Yes Virginia, you do need antivirus software for your Mac

If you’re one of those people who think their Mac is absolved from getting viruses, think again.  According to this analysis at Bit9, in 2015 alone researchers have discovered five times the amount of unique OS X malware than in the last five years combined.  Makes perfect sense due to the growth in popularity of Macs in the business and at home.

Information Technology reminds everyone that all users are required to install an antivirus program on their computers, regardless of the computers’ operating systems. IT offers McAfee VirusScan software for free to all UMass Lowell students, faculty, and staff.  Check out the software applications page on the IT website for more information.

I have a firewall – am I good?

Firewalls are one of the many components defending our networks and computers from unwanted connections. But how do they help keep us secure? Imagine a firewall as a building with many doors. Each door controls access to a particular service on your computer.  For example, hosting a web page or running a database on your computer would be a legitimate service.  If you would like people outside the building to view your web page, you would need to open the door controlling access to that particular service.  Conversely, preventing unwanted outside connections to your database means you need to shut the door controlling access to that service. This type of control prevents people from just wandering in and connecting to any open service on your computer.  Keep in mind that people inside the building can come and go as they please.

So how do the bad guys manage to get in if the doors are closed?

  • Laptops or other portable devices coming into the house may carry infections that can open a door from the inside
  • Unauthorized Wi-Fi access points can open a backdoor into the house
  • Malicious code in a smartphone app can be hidden in legitimate services that can execute when brought back inside the house
  • Unpatched services that have an open door can be exploited to allow additional levels of access
  • People opening their email inside the house can release a virus infecting them or the rest of the building

To make it more difficult for hackers from gaining access, additional defense mechanisms such as anti-virus, anti-spam, and patching your computers are used in conjunction with the firewalls.  Employing various technologies such as these is known as Defense in Depth, and it helps to head off the intruders whenever they manage to find an opening.

So while firewalls may be considered our first line of defense, they are by no means our only tool in the security toolbox to help keep us secure.

Social Media – What Hackers Can Learn About You in Less than 30 Minutes

Have you ever stopped to think how much information about yourself is freely available online? With over 2 billion active social media accounts today, hackers are shifting their focus to target social media users. In less than 30 minutes, nearly anyone can learn your name, email address, location, past work experience, hobbies, and more just by looking at your profile. If hackers gain access to other information such as a credit card or social security number, they can even apply for loans and mortgages in your name.

Here are some ways to protect your personal information and keep your online presence secure when using social media by visiting one of industry’s leading authority on security awareness.  What Hackers Can Learn From Social Media in Less than 30 Minutes.  (pdf viewer is required).

Additional Resources:

Stay Safe Online
Staying Safe on Social Networking Sites
5 Tips for Social Media Security and Privacy

 

 

Protecting Your Digital Life – 2 Steps Ahead

Using a password alone to secure your data on online accounts is the first step toward protecting yourself. Learn how to take the second step and add an extra layer of security and take control of your online accounts with 2 step authentication. Get more at www.stopthinkconnect.org/2stepsahead.

This video is courtesy of the Stop.Think.Connect campaign as part of the National Cyber Security Awareness Month.

Two-step, multi-factor authentication or 2FA is a security tool that uses multiple verification techniques to prove that the person attempting to log onto an account is really that person.

One method with which many of us are already familiar is that special code we receive via phone text after we’ve logged onto a password-protected site or app on our laptop or other device from a browser we normally don’t use. We gain access to our account only after we correctly enter the code.  Banks have been doing this for years to protect your information.

Two-factor authentication can combine multiple types of verification.

Some of these methods include:

  • Something you know: a password, code, passphrase or PIN
  • Something you have: a physical token, chip,  or phone

These methods provide an extra layer of security. Most people only have one layer – their password – to protect their account. But combining something you know (your password) with something you have (your phone, token, etc.), makes your account even more secure.

In just one example of its use, Information Technology has enabled two-factor authentication for system administrators accessing UML resources from off-campus locations via our Virtual Private Network (VPN).  Stay tuned for more 2FA announcements accessing other applications like HR Direct and SIS.

Big sites already using two-factor authentication include Facebook, Twitter, Dropbox, Gmail, PayPal, eBay, and Amazon Web Services.

Turn It On: See step-by-step instructions on how to add two-factor authentication to more than 100 online accounts

 

 

Top 10 Ways to Keep Your Information and Data Safe!

Steven couldn’t wait for his first year at college. But what he didn’t know was how a simple list could protect him from a world of hurt!

Follow the top ten ways to keep your information and data safe online, and avoid Steven’s mistakes.

1) Install the University’s free antivirus software
2) Create strong passwords
3) Be Careful what you store online
4) Limit your public online presence
5) Lock or log off unattended devices
6) Keep your devices updates
7) Regularly check your online accounts
8) Be aware of phishing scams
9) Download files legally
10) Secure your mobile devices

For more information, visit:

http://www.uml.edu/IT/Services/IT-Security