tidBiTS
Informs and engages the UNB community on IT developments and news

Management Briefing - 3 Things You Can Do Now to Improve IT Security

Author: ITS

Posted on Jan 8, 2015

Category: Management Briefings

Background

Did you know that UNB’s IT infrastructure experiences millions of external intrusion attempts every
week? That malicious websites are the main source of malware that can--and has--led to financial
losses? Or that unprotected computers pose the single greatest threat to enterprise and individual
data assets and intellectual property? While striving to provide an open but secure computing
environment in which our community can teach, learn, conduct research, and perform administrative
functions, ITS works tirelessly to reduce enterprise risk due to the many IT security threats and
vulnerabilities we face every single day. Another way to combat IT security problems is for end users
like yourself to be aware of and prevent potential problems. Here are 3 ways you can contribute to a
safe and secure computing environment at UNB.

1. Secure your computing environment including servers, desktops, laptops, smartphones, tablets,
etc. Make sure ITS is updating your computer automatically—patches and anti-virus are kept up
to date quietly in the background, no fuss, no muss. Use strong passwords you change regularly;
on your mobile devices, use a passcode, and never disable it. The slight inconvenience of having
to enter it frequently far outweighs the stress and potential loss from making it easy for others to
access personal or work data. Never walk away from a computer you have logged into, but have
not yet signed out of—doing so is an open invitation to others coming behind you to exploit a
now-gaping vulnerability! There are lots of users who have forgotten to log out, only to have their
email abused, their documents ransacked, or even their bank accounts compromised. If any of
your equipment or devices are lost or stolen, or if you suspect your IT account has been accessed
by someone other than you, report it immediately. Quick action like locking accounts and wiping
devices remotely can forestall serious consequences.

2. Encourage faculty, staff and students in your department to take the IT security awareness
course on D2L. Thousands have already completed it; feedback ranges from “wow, I never knew
that!” to “it’s time to wake up” to “the course covers all the essentials, with enough detail to be
helpful, but not overwhelming”. Organized in short modules covering topics like making
passwords strong, recognizing phishing exploits, avoiding malicious websites, and managing
confidential information, the course can be taken in one go (about an hour), or over time in
convenient snippets. The course is free of charge for all UNB community members, and is one of
the best investments of time anyone will ever make. If you haven’t yet taken the course yourself,
logon to D2L via the myUNB portal right now!

3. Support ITS as we continue to enhance UNB’s secure computing environment. In the coming
months, several security-related initiatives will be completed. UNB’s renewed, state-of-the-art
data centre will come into full production, providing the capacity and reliability our critical IT
infrastructure needs for years to come. Building on this success, ITS will redesign and enhance the
data network, incorporating next generation perimeter and internal defenses. Finally, new
policies and procedures, designed to inform and guide the community on information and
computing security best practices and standards, will be drafted and distributed for review,
feedback, and implementation.

January 7, 2015, Terry Nikkel, AVP, ITS