K-Staters who handle credit card information should attend this Friday’s IT security roundtable on credit card security if they missed the same seminar given Jan. 14. The Feb. 11 seminar is 9-10 a.m. in Hale 501 (the Hemisphere Room) and presented by Harvard Townsend, K-State’s chief information security officer.
Due to popular demand, the IT security roundtable on protecting credit card information will be repeated 9-10 a.m. Friday, Feb. 11, in Hale 501. This is a repeat of the seminar given Jan. 14 on the Manhattan campus and Feb. 1 on the Salina campus.
The payment card industry (PCI) has rather strict security requirements for any merchant that accepts credit cards for payment. If your department at K-State accepts credit card payments, then you must comply with these data security standards (DSS), for which version 2.0 was recently published.
A recent stolen laptop incident in Oklahoma City underscores the importance of regularly backing up your laptop’s data files. A husband-wife team of cancer researchers at the University of Oklahoma went into a Panera restaurant for a bite to eat and came out to discover their car window shattered and their laptop gone. That’s disheartening enough, but the laptop contained years of research data accumulated in their search for a cure for prostate cancer.
It gets worse — an article about the incident states: “Unfortunately, most of the data was never backed up, a mistake Shin said could be a major setback in the fight against cancer.”
K-State broke a record in 2010, but it is not a record to be proud of: 445 K-Staters were tricked into giving away their passwords to criminals in response to spear-phishing scam e-mails. The criminals then used the stolen information to sign in to webmail and send thousands of spam messages.
Obviously, the first thing on this semester’s top-six security list must be:
Never give your password to anyone in an e-mail message! K-State was plagued by 406 instances of phishing scams in 2010 (compared to 296 in 2009) that try to trick people into replying with their eID password. The hackers responsible for these scams are relentless! If you remember this one simple rule, you can prevent becoming a victim: K-State IT support staff will never ask for your password in an e-mail, nor will any legitimate business or organization. If you get such an e-mail, just delete it. The same holds if you get an email with a link to a web form that asks you to fill in your username and password – don’t do it!
The next SIRT-sponsored IT security roundtable is 9-10 a.m. Friday, Jan. 14, in Hale 301 on the topic of protecting credit card information. The payment card industry (PCI) has rather strict security requirements for any merchant that accepts credit cards for payment.
If your department at K-State accepts credit card payments, then you must comply with these data security standards (DSS), for which version 2.0 was recently published.
Burglaries typically increase during holiday times in Manhattan since criminals know many homes and apartments will be empty, some for an extended period of time. Don’t make it easier for the burglars by advertising when you’ll be gone on Facebook or other social networks.
Arrests in New Hampshire earlier this fall underscore the importance of avoiding posts like “Heading home now to spend the holiday with my family. C u next semester, Manhattan” which tell potential burglars exactly when you’re leaving and approximately when you’ll be back.
The next SIRT-sponsored IT security roundtable will be in 9-10 a.m. Friday, Jan. 14, 2011, in Hale 301 on the topic of protecting credit card information. The payment card industry (PCI) has rather strict security requirements for any merchant that accepts credit cards for payment. If your department at K-State accepts credit card payments, then you must comply with these data security standards (DSS), for which version 2.0 was recently published.
Harvard Townsend, K-State’s chief information security officer, will provide an overview of PCI DSS 2.0 and plans for compliance at K-State. This primer will benefit both the staff who handle credit card transactions for a department as well as the IT staff who support the technology associated with credit card payments.
State of Kansas policy now requires that all state employees receive annual training in IT security. K-State is in the final stages of testing and refining an online training course that will meet this requirement and be made available to all faculty, staff, and students by the end of this semester. It covers basic IT security topics everyone needs to know to properly protect K-State information as well as yourself and your colleagues.
On Tuesday, Oct. 19, more than five tons of paper was collected for shredding and recycling as part of the first annual “Shred Day” sponsored by Information Technology Services. Document Resources collected 10,800 pounds from 39 different departments and took the material to their secure facility to shred and then recycle.
K-State’s Salina campus is up next. Document Resources’ trucks will be there 9 a.m.-noon Tuesday, Nov. 2, to collect paper from the College of Technology and Aviation. Like the Manhattan campus, questions about records retention should be directed to the university archivist, Tony Crawford (arcford@k-state.edu, 532-7466). Other questions about the Salina event, such as where to bring the paper, should be directed to Bill Chestnut (chestnut@k-state.edu, 785-826-2666).
As it has done for several years, the SANS Internet Storm Center (ISC) participates in National Cybersecurity Awareness Month each October by posting daily IT security tips. This year, the tips focus on “securing the human” in recognition of the critical role people play in an organization’s security posture, as well as protecting your personal information and that of your family at home.
The daily tips will be organized into four categories:
Week One (Oct. 1-9): Parents and extended family
Week Two (Oct. 10-16): Children, schools, and young friends