Category: Security

SharePoint Security Statement

SharePoint Security Statement

  1. Even though specific SharePoint sites or items may be password protected, SharePoint is an Internet-connected server which means that anyone in the world can generally contact the server and attempt to log in.
  2. Anyone, anywhere in the world, with the correct username and password can access information on the SharePoint server (i.e. data within SharePoint is a username and password away from anyone on the Internet).
  3. There are two kinds of data to consider:
    1. Restricted and Sensitive Data
      1. Generally, this type of data should not be placed in SharePoint.
    2. Intellectual Property that is not restricted, but should remain private
      1. This type of data may be placed in SharePoint at the discretion of project leaders.
  4. In general, if you are concerned about liability or legal ramifications, you should not place the data in SharePoint.  If you want to share restricted or sensitive data with a group, please consider using Purdue’s FileLocker sytem:  https://filelocker.purdue.edu.  While FileLocker is not as flexible as SharePoint, it is secure and encrypts data.

FileLocker – Share Files Securely

If you need to share files securely with others and you don’t want to risk placing your files on a consumer file sharing site, a good alternative @ Purdue is to use use FileLocker to distribute / share your files.

FileLocker is a free Purdue system that allows large files (up to 1 GB) to be securely uploaded and distributed. Files are encrypted within the system and you can protect files with a download password that non-Purdue people can use to fetch the file.

For example, instead of sending out CD’s in the mail to distribute a large file, you could upload it to FileLocker to enable others to securely download it.  If you need to share a group of files and folders, you could upload a ZIP file to FileLocker.

Here is a blurb from the FileLocker online help:

Learn how to share an uploaded file with anyone using a publicly available URL

1. After uploading a file, click on the file that you want to share and check the box next to “Public Share”.
2. Once the box is checked, you’ll be prompted to choose which email addresses should receive a link to the file you are sharing. You must also specify whether the share will expire after one use, or whether it can be downloaded repeatedly.
3. If the file may be downloaded repeatedly, you must specify a password that must be entered before the file can be downloaded. You will have to communicate this password to any intended recipients of the file through some other secure means (phone, encrypted email, etc).
4. Once you click share, a publicly accessible URL to download the file will be created, any email addresses you’ve entered will be sent an email notifying them that file is now available at the generated URL, and the URL will be displayed.
5. You may view the publicly accessible download URL and send it to additional people by email at any time after you share the file publicly by clicking on the “(view link)” text next to the Public Share checkbox.

You can find more information about FileLocker on these web pages:

https://it.purdue.edu/services/filelocker.php

Here is the direct link to the FileLocker login page (requires Purdue career account to log in):

https://filelocker.purdue.edu

Thank you and happy file sharing!

–Education IT

Purdue IT Security Incident Response

Dear College of Education,

The Education IT team recently attended Purdue IT Security Incident Response training.  Because some of you have access to restricted and/or sensitive Purdue data, we want to communicate our checklist for how we must respond to an IT Security Incident in your area.  We’re sorry for such a long email that follows.  The reality is that there is a lot going on behind the scenes in IT security and Purdue is legally bound by numerous federal, state and local laws to respond to IT security issues.  We feel it is important to pass some information along and keep everyone in the loop.  Please see the following PDF document:

http://social.education.purdue.edu/edit/wp-content/uploads/2012/04/2012-04-23-Purdue-IT-Security-Incident-Response.pdf

Thank you!

–Education IT (edit@purdue.edu)

⇒ Beware of email scams!!!

Dear College of Eduaction,

Email scammers are targeting Purdue again at the beginning of the semester!  If you receive an email message such as the one below asking you to provide account information or log into questionable web sites, please DO NOT click links or respond.  Simply delete the email.  If you have any questions, please feel free to contact the Education IT team.  Thank you and happy computing!!!  🙂

–Education IT, edit@purdue.edu

—–Original Message—–
From: aaaa @ bbb.com
Sent: 8/15/11 4:25 AM
Subject: Virus Detected

Virus Detected

A virus has been detected in your mail account and in other for
you not to loose your account, you are to click on the link below.
Failure to do this will loose his/her mail account.

http :// purdue-edu2.com/contactus.htm

Sign
Management

— or —

—–Original Message—–
From: Dinh Sy Hien [mailto:a @ b . c]
Sent: Tuesday, August 16, 2011 5:45 AM
Subject: URGENCY NEEDED

DEAR NETVIGATOR MAIL USER

WE ARE CURRENTLY UPGRADING ALL OUR NETVIGATOR MAIL ACCOUNTS,IN OTHER TO PROVIDE SPACE FOR NEW ACCOUNTS,YOU ARE REQUIRED TO LOG IN THE LINK BELOW TO UPGRADE YOURS:

http : // _________.com/contact-form-valisibor1-207194.html

SIGN BY
MANAGEMENT

— or —

—–Original Message—–
From: Microsoft Exchange [mailto:owa@purdue.edu]
Sent: Monday, August 22, 2011 4:53 PM
To: ———-
Subject: OWA: Your [mschmitt@purdue.edu] is on Restriction.

Purdue University
==================
We detected irregular action on your e-mail system on August 22, 2011.

As the Primary owner, you must verify your account activity before you
can continue using your account, and upon verification, we will remove any
restrictions placed on your account.

click on the link below:

https://owa.purdue.edu/owa/auth/login.aspx
[http://————-.——–.com/owa.purdue.edu/owa/auth/login.aspx.htm]

====================================================================
You can also forward your mail from any other e-mail accounts such as
Yahoo, Hotmail, etc. to your Webmail account so that your contacts won’t
have to memorize a new e-mail address and you can access all of your mail
in one place.  You can find forwarding instructions for your other e-mail
accounts in their online documentation.

Webmail service has reserved a system maintenance window of Saturdays from 4:00 a.m.
to 8:00 a.m. that will be used only if Webmail service needs to perform any work that
will take the system off-line. Otherwise, the e-mail system will
be available around the clock.
Thank You,
Microsoft Exchange

How To Block Spam Within Outlook

If you receive a large amount of spam email  from a specific sender, you can block that sender within Outlook.  Blocking a sender causes all email from that sender to automatically move into the Junk Mail folder.  To block a sender, simply follow these steps:

  1. Right click on the spam message in your list emails.
  2. Near the bottom of the pop-up menu, you should see Junk.
  3. Hovering over that with your mouse brings up multiple options.
  4. Click on Block Sender.

If a message is sent to your Junk E-Mail folder by mistake, you can follow the same steps and choose to never block the sender.

The bottom option on the pop-up list is for advanced options.  From there you can change options about links, suspicious domain names, and permanently deleting junk mail (not recommended), as well as deciding how strict filtering should be.  The other tabs at the top allow you to edit your safe and blocked senders lists.  You can add individual email addresses (spammer@spammer.com) or domain names (@whatever.com).  Adding domain names will allow/block all email addresses from that domain, no matter who sent it.

For more information please visit: http://office.microsoft.com/en-us/outlook-help/overview-of-the-junk-e-mail-filter-HP010355048.aspx

–Education IT

How To Block Spam With PureMessage

Occasionally spam email messages will slip through the Purdue PureMessage spam filter.  If there is a specific spam sender that you need to block, you can follow these steps to block the sender:

  1. Go to the PureMessage portal: https://spamq.purdue.edu
  2. Log in with your Purdue career account
  3. Click on the option labeled “Blocked Senders” (on the left)
  4. Add an email address to block (or you can block the entire domain using “@whatever.com”)

As long as the sender’s email address and/or domain does not vary (a technique spammers use), they should be blocked in the future.

–Education IT

Secure Destruction of Electronic Media

Did you know that Electronic media with University data on it must be physically destroyed? This means that not only must the data be destroyed beyond any ability to recover that data, but the physical media device (such as a jump drive, CD or DVD, or tape, etc.) must also be destroyed. Electronic media that has had University data on it may not be sold or given to anyone outside of the University.  For more info see:

http://www.purdue.edu/securePurdue/dataDestruction/howto.cfm#ElectronicMedia

Beware of Seasonal Scams and Malware

Dear College of Education,

As millions of shoppers begin looking for great deals this holiday season, the Education IT team wants to remind everyone to be on the lookout for scams, phishing schemes, and malware.  Below are a couple of articles that touch on the subject.   Be alert and have a restful and enjoyable holiday season!

–Education IT

Cyber Monday: Beware the malware

http://news.cnet.com/8301-27080_3-20023728-245.html

Scammers are ready for unsuspecting online shoppers to be hunting for holiday bargains that hit on what has become known as Cyber Monday (given that more than 40 percent of you will be buying holiday gifts online, according to this survey). There will no doubt be malware hiding on retail sites, fake sites created just for distributing viruses and Trojans, and e-mails with malware-laden attachments and links leading to nastiness…

See:  http://news.cnet.com/8301-27080_3-20023728-245.html

Holiday Season Phishing Scams and Malware Campaigns

http://www.us-cert.gov/current

added to us-cert.gov on November 18, 2010 at 02:17 pm

In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that take advantage of the winter holiday and holiday shopping season. US-CERT reminds users to remain cautious when receiving unsolicited email messages that could be part of a potential phishing scam or malware campaign.

These phishing scams and malware campaigns may include but are not limited to the following:

  • electronic greeting cards that may contain malware
  • requests for charitable contributions that may be phishing scams and may originate from illegitimate sources claiming to be charities
  • screensavers or other forms of media that may contain malware
  • credit card applications that may be phishing scams or identity theft attempts
  • online shopping advertisements that may be phishing scams or identity theft attempts from bogus retailers

US-CERT encourages users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns:

See:  http://www.us-cert.gov/current

How to Avoid the Latest Virus Threat – AntiVirus 2010

Computer viruses can be anywhere and infect our machines with just a single click of the mouse.  Using traditional Anti-Virus programs and guidelines (such as not opening strange emails, etc.) certainly help keep us protected.  However, a new threat has emerged that is particularly tricky: Antivirus 2010.        

Even though it claims to be good software, Antivirus 2010 is malware!!!        

Antivirus 2010 comes in many varieties, but they all have the same basic components.  The virus spreads via infected websites, and sometimes the only way to tell if a website is infected is when the virus tries to infect your machine.  The way it tries to install itself is very clever…     

The first thing that happens is that a screen will pop up saying that you are infected with a virus.  Typically, it looks something like this:        

AntiVirus 2010 warning (click to enlarge)

  

Now, most people’s first instinct is likely going to be to click on the “System Scan” or “Update Now” button to clean the infection.  However, clicking on either of those buttons will actually install the virus.  In fact, even clicking the red x at the top of the window may install the virus.  It will then start looking like it is actually scanning your computer.  However, it is just installing the virus.  Eventually, it will tell you that more viruses were found and that you need to purchase the full version of the software to fully clean your computer.  This is just an attempt to steal your credit card number.        

So, what should you do when you see this type of warning pop up on your computer?       

Actually, you should do exactly what you should do if you see the actual McAfee virus warning pop up on your computer (see screenshot below):    

Don’t click anything and call EdIT right away!    (Our phone number is 765-494-2658) 

Education IT will stop by and investigate and let you know if the warning is real.  Usually, if you haven’t clicked anything, we can shut down the computer and prevent the virus from installing.     

If it is actually McAfee telling you that there is a virus on your computer, then we need to see what the virus is in order to take care of it properly.        

This is what McAfee looks like. It is very similar to the virus screen. (click to enlarge)

  

Remember, a 10 minute visit by an Education IT staff member could save you from having to spend a day without your computer while it is being re-installed.  So don’t hesitate to give us a call:  765-494-2658  

Thank you and happy computing!!!    

— Education IT