Maintenance

January Desktop Security Updates Approved for Campus Computers

The majority of campus Windows desktops will have updates sent to them in the next day or so. For security reasons, campus computers are given an installation deadline for monthly patches. The installation deadline this month is Thursday, February 4th at 5:00pm. On Thursday at 5:00pm, if you have not installed this month’s patches, they will automatically begin installing, and when done, may reboot your computer. If your computer is off at the time of the deadline, updates will begin installing the next time you log in, and when done, may reboot your computer.

 We highly recommend that you install the patches as soon as you are prompted to do so, before the installation deadline. This way, you can be present when the computer needs to restart and you have more control over the restart timing, allowing you to save any open work. If you ignore the update messages you run the risk of updates being applied while you are not present and potentially having your computer restart and possibly even losing unsaved work.

Some non-Microsoft patches require web browsers to be closed, and may fail otherwise. If you have any updates fail, try closing any open browser windows and install again.

Wireless

Wireless Setup Locations

To help get the Spring semester off to a smooth start ITSS will have three tables set up across campus to help people get connected to campus wireless. ITSS technicians can assist you with the wireless network setup at these tables Monday-Friday (1/25-1/29) 10:00 AM to 3:00 PM.  Bring your laptop, phone, or other wireless device. This is in addition to our normal Service Desk and Lab hours.

Table locations:

  • Sutter Hall Dining
  • BMU Lobby
  • The Grove Laptop Lounge (MLIB)
Security, Training

Security Awareness Training

The campus has recently been targeted by several social engineering attacks.  Social engineering attacks utilize phone calls and emails to manipulate people into performing actions they should not do, such as using a web browser to visit an infected web site, installing software for purposes of providing “computer support,” or divulging confidential information.

Some short optional videos are available on the CSU, Chico Development and Training System (DTS) which provide additional details about these types of attacks as well as other information security topics: https://www.csuchico.edu/isec/tools_resources/sans_securing_the_human_security_training.shtml

Security Awareness Modules for Staff (Recommended Courses)

Social Engineering                                             02:53

Many of today’s most common cyber-attacks are based on social engineering. As such, this module explains what social engineering is, how attackers fool people and what to look out for. We then demonstrate a common social engineering attack. We finish with how people can detect these attacks and how to respond to them.

Email & Messaging                                            04:52

One of the primary means of hacking people is through email. Email is used for both simple, large-scale attacks and more targeted spearphishing attacks. We explain how these attacks work, including recent examples of phishing, spearphishing, malicious attachments and other email-based attacks. We then explain how these types of attacks work for almost any type of messaging technology. We then explain how to detect and stop these attacks.

Mobile Device Security                                      03:40

Today’s mobile devices, including tablets and smartphones, are extremely powerful. However, they also come with a growing number of risks. In most cases, these devices have the same functionality, complexity and risks as a computer, but with the additional risk of being highly mobile and easy to lose. We cover how to use mobile devices safely and how to protect the data on them

Security Awareness Modules for Faculty (Recommended Courses)

Social Engineering                                             02:53

Many of today’s most common cyber-attacks are based on social engineering. As such, this module explains what social engineering is, how attackers fool people and what to look out for. We then demonstrate a common social engineering attack. We finish with how people can detect these attacks and how to respond to them.

Email & Messaging                                             04:52

One of the primary means of hacking people is through email. Email is used for both simple, large-scale attacks and more targeted spearphishing attacks. We explain how these attacks work, including recent examples of phishing, spearphishing, malicious attachments and other email-based attacks. We then explain how these types of attacks work for almost any type of messaging technology. We then explain how to detect and stop these attacks.

FERPA                                                                04:32

The Family Educational Rights and Privacy Act, also known as FERPA, is a federal law that protects the privacy of student education records. The law applies to all schools that receive funds from the U.S. Department of Education. This module explains the rules and regulations all school faculty, staff, contractors and student employees should follow when handling student information. This module is built on and requires people to watch the Data Security module first.

 

More security information is available on the CSU, Chico Information Security (ISEC) website: http://www.csuchico.edu/isec