Cyber Security
You use your WISD computer for a multitude of online purposes, from researching a service or a purchase for your department, creating and answering email, to possibly viewing private student data. Because of the sensitivity of our jobs, all of us should be educated on the advantages of maintaining and updating the antivirus programs on our computers, running virus scans, and using caution when opening emails or downloading files from unknown sources.
Cybersecurity Awareness
- Choose a Strong Password
- Update Software
- Don't Share Access or Passwords
- Use Secure Connections
- Use Multifactor
- Seek Support
CYBERSECURITY MONTH
Some emails can contain links that, if clicked on, will download a payload (a virus, worm, or trojan-horse) onto your computer. Direct file downloads from untrusted sources can contain code that will install into and compromise your computer’s operating system (OS). This is all called malware, and this malware can run the gambit of doing nothing much to your computer (rare) to causing so much random damage to your OS that the only fix available is to perform a clean reinstall of your OS. If this is the case then no file on your machine can be considered safe, so you lose everything, every file on your machine.
No one wants this to happen, and as much as we try to be watchful over time we can grow somewhat lax in our vigilance, a trait the more sophisticated malware infections do not share. They constantly roam the internet, searching for a way to infiltrate personal computer systems and cause serious damage. Or they sit on malicious web pages, waiting to be downloaded. They ride as links in unsolicited emails that show up in your inbox. The people who write these black-hat programs do not care what computers they attack or how much damage they do. They only care that they succeed in the attack.
The best, first defense against such attacks is the antivirus program installed on your computer. An antivirus program is a tool that notifies you when something unpleasant tries to access and install itself on your computer. Since your antivirus program scans in ‘real time’ it can usually warn you about an issue before it becomes a disaster by trapping the malicious program before it can install itself.
There are many tools that the WISD uses to help insulate your computer from such attacks. Every PC issued by the WISD comes preinstalled with antivirus software, with real time protection set to ‘on,’ and scheduled scanning active. Real time protection means every file downloaded to your computer is scanned for malware, as the download happens. If it catches anything, then it will isolate the file and pop up a warning. We also run a large antivirus system on our email server, helping to protect your email from unwanted malware.
But it can’t catch everything. If a new virus emerges on the internet, before the AV company has a chance to update its DAT files (a small, downloaded file with information on the malware that the antivirus program uses to identify the problem file), your computer could become infected. This is rare, but it can happen.
Data Security & Retention
OneDrive:
- Store all your files on OneDrive
- Files automatically synced and backed up
- Hosted on the cloud
- Remote file access
Student Data:
- Never send student information that can identify them in an email
- FERPA violation
- Possibility of stolen or misused student information!
Email Encryption: What is it & Why is it needed?
Encryption involves disguising the content of email messages in order to protect potentially sensitive information from being read by anyone other than the intended recipient(s).
Encrypt your email if it contains any of the following:
- Student Data – Full names, student numbers, student PII, addresses, parent/guardian information, grades, disciplinary actions, or other records.
- Financial Information – i.e., banking information, routing numbers, direct deposit slips, etc.
- Personally Identifiable Information (PII) – Full names, addresses, banking information,criminal records, social security numbers, phone numbers, or other contact information.
- FERPA
- HIPAA
How to: Email Encryption
In Outlook:
- Step 1: Open a new email window
- Step 2: Click on the Options button
- Step 3: Click on the Encrypt button
- Step 4: Click on "Encrypt-Only"
- Step 5: Confirm Encryption Notice at the top of your email
Bitlocker
Hard Drive Encryption
- Bitlocker software encrypts your hard drive
- Provides security in event of lost or stolen equipment
- Prevents outside access of information on laptops
- Why? Keep student & agency information secure
6-Digit Pin
- Staff assigned laptops must create a 6-digit pin that is entered at computer startup
- 25 wrong attempts, then you will be locked out of your device
- Call the Technology Dept. to reset your pin!
Passphrases
Passphrases are currently the safest way to secure your accounts. A password is different from a passphrase. Here's how:
Password : one word and numbers
- Easily cracked by attackers
- Ex. password123
Passphrase : a string of words replacing some letters with numbers and symbols
- Combination of words is difficult to crack
- Ex. Convert the phrase: 'The Fox Jumps High'
- Th3F0xJumpsH!gh
Passphrase Criteria:
- Should contain 12+ characters
- Include upper and lowercase letters, numbers, and symbols
- Easy to Remember
- A phrase relating to your daily life
- Ex. Convert the phrase: 'I Brush My Teeth'
- 1Bru$hMyT33th
Phishing & Spam
The Technology Dept. will NEVER send you a link to change your password.
- Common phishing emails will tell you that your account is going to close if you don’t change your password. This is never the case.
Think before you click!
- Opening unknown attachments or clicking unknown links is very dangerous.
- Your computer can become infected and your account credentials stolen.
- If you question the legitimacy of an email, send it to IT Security in the Technology Dept. or call/ask the sender in person if they sent it.
Questionable Email?
Send the Security Team a quick message.