Categories (1)

Articles (17)

Pinned Article March 2024 Security Topic - Generative A.I. and Data Privacy

Despite the risks of generative A.I., we must continue to explore its potential with consideration to our obligations to protect privacy data.

Posting Photos of Found ID Cards on Social Media

Informing students that posting photos of found ID cards is not acceptable.

Replacing Old Employee Devices

Newer devices support newer operating systems and provide additional security features built into the hardware. It's important to stay up to date in order to get the best protections.

February 2024 Security Topic - Don't be Fooled by Scareware

A significant number of scareware and tech support scams are being reported at the University. These scams involve a website pop up declaring a computer or phone is infected with a virus. The pop up will appear to be from a reputable company like Apple, or Microsoft. It will provide instructions for software to download or provide a tech support number to resolve the problem. It is important when receiving these scary messages and phone calls to take a moment to think about the situation.

December 2023 Security Topic - How Applications Can Compromise Your Computer

The importance of computers today cannot be overstated. We rely on various applications daily, from web browsers and email clients to productivity and messaging tools. However, behind the benefits provided is a complex system where applications hold significant power over your computer and its processes. If not properly secured, these applications can become gateways for online attacks that can compromise your computer and personal data.

November 2023 Security Topic: Info Sec Policy and the Brockport Policy Set

For this article I wanted to compare what SUNY Brockport uses policies for versus what an Information Security Program uses policies for. In a program, policies are used to assign responsibilities to groups, positions or offices related to an organizational requirement that supports a strategic plan objective. In the perfect world of security planning, it all fits together in a very clear set of documents which begin with a strategic plan and end with specific procedures being implemented.

October 2023 Security Topic - Information Security Program

What is an information security program then? It combines all the projects and activities related to the protection of information and systems into one program that is managed with an organization wide set of goals and objectives. The program must be integrated into strategic goals of the organization and support them. Alright, so the program thing makes sense. But why combine everything together?

September 2023 Security Topic - Strategy and Cybersecurity

Rarely do I hear the word “strategy” when talking with colleagues about cybersecurity issues and solutions. Usually, we are talking about products designed to address weaknesses in technology or the configuration settings of various services. For this month’s article, I will spend a little bit of time exploring what a strategy is and why the NYS Cybersecurity Strategy is important to consider.

August 2023 Security Topic - Organization Level Cybersecurity

What is cybersecurity and how do we practice it? People often envision MIT graduates surrounded by burritos and Red Bulls furiously typing away on a Cray supercomputer. It’s the stuff of TV shows and movies. They pause ever so often to converse in the inscrutable language of computers. Then it’s right back to furious typing long into the night. The reality of cybersecurity, the most important aspects of it, are very different. Information Technology presents risks. We all have a role to play in

July 2023 Security Topic - FERPA and Cybersecurity

The Family Educational Rights and Privacy Act (FERPA) is a surprisingly interesting law. The act was passed in 1974 in the wake of Watergate and President Nixon’s resignation from office. There was no congressional committee discussion about FERPA. It was added to the General Education Provisions Act as an amendment without much excitement or fan fair.

June 2023 Security Topic - Moving Cybersecurity Beyond the System Administrator

Historically in information security we have asked: what can a system administrator do to get employee buy-in to security practices? The more realistic question is: can a system administrator get buy-in for security practices? Are they the best role within the organization to encourage safe practices? Do they have the right skills? Should organizations be overly dependent on system administrators to impact security cultures?

May 2023 Security Topic - Work From Home Networks

How can I make my house more secure to protect my workplace resources without spending a ton of money and time? Heck, how can I better protect my personal stuff also at the same time? If company networks at Uber, Cisco, and others are being successfully attacked, my home network certainly doesn’t stand a chance.That is why the National Security Agency (NSA) recommendations related to working from home really got my attention back in February of this year (2023).

April 2023 Security Topic - Virtual Private Networks (VPN)

SUNY Brockport utilizes a Virtual Private Network (VPN) to provide off campus access to non-public services and applications. We have been utilizing VPN technology for many years, but there is still often confusion about what it’s for. In this article we will attempt to clarify some of the confusing aspects of this technology without diving into the technical details of how it works.

April 2023 Security Topic - Junk Email Folders

Why do we have these unwanted junk emails in a folder? Turns out the designers and implementers of email systems had a problem.