[IS&T Security-FYI] Security FYI Newsletter, February 10, 2016

[Monique Buchanan]

In this issue:

1. FREE: Laptop Tagging and Registration
2. Security Camp at Boston College, March 10, 2016
3. Printers: Best Security Practices at MIT
4. Security Tip: Securing Your Home Network



1. FREE: Laptop Tagging and Registration

Laptop Tagging and Registration, offered by the MIT Police in collaboration with Information Systems & Technology (IS&T), is now FREE. The former $10 cash fee is being waived to encourage everyone to register their device.

Tagging and registration sessions will be held the first Wednesday of the month – March 2, April 6 and May 4, 2016 – from 10 am to 2 pm in the lobby of Building 10.

Bring your laptop or tablet and have a STOP Tag<https://www.stoptheft.com/stop-security-plate> permanently affixed to it. The number on the tag is entered with the device’s details into a worldwide registration database. Should the laptop or tablet be found, the information on the tag helps return it to its rightful owner.

The tag works as a visual deterrent for thieves who are looking to quickly resell the equipment. If they are successful at removing the tag, it leaves behind a “tattoo” stating that it is stolen property.

Please see the Knowledge Base<http://kb.mit.edu/confluence/x/e4CSAw> for more information on laptop tagging and registration.


2. Security Camp at Boston College, March 10, 2016

The Spring 2016 Security Camp will be held at Boston College. This event is a unique opportunity for security professionals at area schools responsible for networks and computer systems to exchange knowledge, insights, and solutions.

The Security Camp will be held in Higgins Hall at Boston College on Thursday, March 10, 2016. It will run from 9 am to 5 pm, with check-in beginning at 8:30 am. The make-up date, in case of snow, is Friday, March 11, 2016.

The Security Camp is partially sponsored by NERCOMP and Boston College and there is no charge to attend. The goal is to target the interests and needs of our community of professionals who work in an academic environment. Every effort has been made to enlist a diverse group of computer security experts, including those who can uniquely contribute to security discussions. Your presence will help promote a rich experience and successful 2016 camp!

Featured topics for this year include:

- Moving to the Cloud - Resistance is Futile
- Information Security Certifications
- Creating a Good Business Relationship Between IT and Treasury for PCI Compliance
- Information Stewardship Governance Program
- Database Security with Guardium
- SWID tags (Software IDentification tags)
- Detecting and Investigating an APT Attack at a Large Research University

For full details and registration information go to: http://www.bc.edu/offices/securitycamp.html

Please register as soon as possible as space is limited.


3. Printers: Best Security Practices at MIT

There has been a recent increase of printers on the MIT network spontaneously printing pages of gibberish. This is likely due to someone outside of the Institute looking for vulnerabilities, such as open ports in equipment connected to the MIT network. Once found, these vulnerabilities can be exploited to send spam email, download publications from MIT Libraries, or compromise other devices on the network.

Fortunately, taking a few simple precautions can usually prevent this type of thing happening. These include changing the printer’s default admin password, disabling unneeded services on the printer (such as FTP), and restricting access to the printer based on its IP address.

See the article Network Printing Best Practices<http://kb.mit.edu/confluence/display/istcontrib/Network+Printing+Best+Practices> in the IS&T Knowledge Base. If these precautions fail to end the problem, IS&T engineers can firewall the printer in question to block access from all non-MIT IP addresses. You can request this through the Service Desk. Please include the printer’s IP address or full hostname with your request.


4. Security Tip: Securing Your Home Network

This month’s issue of OUCH! from sans.org<http://sans.org/> looks at securing your home network. With so many devices connecting to people’s home networks, it is important to understand how to secure them. Please feel free to share OUCH! with your family, friends and coworkers.

Download the PDF<https://securingthehuman.sans.org/newsletters/ouch/issues/OUCH-201602_en.pdf>


Sincerely,


Monique Buchanan
Communications Specialist
Information Systems & Technology (IS&T)
Massachusetts Institute of Technology
http://ist.mit.edu
tel: 617.253.2715







-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20160210/b85cbf39/attachment.html