CIS has numerous goals we work on throughout the year and security has been a priority. It’s a multi-faceted topic with a number of areas to consider and we’ve addressed it through the following:
- Duo Security Two-Factor Authentication: Many of you have already heard about two-factor authentication. Duo Security provides an extra layer of security for users. Rather than relying on a password alone, users can verify their identity through their mobile phone or a hardware token. This greatly enhances security and helps us protect Personally Identifiable Information (PII), both your own and that of others. Duo Security is being rolled out in waves across campus to different departments and will eventually be utilized by the entire HMC campus.
- Trend Micro: We’ve been rolling out Trend Micro Antivirus protection to all staff and faculty systems on campus. Trend Micro automatically runs by default every day at 12pm to ensure systems are protected. Currently, we have the software available for both PCs and Macs, with the option to have either a CIS staff member help you install it, or instructions on how you can do this yourself here.
- Encryption: We’ve also been working with all faculty and staff on campus to encrypt user systems. By encrypting users’ systems, we are better able to securely protect data and prevent it from falling into the wrong hands. If a system is stolen or lost, encryption keeps the data on the machine safe.
- User training: Those who have access to sensitive data are often targeted through phishing scams and other methods. We’ve implemented more in-depth user training to minimize the likelihood of a data breach. This training is offered through LawRoom, the company that provides annual training regarding sexual harassment. If you are interested in early access to the IT security training, please get in touch with the Help Desk.
- OpenDNS Umbrella: The rollout of OpenDNS Umbrella has helped us reduce the likelihood of a user visiting a malicious site. If someone were to attempt to visit a known malicious site, they are automatically redirected to a benign webpage. If for any reason a website is improperly listed as malicious through OpenDNS, we are able to work directly with them to address it accordingly. You can learn more about OpenDNS Umbrella in our Services Catalog.
Although we are implementing all of these changes to enhance security at HMC, phishing scams and other malicious attempts at accessing PII will continue to evolve. We are continuing efforts to stay ahead of these changing trends to ensure our students, staff, and faculty are outfitted with the latest security technology and tools to keep their data protected.
Think you can spot the difference between a legitimate site and a phishing scam? You can take the Phishing Quiz from OpenDNS to put your skills to the test. Let us know how you did!