Security

Scam alert – who can you trust?

We have observed an uptick in scams targeting students, faculty and staff. In general, they are predominantly email-based, and often mimic job offers, research opportunities, or the occasional piano for sale. Please remember, only trust emails that come from @williams.edu addresses. We employ solid defensive security measures for our domain,… Continue reading »

Fake Job Scams are back

Fake job scams continue to appear, often from @gmail addresses and claiming to be a faculty member sending them. Please be suspicious of any email sent from an email address you don’t recognize or know. Williams faculty and staff will communicate via their @williams.edu accounts, not from @gmail. When/if you… Continue reading »

Using Okta MFA with the Williams VPN client

To enhance the security of our systems, Okta MFA will be required for VPN access starting November 15.    Active ransomware groups are targeting organizations that do not have MFA for their VPN users*.  If you have not yet signed up for Okta please do so. To use Okta MFA… Continue reading »

Demystifying Social Engineering – Fake Job Scams

Employment scams, or fraudulent job offers, pose significant risks to job seekers and can have devastating consequences. These scams typically involve criminals posing as legitimate employers, often using convincing job postings, emails, or even phone calls to lure unsuspecting individuals. More Information… Continue reading »

Goodbye Sophos, hello CrowdStrike

OIT is in the process of transitioning away from Sophos and to CrowdStrike. This has been underway for a few months, but what’s changing is the pace of our remaining deployment. Having successfully tested CrowdStrike throughout the college, next week we will begin to push it out to all college-owned… Continue reading »

Urgent need to update your devices

As if we don’t have enough excitement with the beginning of a new year, please take a few minutes before the semester gets into full swing and update your devices. This is good advice for any device, which can benefit from software updates and regular power-off/power-on cycles, but there are… Continue reading »

Live Securely in 2023 (part 4 of 4)

Still following along but not feeling secure, or without care? I’ve summarized the last couple posts in this series in a handy grid below, organized by the two main areas, identity protection and software updates.   While I don’t advocate printing it out, it can be easily copied into a… Continue reading »

Using Software “Without Care” (Part 3 of 4)

You may remember from the first post of this series that the word “security” originates from the Latin roots of “se” and “cura” which literally means “without care”. Wouldn’t we all like to be secure and not have to deal with all this security stuff? You can…and it’s easier than… Continue reading »

Live Securely in 2023 (Part 1 of 4)

I started my career in IT decades ago and I was always interested in the security of systems. Recently, I came across an old study guide for an information security certification I achieved in 2012. The guide was from 1998, and it reminded me that I’ve been doing this for… Continue reading »

Multi-Factor Authentication (MFA) Fatigue Attacks

Multi-Factor Authentication (MFA) Fatigue Attacks – What they are, what they mean, and what to do. If you’ve been paying attention to securing your information, you’ve likely heard to use a second-factor with your authentication, going a step beyond the traditional credential pair of a username and password and using… Continue reading »

Access Considerations For Employee Transfers

Process for managing data when an employee changes departments within Williams When a Williams employee changes departments (for example someone going from the Office for Information Technology to the Facilities department), Google shares, drives, calendars, email aliases and lists need to be manually changed.   The employee, supervisor and possibly department… Continue reading »

Phishing, Smishing and Vishing is on the rise

Phishing, Smishing and Vishing is on the rise…don’t fall victim to these attacks! Welcome to NCSAM week 2! This week we’ll take an in-depth look at three of the most common social engineering attacks, and the characteristics that aid in correctly identifying them. But before we reach that three-way fork,… Continue reading »

  • 1
  • 2
  • 4