Best Practices

Phishing

Submitted by ISO Admin on Thu, 05/31/2018 - 15:13

Phishing

Phishing is a form of social engineering where the attacker attempts to trick people into revealing private information by sending fake emails that appear to be from reputable sources.

Identifying a Phishing Email

Here are a few things to look for when trying to figure out if an email is a phishing attack:

  • Sender - Verify who the email is coming from. If you do not recognize the sender, or the 'reply' address is different, the email may be a phish.
  • Links - Check for suspicious looking links included in
    • ... ...

Digital Self-Defense Training

Submitted by ISO Admin on Fri, 01/26/2018 - 15:18

DSD LogoDSD Dojo for Development and Alumni Relations

https://www.rit.edu/security/dsddojo/

The Information Security Office provides Digital Self Defense training courses scheduled through the Center for Professional Development or by request. The program is divided into three courses: Introduction, Desktop Security Tools, and Information Handling. See below for more information about specific courses.

DSD 100 Practicing Digital Self-Defense

Designed for new RIT community members or as a refresher for others, Practicing Digital Self-Defense provides an introduction and exercises for identifying phishing attacks, constructing good passwords, and using mobile devices securely.

DSD 100 Practicing Digital Self-Defense Online... ...

Cybersecurity Considerations for Traveling Abroad

Submitted by fbwis on Mon, 07/17/2017 - 11:13

Cybersecurity Considerations for Traveling Abroad

Do you travel abroad with a laptop or other mobile device? The information below will be helpful.

A couple of notes:

  1. This communication reviews Cybersecurity concerns. RIT Global Risk Management Services provides a more comprehensive overview of travel policies and considerations.
  2. Travel restrictions can change abruptly, both here and abroad. Review the U.S. State Department Alerts and Warnings before and during travel.

 

Traveling with a laptop and other mobile devices

Should you bring your RIT laptop?

  • It depends. Can you do without it? Unless you need your laptop to conduct

    • ... ...

Media Disposal Recommendations

Submitted by ISO Admin on Fri, 05/12/2017 - 16:42

Media Disposal Recommendations

... ...
Media Disposal Method

Paper

Use a shredder. Crosscut is preferred over a strip shredder. 

Disposal of paper records containing Private or Confidential  information should be accomplished by crosscut (or better) shredding, placement in a locked document destruction bin, or through vendor-supplied services under a contract approved by RIT Procurement Services.

CD, DVD, diskette, etc.

Use the media shredder (located at the ITS Service Desk, 7B-1113).

Hard Drives

If the hard drive is to

Creating Strong Passwords

Submitted by Anonymous (not verified) on Fri, 04/14/2017 - 11:27

Creating Strong Passwords

What is a secure password?

A secure password should be virtually impossible for others to guess. it should not contain or be based on personal information, and it should not be written down or given out to anybody.

RIT Information Security recommends:

  • Minimum of 12 characters (8 are required)
  • Mixed upper and lower case letters
  • At least one number and at least one symbol

Minimum requirements for passwords can be found at: https://www.rit.edu/security/content/password.

How do I... ...