Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

Tips

Cybersecurity Awareness Month: Common passwords

Wednesday, October 3rd, 2018

The past two years have been particularly devastating for data security worldwide, with a number of well-publicised hacks, data breaches and extortion attempts.

Annually SplashData publishes a list of the most common passwords. The list is created using data from more than five million passwords that were leaked by hackers in 2018 and with a quick glance at the list, one thing is clear – we do not learn from our mistakes.

People continue to use easy-to-guess passwords to protect their information. For example, “123456” and “password” retain their top two spots on the list—for the fifth consecutive year and variations of these two “worst passwords” make up six of the remaining passwords on the list.

SplashData estimates almost 10% of people have used at least one of the 25 worst passwords on this year’s list, and nearly 3% of people have used the worst password – 123456.

Here is the list of the top 10 passwords of 2018:

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. letmein
  8. 1234567
  9. football
  10. iloveyou

Another typical example is 1q2w3e4r5t.  Although it seems very cryptic, one look at a computer keyboard and it’s easy to guess.

Not so clever passsword

It is a sobering fact that most people still underestimate the importance of having a secure password, and still make mistake to use simple words or numbers as a password.

“Passwords are the only control you have to secure your data with most systems these days. If your password is easily guessed by someone, then the person essentially becomes you. Use the same password across services and devices, and they can take over your digital identity.” Shaun Murphy, CEO of SNDR.

In the next post of our Cyber Aware Month series, we look at how to create a strong password you can remember.

 

Before you resign or retire …

Tuesday, July 31st, 2018

You’ve packed up your office, said goodbye to your colleagues and you are ready for your new job. But what happens to your sun email address, your data or any electronic services you used while working at Stellenbosch University? We have a few tips and instructions. 

As soon as your active role as staff expires, all your electronic services also terminate. This process is necessary to maintain a healthy and secure network and to ensure that unused, dormant accounts are not used for nefarious purposes by cybercriminals.

In other words, from the date when your service at SU is terminated, you no longer have an active role at the university and you can no longer use university services. In this event, you will receive an email from helpinfo@sun.ac.za informing you that your username will expire.

To ensure that you are prepared in advance, we also suggest you do the following at least three months before you leave the university:

  1. Create a new email address for yourself (if you don’t have one already) There are various options, for example, Gmail or Yahoo.
  2. Activate your Out of Office function on you sun.ac.za Outlook mailbox and indicate in the message what your new email address is, in case someone needs to contact you. 
  3. If you use your @sun address for your banking, Facebook, DSTV or iCloud accounts or any other services or social media, change it to your new email address. We would also like to urge you to keep your work-related and private emails separate. Rather create a private email address for your personal correspondence.
  4. If you have any personal data on your electronic work devices or network storage (G: or H: drive), remove it and store it on your own external hard drive or online cloud storage, for example, Google Drive or OneDrive
  5. Make sure that your relevant work-related data is accessible for further usage by your colleagues and the university after you leave. However, do NOT give your password to colleagues when you leave the university as this poses a security risk.
  6. If you need any assistance, contact Information Technology and one of our technicians can assist you.

Students who are graduating or terminating their studies can find the necessary information on this pamphlet compiled by the IT HUB.

Clear the clutter

Thursday, April 26th, 2018

In June 2016 we were introduced to Office365, but do we really know how all the functions of this online mail service work?

One such a function is the “Clutter Folder”. 

We have had many students (and some staff) who have reported that “email was missing” or that they were not receiving mail sent to them by mailing lists. While we initially thought that this was caused by users deleting mail or a problem with the email servers, an investigation revealed that in many cases the Clutter folder was the culprit. 

As it was originally designed, the Clutter folder was supposed to help users filter low-priority email, saving time for more important messages. Supposedly, the email server would keep track of the email users read and the ones they didn’t and put them into the Clutter folder. For all new students, as well as staff, the mailbox feature “Clutter” is turned on. Once it is turned on, Clutter is automatic.

Because mail is left unread for a couple of days, Outlook 2016 starts sending a lot of mail to the Clutter Folder, leaving students to complain that mail is not being delivered and “important mail is missing”. All the “missing” mail is still there. It is just in the Clutter Folder.

The best solution is to disable the Clutter folder entirely, so unread mail is not sent there. Here is how to do it:

  1. Sign in to Outlook Web Access (http://www.sun.ac.za/webmail)
  2. In the top right-hand corner, click the small cog icon. A sidebar will appear.
  3. Near the bottom of the sidebar is a heading saying My App Settings.
  4. Click Mail underneath this and you will be taken to the Mail Options page.
  5. On the left menu, underneath the Automatic Processing menu item, click Clutter.
  6. Uncheck the box that says Separate items identified as clutter
  7. Click the Save button at the top of the page.

Once the Clutter filter has been disabled, you can then move all your “missing” mail in the Clutter Folder to your Inbox. 

 

[Information supplied by David Wiles]

 

Protect your personal information

Monday, January 29th, 2018

Data Privacy Day, occurring every year on 28 January, is an international effort to empower individuals and business to respect privacy, safeguard data and enable trust. 

Over the past year the world saw many extensive data breaches across the world. This has accentuated the necessity for creating a greater awareness of protecting information. 

But why should we care about our information?

We are entering the next generation of technological advancement like the Internet of Things, which will connect devices in our schools, home and workplaces. This provides many opportunities, but consumers will have to learn to protect and secure their information. Your devices make it easy to connect to the world around you, but they can also track a lot of information about you and your family. 

How much information do you share online daily? We spend most of our day on the internet where all our actions are tracked and collected by the devices we use. This data is stored indefinitely and can be used at any time. 

The National Cyber Security Alliance in the United States have the following tips:

  1. Personal info is like money: value it, protect it. 
    Be thoughtful about who gets your information and how it’s collected through apps and websites. Delete unused apps, update others and review your app permissions.
  2. Share with care.
    Think before posting about yourself and others online. Review your social network friends and contact lists regularly.
  3. Own your online presence.
    Set the privacy and security settings on websites and apps. You can share information with only friends and family.
  4. Lock down your login.
    Make sure your accounts are secure. Don’t use a password only for bank accounts, email and social media. Use two-step authentication, bio-metrics or security keys.
  5. Keep a clean machine.
    Keep your software, operating systems (mobile and PC), anti-virus and apps updated to prevent data loss, infections and malware.
  6. Apply the golden rule. 
    Post only about others as you would have them post about you.
  7. Secure your devices.
    Every device should be secured with a password or strong authentication – finger swipe, facial recognition, etc. Imagine what someone could do with the information on your device if it got lost?
  8. Think before you app.
    Information about you, such as the games you like to play, your contact lists, where you shop and your location has tremendous value. Apps collect this information. A recent example is activity-tracking app, Strava’s privacy issue. 

FACT AND STATISTICS

  • 41% of Americans have been personally subjected to harassing behaviour online and one in five (18%) has been subjected to particularly severe forms of harassment online. 
  • 82% of cyber-stalkers use social media to find out where their potential victims live, where they go to school, etc.
  • Four in five US physicians have had cyber-attacks in their practices. Keep in mind that medical and health information is among the most sensitive and personal information about people. 

 

[SOURCE: https://staysafeonline.org and www.wikipedia.org]

OneDrive: 5TB just for you

Monday, July 31st, 2017

Since June staff members have full access to the online Office365 applications. Besides Outlook email, SharePoint Online, access to the MS Office apps (for example Word, Excel, PowerPoint, etc.) and being able to download Office 2016, there is one significant advantage of using the Office365 suite – OneDrive.

OneDrive provides 5TB of cloud storage space for each staff member and student. This means you now have ample space to store your documents and your data will be available from anywhere, anytime, on any device with an internet connection.

What are the advantages of cloud services? 

  • More storage space available, up to 5TB on OneDrive and 50GB on Outlook.
  • Your data is available from anywhere, anytime, on any device. You’ll always have access to your data if you have an internet connection.
  • Your information is also safely stored, even if you lose one of your devices.  

What are the disadvantages of cloud services?  

  • Familiarise yourself with copyright regulations. Make sure you know what you are allowed to store and share online.  SU copyright agreements do not extend to storing of documents protected under the copyright law on OneDrive for business or any other public store space.
  • You are entirely responsible for your own information. Be careful who you give rights and access to, as it will compromise your information if it’s visible to other people.
  • You are responsible for synchronisation between online and local data. Synchronisation between online and local information needs to be set up correctly and done on a regular basis.
  • Keep in mind that access to cloud services when on campus will not incur any costs, but if you work from home your own data will be utilised.
  • It is very important that you keep your private usernames, passwords and information separate from your official work, to prevent your data from getting mixed up.
  • Having access to the cloud from any computer makes your digital identification vulnerable, do not use computers you do not trust to access your cloud services.

What if I have been using OneDrive personal, Dropbox and other cloud storage options? 

You can keep on using them, but it is very important that you only use these storage options for your personal data.

OneDrive for business and SharePoint online are available under the US MS Licence agreement for storage and sharing of institutional data. The storage and sharing of institutional data are not allowed on Dropbox, OneDrive personal or any other cloud storage. 

How do I get access to my OneDrive storage space?

All staff automatically has access to OneDrive. Log on to Office365 with your email address and password. OneDrive is also accessible via the portal by clicking on the Office365 link or searching for Office365 in the search field.

IMPORTANT:

  • When using cloud-based services, you have to keep your private and work usernames, passwords and data separate. Never use the same username for private and work email accounts, storage spaces and applications.
  • SU copyright agreements do not extend to storing and sharing of documents protected under the copyright law on OneDrive for business, SharePoint online or any other public store spaces.

 

 

If you have any questions, please let us know by logging a request on ServiceNow or calling our Service Desk at 808 4367. For more information on the Office365 package, please consult our FAQs or have a look at the Office365 training videos.

 

© 2013-2024 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.