A security vulnerability that affects OpenSSL, being referred to as Heartbleed, was recently discovered and has potential for widespread impact. OpenSSL is software commonly used to secure web servers, including many web-based services throughout the university.
Our campus is constantly under attack by a barrage of attempts to steal personal information, often referred to as phishing. Work-from-home and check scams are also on the rise. See more about employment scams on the CUPD website.
The Office of Information Technology and the university's Office of Information Security will be sending survey emails to a random sample of university employees, student workers and other affiliates during March. The survey is hosted by Qualtrics and should only take a few minutes of your time if you receive one. Your input will provide the university with important feedback that will help us enhance future security awareness campaigns and programs.
Following is a copy of the email:
Identity Finder, a tool provided at no-cost to faculty and staff, scans the content of all computer files and alerts the computer user if private information may be easily-accessible (e.g. social security numbers or credit card numbers). This alert allows the user to securely delete or protect this data to avoid others accessing it in the event of a virus or theft.
CU-Boulder employees have access to, and are responsible for protecting, a wide variety of sensitive information. Unauthorized exposure of information such as student academic records, medical information, credit card information, and social security numbers can have a harmful effect on people's lives. Therefore, OIT recommends scanning your computer for private data frequently so you can take the proper precautions.
The University of Colorado in partnership with Identity Finder is promoting the Identity Finder Student Initiative, providing Students with a copy of Identity Finder home edition at no cost. The software is designed to assist students find private data stored on their computers.
Modern malware targets locations computers store records of purchases made online, college applications, credit and banking applications and more. If the malware finds this information it communicates that information to its creator. The information is then used to steal identities or to make errant purchases without the owner's knowledge. Knowing where this information is provides the user with options. Students are advised to utilize this software to assist in protecting themselves.
Technical Staff, like our IT Partners, can find helpful information on this page along with installers to Forefront Client Security .msi installers for desktop deployment
OIT advises Linux administrators use file protection based on the functionality of the system. If you are running a file server that hosts files that can be executed on a Windows system, use antivirus protection from ClamAV. Host-based intrusion detection (HIDS) is advised for systems that run internet facing services.
OIT recommends Microsoft Security Essentials antivirus and antispyware software for pesonally owned computers running Windows OS.
OIT recommends the use of Sophos software for university-purchased Macintosh computers.
|Sophos Endpoint Protection|
|Available For:||Faculty, Staff, and student staff conducting official university business.|
OIT recommends System Center 2012 Endpoint Protection for Windows antivirus and antispyware software for university owned computers running Windows OS. System Center 2012 Endpoint Protection for Windows is provided as a common good service through the Microsoft software campus EES agreement. System Center 2012 Endpoint Protection for Windows is not available for personally owned computers.
CU-Boulder's Large File Transfer service is a web tool to send large files securely to any email address, on- or off- campus. This is a great solution for anyone sending large files, but particularly for researchers who share large datasets.