[IS&T Security-FYI] SFYI Newsletter, September 10, 2013

Monique Yeaton myeaton at MIT.EDU
Tue Sep 10 09:14:35 EDT 2013 

In this issue:


1. September 2013 Security Updates from Microsoft

2. Security Tip: Backups and Recovery

3. Data Security for Online Classrooms



---------------------------------------------------------------------

1. September 2013 Security Updates from Microsoft

---------------------------------------------------------------------


Microsoft is planning to release 14 new security bulletins<http://technet.microsoft.com/en-us/security/bulletin/ms13-sep> on Tuesday, September 10.


The systems affected:


  *   Microsoft Outlook 2007 and 2010
  *   SharePoint
  *   Internet Explorer
  *   Windows (all versions)
  *   Office


It is recommended to accept the updates. MIT WAUS subscribers will receive the updates after they have been tested for compatibility.



----------------------------------------------------

2. Security Tip: Backups and Recovery

----------------------------------------------------


This OUCH! newsletter issue<http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201309_en.pdf> (.pdf) on backups and recovery covers the important steps you can take to protect your information.


Backing up and recovering from a stored backup allow you to recover your data when something goes wrong, such as:


  *   Hard drive failures
  *   Accidental file deletions
  *   Stolen or lost devices
  *   Malware infections


Learn more about backup options at MIT<https://ist.mit.edu/backup>.



----------------------------------------------------

3. Data Security for Online Classrooms

----------------------------------------------------


Online learning and classrooms are now a way of life. Many teachers are using online learning tools for their classes. But in this Internet age, we know that with these new technologies come additional risks, especially to our privacy.


In a NY Times article<http://www.nytimes.com/2013/06/23/business/data-security-is-a-classroom-worry-too.html>, Mr. Porterfield, a parent of elementary school students, who happens to also be an engineer at Cisco Systems, talks about how he did a bit of his own research when he heard that his kids' teachers were using an online learning network. He found that the site did not encrypt user sessions using a standard encryption protocol called Secure Sockets Layer (or SSL for short).


SSL protects many sites, such as those for online banking and e-commerce. When logged in over an open (unencrypted) Wi-Fi network, SSL protects your personal information from snoopers.


Even if the information being shared on a site is not necessarily secret information, according to Mr. Porterfield, "There's a lot of contextual information you could use to gain trust, to make yourself seem familiar to the child. As a parent, that's the scariest thing."


Learn more about protecting a child's privacy. Take the Securing the Human course "Beyond Basics" that discusses the dangers children face when online. To access the course in the SAP Learning Center<http://web.mit.edu/sapwebss/PS1/training_home.shtml>, you need an MIT certificate, and make sure the browser pop-up blocker is turned off.



===================================================================================

Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.

===================================================================================


Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20130910/bc567b08/attachment.htm

More information about the ist-security-fyi mailing list