Welcome to
Information Security

The Information Security Office provides leadership to the RIT community in safeguarding the confidentiality, integrity and availability of RIT’s  information resources.

Learn more »

Are you the
Weakest Link

Get information on how to safely remove private information from your devices and stay protected. The chain of security is in your hands.

Learn more »

Guard your
Private Information

The Private Information Management Initiative (PIMI) seeks to identify and reduce the amount of private information found on RIT computers and storage devices.

Learn More »

Learn more
InfoSec About Us Lock + Cable
Sentinel - Standards and Policies
,
Learn about
Phishing

The ongoing evolution of digital communication also brings about the evolution of scammers and their methods. Phishing is one kind of such fraud, in which the attacker masquerades as a reputable individual or group, in order to trick users into revealing their private information. Check out our resources to learn how not be baited and reeled in!

Learn more »
 
 

RIT Information Security Alert: Important Security Notification Phishing Attempt

Submitted by awmiso on Wed, 01/17/2018 - 16:02

We’ve received a spear phishing attempt (a phish targeted at a specific population) claiming that there is a security emergency on campus. The email asks the reader to access a linked REPORT and follow protocol. If you encounter this phish, please just delete it.

Here’s the text from the phishing attempt:

--------------------------------

From: "Cullis, Barbara" <EMAIL ADDRESS>
Date: January 12, 2018 at 3:33:00 PM EST
To: Undisclosed recipients:;
Subject: Important Security Notification

Hello All,

There is a security emergency in Campus. Please go through REPORT released for update

and follow protocol.

---------------------------

What can I do to protect myself?

  • Be vigilant! Never respond to an email request for your username
    • ... ...

RIT Information Security Alert--Patch the Flaw in MacOS High Sierra

Submitted by sxmiso on Mon, 12/04/2017 - 09:06

RIT Information Security Alert--Patch the Flaw in MacOS High Sierra

Why am I receiving this message?

Apple has released a patch today for a flaw disclosed on 28 November in the most recent version of its MacOS, High Sierra. The flaw allowed administrative access to attackers without requiring a password.

Please install the patch ASAP by opening the App Store app on your Mac, clicking Updates in the App Store toolbar, and then using the Update buttons to download and install any updates listed.

For More Information... ...

RIT Information Security Education--Avoiding Ransomware Attacks

Submitted by sxmiso on Mon, 10/23/2017 - 11:40

Ransomware is a type of malware designed to encrypt users’ files or lock their operating systems so attackers can demand a ransom payment. According to a 2016 Symantec report, the average ransom demand is almost $700 and “consumers are the most likely victims of ransomware, accounting for 57 percent of all infections between January 2015 and April 2016.”

How would I get ransomware?

Similar to a phishing attack, ransomware executes when a user is lured to click on an infected link or email attachment or to download a file... ...

Single Sign-on now required for accessing Oracle/myInfo/myBiz accounts: Multi-factor authentication available

Submitted by sxmiso on Mon, 10/23/2017 - 10:10

Dear Faculty, Staff, and Student Employees:

As of today, October 23rd, you will need only your RIT account to log into the Oracle myinfo/mybiz applications. You will no longer use your Oracle username and password!

In addition, Multi-factor authentication is now available and will be required when logging in to the Oracle Apps as of December 5th.

Multi-Factor Authentication (MFA) is a way of ensuring that only you are able to access your accounts on specific applications. MFA requires you to provide another “factor” (such... ...

RIT Information Security Education--How to Know if You've Been Hacked

Submitted by sxmiso on Tue, 07/25/2017 - 16:14

Compromised accounts happen. Quick identification and response can reduce the harm done to your account and your personal information.

How to know if you’ve been hacked:

  • Your friends tell you. They’ve received a spammy or phishy e-mail from your email account, social media, messaging apps, or SMS.
  • Your phone tells you. Battery and data usage are higher than normal. Charges for premium SMS numbers show up on your bill.
  • Your merchants or bank tell you.You receive collection calls.
    • ... ...