Identity theft is big business. One need only look at the news headlines to see how creative and sophisticated computer hackers routinely subvert detection to target innocent users, pilfering not only their personal information but potentially the data they work with every day. The information hackers collect is typically sold online to the highest bidder. The vast majority of hacks involve some form of social engineering to get the user to do what the bad guy wants. Either the user voluntarily discloses personal information or he is tricked into installing malicious software on his machine, allowing the bad guys to go in at a later time and harvest data. Usually the hacker’s attempts are foiled by cautious and swift user action. There are times, though, when weaknesses in a computer’s defenses leave it vulnerable to a number of attacks.
Archive for April, 2009
To help combat computer threats, the University IT Security Office maintains security awareness education materials to convey important computer security principles. Feedback has enabled us to improve the online course to address current needs and allow computer users to acquaint themselves with their roles and responsibilities in protecting University data and assets. We recommend that all faculty, staff, and applicable student staff complete security awareness training. This course also meets the requirement of various regulations that require security training (for persons with access to sensitive information). The online course takes on average only 30-60 minutes to complete. You are invited to enroll and complete the course, located in Employee Self Service under the “Learning and Development” heading and the “My Training” link. Step-by-step instructions for enrolling in this ICON course are available at: http://cio.uiowa.edu/ITSecurity/bestprac/secaware09.shtml If you have any questions or comments, please contact the IT Security Office at 335-6332 or firstname.lastname@example.org.