CISO Memo: On Being an Umpire
Security is an interesting area to be a professional in. Much of what we do is behind the scenes, and difficult to place a value on. Someone once said that security is "like being an umpire".
What he meant by this was that, when you deliver security with precision and excellence, no one even knows you are there. But, on the rare occasion when security is in the spotlight, everyone has a comment. . . «more...»
Considering Skype? Some Guidance to Keep You Safe
In this period of economic restraints, everyone at Brown is investigating possible ways to reduce expenses. As a result, there has been an increased interest by the Brown community to utilize Skype for long distance telephony service.
Because of the security implications of Skype, the Information Security Group has prepared the following overview and recommendations to ensure the security and privacy of University data. . . «more...»
Profile: Salomon Frangieh, Brown's New IT Auditor
Meet Salomon Frangieh, who joined Brown University as its Associate University Auditor, Information Technology this past February. In his capacity as Brown's new IT Auditor, Frangieh is responsible for the creation and development of an information systems audit program for the University.
Prior to Brown, Frangieh worked at KPMG LLP's Boston office in their IT Advisory Services practice. . . «more...»
Traveling with your Laptop: Have a Nice (and Safe) Trip!
Whether jetting to Japan, basking in Barbados or camping in the Catskills, your laptop will probably come along on the trip so you can keep up with email, read your favorite blogs or watch a DVD.
If you do pack a computer, be sure to prep it for the trip. Think of the precautions as the equivalent of bringing the sunscreen (you don't want to get "burned"). . . «more...»
Spot the Phony
Think you can spot a phishing email? How about a legitimate one? Take the SonicWALL Phishing and Spam IQ Test and see if you can.
Over a million people have already taken the quiz worldwide. However, according to SonicWALL, only about 7% of test takers get all 10 questions correct. About 85% of the phishing e-mails are identified as "phish" by the test takers, but only around 55%of legitimate e-mails are correctly identified. Can you beat the odds?
Beware of USB Flash Drive's Autoplay Feature
Here's a good tip from the SANS Institute. If you find a USB token in the wild, don't plug it into your USB port, as it could autoinstall software if your system is set to autoplay CDROMs. Though many organizations' standards call for disabling autoplay of CDROMs, you should check and set yours.
To disable autoplay follow these instructions (for WinXP):
- Open My Computer
- Right click on your CDROM drive selecting Properties
- Select Autoplay page and set each menu option to Select an Action to Perform = Take no action
- Click Apply (you must apply each setting change one at a time!)
- Repeat for each item in the list (alternatively, ensure that all are set to Prompt me for action)
For a Mac:
- Open System Preferences
- Select CDs & DVDs
- For the options " When you insert a music CD / picture CD / video DVD", select Ignore
Want more tips? Sign up for an RSS feed of SANS Security Awareness Tip of the Day.
Protecting Brown Information in the Classroom and Online
Over 1,300 individuals have taken the Protecting Brown Information class to learn what constitutes "Brown Confidential Information"; where, when and how it's at risk; and what need to be done to mitigate that risk. Are you one of them?
Classes are held the third Wednesday of each month (sign up at the Training.brown.edu site) and are also available online for those unable to attend in person. Check there also for periodic Safe Computing Brown Bags. For access to the online class, or to make suggestions for brown bag topics, email us at itsecurity@brown.edu.
Problems with this page? Write to secureit@brown.edu