[IS&T Security-FYI] SFYI Newsletter, September 23, 2014

Tue Sep 23 09:48:51 EDT 2014

In this issue:

1. Cyber Security Awareness Events Coming in October
2. Bug Fixed in Sophos Anti-Virus for Mac OS X
3. Risks to Information When Traveling

---------------------------------------------------------------------------
1. Cyber Security Awareness Events Coming in October
---------------------------------------------------------------------------

It’s that time of year again!

October is National Cyber Security Awareness Month (NCSAM)<https://owa.exchange.mit.edu/owa/redir.aspx?C=oF0s8gculU-PHKq61iPCEhJ08crzqdEIOWakrXxTOCWvNAacpibgmzCfZGYd0CYk3EIa-YOBHM0.&URL=http%3a%2f%2fwww.staysafeonline.org%2fncsam> dedicated to the improvement of your safety when using the Internet.

Here are 3 ways you can participate:

How savvy are you with your knowledge of cyber security risks?
Discover your threat level by attending the “Keep IT Safe” table in W20. Stop by and receive free coffee and donuts.
Tuesday, October 7, 9am - 11am, W20 Lobby

Hear about Tor!
Andrew Lewman, Executive Director of The Tor Project, is coming to MIT. Tor was designed to protect government communications and is used today by many types of people for a wide variety of purposes to improve their privacy and security on the Internet.
Thursday, October 23, 12pm - 1:30pm, 37-252 (Marlar Lounge), RSVP required<https://owa.exchange.mit.edu/owa/redir.aspx?C=oF0s8gculU-PHKq61iPCEhJ08crzqdEIOWakrXxTOCWvNAacpibgmzCfZGYd0CYk3EIa-YOBHM0.&URL=mailto%3amyeaton%40mit.edu> (email myeaton at mit.edu<https://owa.exchange.mit.edu/owa/redir.aspx?C=oF0s8gculU-PHKq61iPCEhJ08crzqdEIOWakrXxTOCWvNAacpibgmzCfZGYd0CYk3EIa-YOBHM0.&URL=mailto%3amyeaton%40mit.edu>) to attend and receive a free lunch

Shred IT!
Are you a pack rat? Can’t seem to find the time to get rid of those old hard drives, thumb drives, CDs or digital tapes? Have mountains of old documents that might contain sensitive data but which aren’t needed anymore? Drop them off at the “Shred IT” table in the Stata Center. Paper will be shredded by Cintas, a professional document management company. Electronic media will be collected and disposed of securely with coordination by Distributed IT Resources (DITR).
Friday, October 24, 10am - 2pm, Stata Center Lobby (Building 32)

Spread the word about NCSAM and these events, and we look forward to seeing you there.

----------------------------------------------------------------
2. Bug Fixed in Sophos Anti-Virus for Mac OS X
----------------------------------------------------------------

If you were experiencing some issues with your Sophos client on the Mac<http://www.sophos.com/en-us/support/knowledgebase/121324.aspx>, it should now be fixed with the release of Sophos Anti-Virus for Mac OS X 9.1.7. The update was issued to users at MIT running version 9.1.6. and they should be experiencing no more problems.

If, for whatever reason, you did not receive the update or are still experiencing the issues described in the article linked above, please contact the Help Desk: http://ist.mit.edu/help.

----------------------------------------------------
3. Risks to Information When Traveling
----------------------------------------------------

This recent NY Times article<http://www.nytimes.com/2014/09/09/business/keep-your-data-yours-while-traveling.html> outlines the ways your data can fall into the hands of snoops and thieves if you’re not careful when traveling. The tips the article lists include some great security best practices.

1. Take only what you need. If you can, take a loaner laptop or one that contains only what you need for the trip and nothing more. Alternatively, if you must take sensitive data, carry it on a memory stick.

2. Use encryption. Encryption can be added to MIT laptops, mobile devices and memory sticks. To learn more about how to use and enable encryption, see: http://ist.mit.edu/encryption

3. Install a virtual private network (VPN). The VPN that MIT provides gives users an encrypted network connection, even when accessing the Internet via public or open wifi (such as at a hotel or cafe). This prevents anyone on the same public wifi from accessing your communications. Install the VPN client from the IS&T website: http://ist.mit.edu/vpn

4. Protect using a password. If you must take a phone, laptop or tablet with you on your trip, make sure it has a code or password on it. Some smartphones<http://kb.mit.edu/confluence/x/XQdS> now have fingerprint sensors for locking/unlocking. Choose a strong password for your laptops (learn how<http://kb.mit.edu/confluence/x/3wNt>). Create strong passwords for the mobile apps or websites you use for accessing sensitive information, and don’t leave passwords written down and stored near the devices you use them for.

5. Use layered protection. This means, for example, having extra copies of files safely stored elsewhere (not on your computer’s hard drive), or having your files backed up within the cloud. MIT offers CrashPlan<http://ist.mit.edu/crashplan>, the new backup service that replaces TSM. Mobile devices can also use CrashPlan via CrashPlan apps<http://kb.mit.edu/confluence/x/cWoYCQ>.

Note: while having files in Dropbox can be convenient for sharing files with other colleagues, if you have installed Dropbox on your computer, the files are accessible to a thief who has stolen your computer. A recommendation would be to remove the DropBox folder from the computer prior to traveling and to access your Dropbox files via the Dropbox website. On mobile devices, the folder can be password protected within the Dropbox app. See these security tips for Dropbox users<http://kb.mit.edu/confluence/x/o34YCQ>.

Find more tips for MIT Travelers in this KB article<http://kb.mit.edu/confluence/x/ODIYCQ>.

=======================================================================================
Read all archived Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.
=======================================================================================

Monique Buchanan
IT Security Communications Coordinator
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
http://ist.mit.edu/secure
tel: 617.253.2715

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20140923/5f3bd506/attachment.htm