<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-family: Calibri, sans-serif; "><div><div><div><p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">In this issue:</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. March 2011 Microsoft Security Updates</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. Security on Mobile Devices</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Riskiest Place for Your SSN?</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">-----------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">1. March 2011 Microsoft Security Updates</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">-----------------------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Microsoft plans to issue three security bulletins on Patch Tuesday, March 8, to address a total of four vulnerabilities. One of the bulletins is rated critical, the other two are rated important.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The bulletins provide fixes for flaws in Windows and Office, as well as for a dynamic link library (DLL) hijacking vulnerability in the Microsoft Groove application.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The bulletins do not fix an Internet Explorer (IE) zero day flaw, as mentioned in a January Security Advisory <http://www.microsoft.com/technet/security/advisory/2501696.mspx>. </p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read the full March security bulletin:</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http://www.microsoft.com/technet/security/bulletin/ms11-mar.mspx></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">--------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">2. Security on Mobile Devices</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">--------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">For iPhone, iPad, Android and Blackberry users, the Mobile Devices Team has compiled some platform-specific information regarding setting passwords as well as how to remotely wipe and disable your device if lost or stolen. Access the information on all of these devices from the Mobile Device Ninja page: <http://kb.mit.edu/confluence/x/XQdS>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Additional security recommendations:</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<ul style="list-style-type: disc">
<li style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Make sure your smartphone is running the latest operating system available and is regularly backed up.</li>
<li style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Avoid storing personally identifiable information (PII) on your smartphone. </li>
<li style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Do not store web or application passwords with the smartphone auto-save features.</li>
</ul>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Read the full article on mobile device security tips and recommendations at IS&T News:</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial"><http://ist.mit.edu/news/secure_smartphones>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">3. Riskiest Place for Your SSN?</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">----------------------------------------</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">According to McAfee, the antivirus software company, universities and colleges are at the top of the list of the most dangerous places to give your Social Security number (SSN).</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">The ranking is based on the number of data breaches involving SSNs from January 2009 to October 2010. Until recently SSNs were used at universities to provide many of their services to students and staff. More awareness around the proper use of a SSN has helped to minimize the collection of these numbers by universities, however there are still many of these records retained in electronic and paper files.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">If you are requesting a service, be hesitant about giving your number out so quickly. Ask the requestor what it will be used for and whether it is absolutely necessary. You may be able to just give the last four digits rather than the full number, or an alternative number, such as your school ID number.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">If you are offering a service, and collecting a SSN is required, make sure that it is handled appropriately -- meaning that access to these records is restricted and the security protecting them is strong enough to minimize the risk of exposure and identity theft.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">Learn about information protection at MIT: <http://web.mit.edu/infoprotect/>.</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">========================================================================================</p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial">To read all current and archived articles online, visit the Security-FYI Blog at <<a href="http://securityfyi.wordpress.com/"><span style="text-decoration: underline ; color: #3369b5">http://securityfyi.wordpress.com/</span></a>></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p>
<p style="margin: 0.0px 0.0px 0.0px 0.0px; font: 14.0px Arial; min-height: 16.0px"><br></p></div><div><div><font class="Apple-style-span" color="rgb(0, 0, 0)"><font class="Apple-style-span" face="Calibri"><span class="Apple-style-span" style="font-size: 14px;"><span class="Apple-style-span" style="font-size: 12px; font-family: Helvetica; "><div style="font-size: 12px; ">Monique Yeaton</div><div style="font-size: 12px; ">IT Security Awareness Consultant</div><div style="font-size: 12px; ">MIT Information Services & Technology (IS&T)</div><div style="font-size: 12px; ">(617) 253-2715</div><div style="font-size: 12px; "><a href="http://ist.mit.edu/security">http://ist.mit.edu/security</a></div><div style="font-size: 12px; "><font class="Apple-style-span" color="#FC2218"><font class="Apple-style-span" color="#000000"><br></font></font></div></span></span></font></font></div></div></div></div></body></html>