UAB IT security professionals say the incident is a good reminder to the rest of us to take precautions with our own data.
Since most of us aren’t celebrities, our photos probably won’t be worth hackers’ time — but personal information can be.
So what can you do to keep your personal cloud accounts safe?
• Enable two-factor authentication on your cloud accounts. That way, if you — or someone else — tries to log into your account from a device that is not registered, you’ll have to log in using a verification code sent to one of your devices. It’s an extra step that helps secure your information.
Microsoft’s OneDrive — a cloud storage application available free for UAB students — uses two-factor identification and allows users to add security information to their account. Learn more here.
• Make sure you have a strong password. Ideally, you should use a passphrase you can remember. For example, choose “goblazers,” but replace some of the letters with numbers or symbols and include capital letters. The example, then, could become g0b!azers — easy to remember, harder to hack.
• Change your password often to keep your data secure. That’s why UAB requires employees and students to change their BlazerID passwords frequently, and to make sure they contain the kind of character combinations that make them much less vulnerable to attacks.
• Consider using a password manager or password vault such as LastPass or KeePass. Such tools — which vary in price — can help manage your different logins while keeping them secure.
UAB employees should also be very cautious about cloud storage in regards to University information.
“UAB employees should not use cloud products for UAB business data without approval,” said Scott Fendley, information security operations manager for UAB IT. “UAB IT reviews the contracts and ensures that the cloud products meet our requirements.”
This month’s Tech Talk on Sept. 25 will feature a discussion of cloud computing at UAB.
Monthly Training Newsletters
UAB IT is now providing information security training materials to inform university faculty, staff and students about computer threats. Each month a newsletter will be released focusing on new and different cyber security threats. Contact the UAB IT Information Security office for more specific training options that can increase the protection of your information systems.
August 2013 - Protecting Your Passwords
September 2013 - Encryption - Protecting Sensitive Information
October 2013 - see links below for National Cyber Security Month publications
November 2013 - Data Protection
December 2013 - Permanently Erasing Data
January 2014 - Wifi Security
Link to Week 1 Article
Link to Week 2 Article
Link to Week 3 Article
Link to Week 4 Article
The UAB Security Forum will be conducting a survey of information technology personnel across the entire campus, including UAB Hospital. A letter describing the content of the survey, and how to access it electronically will be sent to UAB leaders via email in the coming days. All employees who are being asked to complete the survey should respond as soon as possible. Questions can be directed to the Security Forum co-chairs, Dr. Franklin Tessler, School of Medicine, or Julio Rivera, Ph.D., School of Business. Additional information will be available from Joe Popinski, Ph.D., UAB Information Technology.
UAB & National Cybersecurity Awareness Month 2012