As Syracuse University moves more towards a remote workforce in response to the COVID-19 pandemic, there is a rising risk to the information of our students, faculty, and staff. Many of us will be accessing data from computing systems not managed by IT staff from networks that may not be as secure as the campus network. Any points of vulnerability on those systems affect the University.
Please consider the following tips to help keep your data and the data of our University community safe.
COVID 19 Related Attacks
Beware of phishing attacks and scams directly related to the current COVID-19 Pandemic. Syracuse University and it's peers have noted attacks that appear be:
- CDC Alerts
- Health Advisories
- Stimulus Checks from CARE Act
- Workplace Policy Updates
- Fake COVID-19 Tracking Websites and Apps
- COVID-19 Cures and Inoculations
The goal of these attacks are to get users to click on links or open an attached document. Be very cautious when opening any of these emails or attachments. If you're not sure, forward the messages to firstname.lastname@example.org. We'll do our best to help.
Safe Computing Tips
Be extra cautious
We have already noted bad actors taking advantage of the current COVID-19 crisis. Be extra wary of email that asks you to donate, provide personal information, threatens to lock your account if you don't "click here now!”, or offers an easy solution for working from home. Scam emails promising immunity, cures or treatments for COVID-19 have been noted as well. If you think you see a phish or a scam, forward it to email@example.com.
Check out this video from the SANS Institute for some more information.
Secure your home computer
If you're not able to use a University-managed computer, make sure your personal computer is as secure as possible by:
- using strong passwords
- making sure patches are installed and updated regularly
- installing and updating Anti Malware software
- not running your day to day tasks as an administrator
Keep it in the cloud
Avoid saving documents with sensitive information on your personally-owned computer. Instead, use your G: and H: drives or your Microsoft One Drive for saving files.
Don't use personal email accounts for University business
Every employee of the University has an @syr.edu email address for conducting University business. Don't use your personal email account (e.g. Gmail, Yahoo, etc.) for conducting University business.
Take advantage of the University's Remote Access Methods
The University has several secure methods to access data remotely. You can work with your IT staff members to select which one best meets your needs. These methods include:
- SURA VPN
- Direct Tunnel Laptops
- Remote Desktop Services
Full details are available on the Remote Access page.
Remember… “University Data” includes data about you too! Following the simple tips above will help protect all of our information from compromise or exposure.