Best Practices

Phishing

Submitted by ISO Admin on Thu, 05/31/2018 - 15:13

Phishing

Phishing is a form of social engineering where the attacker attempts to trick people into revealing private information by sending spoofed e-mails that appear to be from reputable companies. Phishing e-mails provide a link to a seemingly authentic page where you can login and reveal your username, password and other personal identifying information (PII). Online scammers can then use this information to access your accounts, gather additional private information about you, and make purchases or apply for credit in your name.

 

Identifying a Phishing E-mail

  • Sender. Verify who the e-mail is coming from. If you do not recognize the
    • ... ...

Digital Self-Defense Training

Submitted by ISO Admin on Fri, 01/26/2018 - 15:18

DSD LogoDSD Dojo for Development and Alumni Relations

https://www.rit.edu/security/dsddojo/

The Information Security Office provides Digital Self Defense training courses scheduled through the Center for Professional Development or by request. The program is divided into three courses: Introduction, Desktop Security Tools, and Information Handling. See below for more information about specific courses.

DSD 100 Practicing Digital Self-Defense

Designed for new RIT community members or as a refresher for others, Practicing Digital Self-Defense provides an introduction and exercises for identifying phishing attacks, constructing good passwords, and using mobile devices securely.

DSD 100 Practicing Digital Self-Defense Online... ...

Cybersecurity Considerations for Traveling Abroad

Submitted by fbwis on Mon, 07/17/2017 - 11:13

Cybersecurity Considerations for Traveling Abroad

Do you travel abroad with a laptop or other mobile device? The information below will be helpful.

A couple of notes:

  1. This communication reviews Cybersecurity concerns. RIT Global Risk Management Services provides a more comprehensive overview of travel policies and considerations.
  2. Travel restrictions can change abruptly, both here and abroad. Review the U.S. State Department Alerts and Warnings before and during travel.

 

Traveling with a laptop and other mobile devices

Should you bring your RIT laptop?

  • It depends. Can you do without it? Unless you need your laptop to conduct

    • ... ...

Media Disposal Recommendations

Submitted by ISO Admin on Fri, 05/12/2017 - 16:42

Media Disposal Recommendations

... ...
Media Disposal Method

Paper

Use a shredder. Crosscut is preferred over a strip shredder. 

Disposal of paper records containing Private or Confidential  information should be accomplished by crosscut (or better) shredding, placement in a locked document destruction bin, or through vendor-supplied services under a contract approved by RIT Procurement Services.

CD, DVD, diskette, etc.

Use the media shredder (located at the ITS Service Desk, 7B-1113).

Hard Drives

If the hard drive is to

Creating Strong Passwords

Submitted by Anonymous (not verified) on Fri, 04/14/2017 - 11:27

Is your password easy to crack?

What is a secure password?

A secure password should be virtually impossible for others to guess. It should not contain or be based on personal information, and it should not be written down or given out to anybody.

RIT Information Security recommends:

  • Minimum 15 characters (at least 8 required)
  • Mixed upper and lower case letters
  • At least one number and at least one symbol

Minimum requirements for passwords can be found at: https://www.rit.edu/security/content/password

What should I avoid?

There are many ways people try to make their passwords easier to remember. Cracking programs look... ...