National Cybersecurity Awareness Month is an annual opportunity for folks like us to encourage folks like you to adopt a simple, three-point approach to keeping yourself and your information safe online: STOP. THINK. CONNECT? Paying attention to what is going on around you can go a long way toward keeping you and your data safe …

Continue reading “Situational Awareness for Everyone”

Occasionally, a member of the community approaches the ISO Team to ask for our advice on traveling safely with mobile technology. While individual circumstances (including the nature of the mobile technologies/data in play, the nature of the trip, the particular destination) will dictate specifics, our general recommendations (below) will cover a lot of ground for …

Continue reading “Traveling Abroad without Making the News (Mobile Tech Edition)”

With so much (*ahem*) “excitement” in Washington this week, it’s little wonder opportunists would seize the moment and go on a domain-registration spree, seeking to capitalize on interest in these topics of nationwide scope. The incident handlers at the Internet Storm Center (sponsored by SANS) posted an entry to their Diary today entitled: “Obamacare related …

Continue reading “How Do *You* Spell “Shutdown”?”

Where would UVM be without student employees?  University departments hire students  and other temporary employees for a wide variety of important jobs, and some of those jobs involve working with sensitive or confidential information.  As is true for regular faculty and staff, any work with Protected University Information (definitions of which are in the Information Security …

Continue reading “Student Employees, their Laptops, and UVM Information”

One’s UVM password must never be shared with anyone — not even with trusted family members, the boss, or information technology personnel.  Our passwords protect our personal information and assets, and because we’re each responsible for all use of our accounts, keeping the passwords secret protects us from any liability for others’ actions.  Please report …

Continue reading “Is it ever okay to share my password?”

Since the beginning of 2010, UVM Police Services has sought ETS’s help in 104 device-theft cases pertaining to UVM students, faculty, and staff. One recurring theme is that there are two simple steps that users can take to reduce the impact a stolen device has on themselves and the institution, and that these steps can …

Continue reading “Stolen Devices and the Inconvenience of Time Travel”

Encryption protects the people whose information we collect and manage, while protecting UVM from significant liability. Encryption encodes information in a way that only someone knowing a secret key can read it. If you store sensitive or confidential information — what UVM calls “Protected University Information”[1] — anywhere but on password-protected UVM servers, it must …

Continue reading “What is encryption, and why should I care?”

Passwords serve to protect our privacy, our financial well-being, our reputations and even our identities.  Often, a password is all that stands between us and catastrophe. Choosing a password: A good password is easy to remember, hard to guess or crack, and for UVM accounts, changed at least once a year (every 120 days for …

Continue reading “Please don’t make me change my password. It’s the one I use everywhere.”

UVM provides secure and reliable network storage for academic work, research, and business files. Saving confidential or sensitive information on desktop or laptop hard drives, or on tablets and phones, greatly increases the risks of loss and inappropriate disclosure. And information classified as critical or nonpublic (what the Information Security Policy calls “Protected University Information”) …

Continue reading “I have some sensitive data. Where should I keep it?”