[IS&T Security-FYI] SFYI Newsletter, January 28, 2013

Mon Jan 28 14:34:53 EST 2013

In this issue:

1. Securing Your e-W2 Tax Forms
2. Laptop Tags and Registration on January 30
3. Today is National Data Privacy Day

---------------------------------------------
1. Securing Your e-W2 Tax Forms
---------------------------------------------

It is tax time, which means we need our W2's. At MIT you can access your electronic W2's from SAP Self Service. As with any personal data you access online, there are measures you can take to minimize the risk of exposure.

The SAP Self Service website requires authentication via personal web certificates, and these are obtained with your MIT Kerberos username, a password and your MIT ID number. Make sure to never share your password with anyone, and make sure it is strong<http://kb.mit.edu/confluence/x/3wNt> and updated on a regular basis. You can also protect your web certificate with a password.

After downloading your W2 and printing it out or submitting it for processing, you should clear your browser's history and cache<http://kb.mit.edu/confluence/x/RYCR> and securely delete<http://kb.mit.edu/confluence/x/nEFB> the W2 from your downloads folder.

If your files are backed up to an external drive, use a tool such as Identity Finder<http://kb.mit.edu/confluence/x/tAKL> to find social security numbers and other sensitive data on your systems. Added protection can be obtained by encrypting<http://kb.mit.edu/confluence/x/HZIBCQ> your computer.

Printing from an MIT printer may bring risks as well. Check with your local IT support person to see if proper measures are in place to secure or remove files stored in the printer's memory.

No system is 100% secure, even those with security measures in place. An attacker may gain access, regardless of those measures. Therefore it is all of our responsibility to think about security and to use proper hygiene on a computer. If we take steps to secure personal information, we can minimize the risks.

If you are concerned, use strong passwords, access personal information online only when using a protected computer or an encrypted network (such as a home network, protected by a password, or via the MIT VPN<http://ist.mit.edu/vpn>) and use the hygiene recommendations listed in this article by following the steps linked to in the Knowledge Base.

--------------------------------------------------------------
2. Laptop Tags and Registration on January 30
--------------------------------------------------------------

In collaboration with the MIT Police, IS&T is providing a monthly opportunity to have laptops registered and tagged with a STOP tag.

The next upcoming tagging event is this Wednesday, January 30th, from 11:00 am to 1:30 pm in E17-121.

Learn more about this laptop theft prevention program<http://kb.mit.edu/confluence/x/e4CSAw>.

--------------------------------------------------
3. Today is National Data Privacy Day
--------------------------------------------------

January is Data Privacy Month<http://kb.mit.edu/confluence/x/xpgBCQ> and it culminates in Data Privacy Day<http://www.staysafeonline.org/data-privacy-day/>, which is today, January 28th. The resolution for Data Privacy Day, when it was passed by the US House of Representatives, was to "raise awareness of data protection and privacy laws and of specific steps that can be taken to protect the privacy of personal information online."

It is important that users are aware that if they are online, information about them is out there, in one form or another. Whether it is your web browsing history, which sites you subscribe to, your communications via the Internet or actual personal information (such as your name, address, age, etc), you have likely left behind snippets of information about yourself online.

Data Privacy Day promoters try to empower people to protect and control their digital footprint. Learn what you can by visiting the above links and educating yourself about the impact of digital data on your privacy.

===================================================================================
Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
===================================================================================

Sincerely,

Monique Yeaton
IT Security Communications Consultant
Information Services & Technology, MIT
http://ist.mit.edu/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20130128/419608b5/attachment.htm