data. 

[SOURCES: https://www.forbes.comhttps://www.techradar.com]

Email

Tags: , ,
Posted in Academic IT, Security | Comments Off on Data Privacy day

Phishing alert: Zoom invite

Thursday, November 5th, 2020

Please be on the lookout for a new tactic that phishing scammers are employing to get your personal details, passwords and to gain access to your university account.

These scammers are using “Zoom” video conference invitations to fool their intended victims and steal passwords and other personal details.

 

Above is one such example. Take note of the highlighted the warning signs that reveal the scam. This particular scam is “custom” programmed for specific university e-mail addresses and might target your address, as the e-mail addresses are embedded into the phishing web page and the e-mail itself.

If you do get such an e-mail please report it to IT Cyber Security as soon as possible on the ICT Partner Portal.

If you have accidentally responded to the phisher and already provided them with your personal details, it is vitally important that you immediately change your password. Make sure the new password is completely different, and is a strong password that will not be easily guessed, as well as changing the passwords on your social media and private e-mail accounts, especially if you use the same passwords on these accounts.

After changing your password, also log a request on the ICT Partner Portal in order for your devices to be checked for malicious software. 

[ARTICLE BY DAVID WILES]

Email

Tags:
Posted in News, phishing, Security | Comments Off on Phishing alert: Zoom invite

Safelinks protecting you against phishing

Thursday, October 8th, 2020

 In January 2020 Information Technology activated a preventative security tool called Safe Links to protect all staff and students from email phishing attempts.

You might have noticed that some of the links in your emails suddenly started displaying a very long link which starts with https://eur03.safelinks.protection.outlook.com/ followed by the rest of the web link. This is an extra obstacle built in to our Microsoft security features which checks if a site has been listed as dangerous and prevents you from clicking on it. If you do click on it, you will see the following warning:

Definition of Safe Links

“Safe Links is a feature in Office 365 Advanced Threat Protection that provides URL scanning and rewriting of inbound email messages in mail flow, and time-of-click verification of URLs and links in email messages and other locations. Safe Links scanning occurs in addition to the regular anti-spam and anti-malware protection in inbound email messages in Exchange Online Protection (EOP). Safe Links scanning can help protect your organisation from malicious links that are used in phishing and other attacks.”  

With this added feature we eliminated some of the risk facing staff and students when it comes to phishing and other security attacks from hackers. However, this does not mean you shouldn’t still be vigilant when you open an email.

Familiarise yourself with the basic tell-tale signs of a phishing email. Think before you click on a link or open an attachment. Information Technology can only protect you up to a point, the rest is your responsibility – this is especially true in these times when you work from home.

 

 

Email

Posted in News, Notices, Security | Comments Off on Safelinks protecting you against phishing

Reminder to enrol for MFA

Tuesday, September 8th, 2020

Last month we told you about the planned implementation of MFA (Multi-factor Authentication). Thank you to the 28 671 staff and students who have already enrolled to use MFA.

If you are still unsure what MFA entails, here is some information

Although we have not activated MFA yet, soon all staff and students will be required to use multi factor authentication when using any of the Microsoft 365 applications (Outlook, Sharepoint Online, OneDrive for Business, etc.) to protect their information university’s network. If you haven’t enrolled yet, we strongly advise you do so as soon possible by following these steps.

If you have any questions first consult our FAQs and if this does not answer your question, please log your request on our ICT Partner Portal and a technician will contact you. If you have any questions you would like to add to our FAQs, you’re welcome to send an email to help@sun.ac.za and we’ll add them to the list.

Email

Posted in General, Notices, Security | Comments Off on Reminder to enrol for MFA

Multi-factor authentication (MFA) FAQs

Thursday, August 6th, 2020

Information Technology recently enabled MFA for our staff and students. Soon all staff and students will be required to use multi factor authentication to secure their information and the university’s network. 

FREQUENTLY ASKED QUESTIONS 

What is MFA?  

Multi-Factor Authentication adds a second layer of security to your account to ensure that your account stays safe, even if someone else knows your password. This will mean that, for certain services, including Microsoft Outlook, Teams, etc. you will be prompted to provide more information in order to authenticate your identity as a Stellenbosch University student or staff member. More about MFA here. 

Why is it so important that I enrol for MFA?  

By enrolling for MFA, you ensure that your account is more secure.  You are protecting your own data (including your HR, payment details, etc.), your colleagues and the university.

How do I enrol for MFA? 

By following the steps set out in the .pdf document. 

What must I do if the document does not open? 

If the document does not open, it could be due to a slow internet connection or you do not have a PDF reader (e.g. Adobe Acrobat) installed. Please also clear your browser history or try to open the link in a different browser.  

How can a PDF reader be installed? 

Please raise a request on the ICT Partner Portal that is available at https://servicedesk.sun.ac.za  

What can I do if I have problems to enrol for MFA? 

If you are struggling to enrol for MFA, please log a request on the ICT Partner Portal and a technician will contact you.  

When do I have to enrol for MFA? 

Please enrol for MFA as soon as possible. It is critical that all our staff and students use two-factor authentication. 

How will I know that I have successfully enrolled for MFA? 

A confirmation message will be displayed on the last screen of the enrolment process. 
You are now enrolled for Multi Factor Authentication.

What must I do if I don’t see the  screens as indicated on the enrolment document? 

Raise a request on the ICT Partner Portal at https://servicedesk.sun.ac.za  

Will I be charged for the MFA authentication SMS’s? 

No, the SMS’s are at the cost of the University. 

Can I enrol for MFA if I stay in an area without cell phone signal? 

No, you need a cellphone with reception to enrol for MFA.

Which IT services will be activated for MFA? 

For the first phase all Microsoft365 (Outlook, Sharepoint Online, OneDrive for Business, etc.) applications will require MFA authentication. 

What will happen if a service is activated for MFA? 

Before you can access the service you will be requested to enter the one-time pin number that will be sent to the cell phone number that you have indicated during the enrolment process. Or if you chose to use the Authenticator App a message will be sent to your phone via the app which request that you approve and in some cases it might also ask for a scan of your thumbprint. 

Email

Posted in Security | Comments Off on Multi-factor authentication (MFA) FAQs

« Older Entries
Newer Entries »
 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.