In light of recent hacking incidents, SIPS members are strongly urged to upgrade security on computer and mobile devices.
Recent incidents include a fraudulent email sent from a gmail account, purporting to be from SIPS Director Chris Smart. (If you received an email from email@example.com, please disregard). To avoid such incidents in the future, CIT staff recommend adoption of two-step authentication for Office 365. According to CIT, schools that have implemented this as mandatory have seen account compromise almost disappear.
- This is already required for access to services protected by CUWebLogin such as Workday, Box, Faculty Center, and Advisor Center. Consider enrolling or expanding the existing coverage of your two-step login.
- Learn more at https://it.cornell.edu/twostep/expand-where-you-use-two-step-login
- If you already are using two-step login but want to extend it to Office 365, go to: https://it.cornell.edu/twostep/opt-two-step-login-office-365.
Secure Password Management
- Did you know that Cornell has a free secure password management service? Are you using unoriginal passwords scribbled on a PostIt note for online banking and other sensitive transactions? Consider switching to LastPass!
- Learn more at https://it.cornell.edu/password-mgmt
Cornell IT also provides general information and tips on how to avoid online scams and fake emails, how to maximize your online privacy, and what to do if you think you’ve been hacked.
- General resources: IT security for Cornell faculty, staff, and students: https://it.cornell.edu/security-and-policy
- Specific questions: https://cals.cornell.edu/about/leadership/ofa/it/remedy/