[IS&T Security-FYI] Newsletter, May 23, 2008

Monique Yeaton myeaton at MIT.EDU
Fri May 23 11:25:04 EDT 2008 

In this issue:

1. Sharing Experiences as Education
2. MITFCU responds to Credit Card Fraud


-----------------------------------------------
1. Sharing Experiences as Education
-----------------------------------------------

Mike Halsall, of the IT Security Support Team, wrote an article a few  
weeks ago for this newsletter about educating people and how IT  
Security is as much a social challenge as it is a technical challenge.

To expand on that, I'd like to share some of the ways in which people  
can educate themselves and also how you can educate others. Reading  
this newsletter is obviously one of them. But what is great about  
being part of an educational institution such as MIT is that not only  
do you have access to people at other higher educational institutions  
who may know more about a topic than you do, but you can also  
influence them with what you know. Here are a few ways to do that:

Educause is a group which brings together people and resources at  
schools across the US to promote the intelligent use of information  
technology <http://www.educause.edu/>. Educause offers seminars and  
classes and also posts information online. As an educator or person  
with valuable information, you can submit your files to Educause or  
become a presenter at one of their events.

NERCOMP, which is the affiliated Northeastern branch of Educause,  
focuses on this region in particular. Events called SIGs (special  
interest groups) are hosted by member schools and for a low  
registration fee provide presentations and classes on a variety of  
topics on the use and management of information technology. <http://www.nercomp.org/ 
 >

REN-ISAC: Hosted by Indiana University and with the support and  
cooperation of Internet2, Louisiana State University, EDUCAUSE, and  
Contributors, the REN-ISAC is an integral part of higher education's  
strategy to improve network security through information collection,  
analysis, dissemination, early warning, and response. <http://www.ren-isac.net/ 
 >

For those interested in not just IT security, but also other  
information technology topics, these groups provide a way to share  
experiences, war stories, and resources, and the subsequent networking  
opportunities can prove to be highly valuable.

Here at MIT, IT Partners is modeled after these groups. As a member of  
IT Partners, you can not only listen to and learn from other members,  
but you can also share your own stories. May 29th is the next full-day  
conference for IT Partners, and topics covering IT security, various  
software, mobile devices, and IT services will be featured. Even if  
you don't attend the classes or presentations, Jeff Schiller's keynote  
speech is always entertaining and enlightening, so try to make it if  
you can.

IT Partners Full Day Conference
When: Thursday, May 29, 2008, 9am - 5pm
Location: Kirsch Auditorium, Stata Center, 32-123

-----------------------------------------------------
2. MITFCU responds to Credit Card Fraud
-----------------------------------------------------

Cyber crime – internet banking and credit card fraud – is now the  
fastest growing sector of global organized crime, increasing at a rate  
of 40% each year and raking in $100 billion for the criminals. In the  
United States alone, the cost of identity theft was $45 billion in  
2007 and affected some 8 million people.

Members of the MIT Federal Credit Union (MITFCU) can be reassured that  
their banking information is being protected. In response to the  
recent Hannaford data breach, new debit and credit cards are being  
issued to anyone who has used their card at a Hannaford-operated store  
in the recent past. In addition, the bank wants its customers to know  
that their cards are protected from fraud through Fraudwatch Plus  
(debit cards) and Visa's Fraud Monitoring Program (credit cards).

According to a recent notice: "In both programs, experienced fraud  
analysts work around the clock to monitor your account, and you will  
be contacted immediately by phone if any questionable transactions are  
discovered. However, our fraud analysts will never ask you to share  
your Social Security Number, member number, or other confidential  
information over the phone."


=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security

More information about the ist-security-fyi mailing list