Skip to main content
Daily Titan Indiana University South Bend

IT Notice: Cybersecurity Awareness Month 2020: Computing in the age of COVID-19

Posted on by kweidner

Cybersecurity Awareness Month 2020: Computing in the age of COVID-19

Campus Community,

October is Cybersecurity Awareness Month, and I’d like to take the opportunity to highlight the challenges we’re facing in the age of COVID-19. By now, we’re all settling from the uncertainty that March thrust upon us. Who could have imagined last October that by the following Spring, most of our community would be working from home? To protect our human resource, we relied on the Indiana University IT infrastructure and extended campus borders right into our living rooms and home offices. As we were making that radical change, bad actors were shifting into high gear to create mischief through various cyber attacks. Nationally, some reports suggest that since mid-March, about one-quarter (26 per cent) of security professionals reported an increase in the volume, severity and/or scope of cyber attacks.

UITS has worked tirelessly to ensure a secure computing environment, but as we shifted to supporting ‘work from home’, new challenges emerged. Providing access and creating awareness for the use of security tools like Pulse Secure VPN which provides work at home employees a secure connection to the IU Network became paramount. Additionally, with more phishing and scams directed towards our user community, our reliance on technologies like the PhishMe Reporter increased as we work to provide an organized response to cybersecurity threats via email. As Zoom became a central tool for all of our work, we faced a new challenge: the “Zoombomb.” Suddenly, we needed to learn not just how to navigate the tool, but also how to use it securely to facilitate our classes and meetings without embarrassing or harassing interruptions.

Now more than ever, cybersecurity is a necessary partnership of IT Professionals and the entire campus community. Every user plays a role in protecting the IT Infrastructure and each other. In a way, the good habits and use of security tools are like a digital “mask” that we can wear to help protect each other. As we move into November, don’t hesitate to contact IT and work with us to ensure your work from home activities are accomplished as safely and securely as possible. We’ll be ready to help.

Regards,

University Information Technology Services
IU South Bend

Safe Handling of Critical Data

If you or your office handle critical information, please take time to review “Actions you can take to secure sensitive data.”

October is National Cyber Security Awareness month, an opportunity to remind everyone of the need to protect critical data and the provisions associated with the handling of such data.

Critical data  requires special care and handling, especially when inappropriate handling of the information could result in:

•    Criminal or civil penalties
•    Identity theft or personal financial loss
•    Invasion of privacy, and/or
•    Unauthorized access to this type of information by an individual or many individuals

Critical data requires the very highest level of protection. The following types of data are classified as critical:

•    Social security numbers
•    Credit card numbers
•    Debit card numbers
•    Bank account or other financial account numbers
•    Driver’s license numbers
•    State ID card numbers
•    Student loan information
•    Protected health information or individually identifiable health information relating to past, present, or   future conditions, provisions of health care, and payment for the provisions of health care
•    Foundation donor data
•    Passwords, passphrases, PIN numbers, security codes, and access codes

Handling Critical Data at IU

Indiana University has specific policies and procedures regarding the collection, storage, and transmission of critical data. The collection of such data requires approval, notification, and consent. After these conditions have been met, critical data in electronic format can only be stored on a secure file server. It cannot be stored on a desktop workstation, laptop, PDA, USB drive, flash drive, or any mobile/media device unless (a) the information is properly encrypted on the device and (b) you have received proper prior written approval confirming a critical business need to do so. You must use an approved encryption method when electronically transmitting critical data.

Paper records containing critical data must be kept in locked file cabinets/storage rooms or otherwise access controlled. Physical storage media is removed and handled by UITS in accordance with policy IT-12.

If you or your office handle critical information, please take time to review “Actions you can take to secure sensitive data.

Contact the UITS Support Center at (574) 520-5555 or via email at helpdesk@iusb.edu if you have any questions or need guidance regarding the collection, storage, or transmission of critical data.

Skip to toolbar