Cyber Security

Information Security and Privacy is everyone’s business

Protecting the privacy and security of employee and learner information at Algonquin College is everyone’s job. Data Privacy Month in January exists to ensure every member of the College community has the knowledge and tools to do the job well.

The College employs its Cyber Security Unit (CSU) to protect learner and employee privacy. Senior Privacy Specialist Stefano Bianco says the team is engaged full-time in deploying state-of-the-art safeguards and technology that scans the College computer network for attacks in real time.

“There are thousands of attacks that our safeguards detect and intercept every day,” Bianco says, “but we still need the College community to be aware and alert and do its part to keep our systems secure.”

When people let down their guard, systems can be compromised. In the last phishing incident, the attackers used compromised accounts to send emails asking people to input their College credentials in a Google form.

“You will never receive an email from the College asking you to do this,” Bianco says. “No College employee will ask you for your College credentials and say they need them to fix something.”

Continue reading

Cyber Security Awareness Month

Students are invited to participate in Cyber Security Awareness Month, the annual October campaign aimed at raising awareness about cyber security risks. The theme for the 2021 CSAM is “Do Your Part. Life Happens Online. Be Cyber Smart.”.

Tips for Week 1: All internet connected devices and online accounts contain a lot of private and personal information about us, and are potentially vulnerable. It takes a lot more than a user name and password to keep your private account secure because of the innovative approaches that cyber criminals implement to bypass your credentials to access your information.

How can you better secure your private information and online accounts from these cyber criminals? Some simple tips you need to be aware of include:

  • Secure your home Wi-Fi or wired network by securing your home router;
  • Use strong passwords or passphrases. Use a minimum of 6-digit PINs for mobile phones and a minimum of 12-character passwords or passphrases for your online accounts;
  • Turn on strong authentication by enabling multi-factor authentication. This will make it difficult for cybercriminals to gain access to your account even if your credentials are compromised;
  • Share minimal information on social media so that cyber criminals do not glean information that can be used to gain unauthorized access to your accounts;
  • Protect your mobile devices from unauthorized access or theft. These include smartphones, tablets and even laptops.

Tips for Week 2: Own Your Online Presence

Our lives have been transformed digitally due to the number of connected devices we interact with. As a result, we have a lot of personal information in the cyber ecosystem than we know. Everything we do on the internet leaves a digital footprint behind. It is imperative that we take actionable steps to manage and protect the personal information we share online as a result of this digital transformation.

When you own your online presence, you are simply involved in managing your privacy by utilizing tools that can help you protect your personal information. This will help you control the amount of information you share online.

How can you own your online presence ? Some simple tips we need to be aware of are:

  • Your personal information is as valuable as money. You need to value and protect it.
  • Be cautious and cognizant about what you share and who you share it with. There are privacy and security settings on all web platforms and devices that you can leverage to limit the amount of information you share. Take charge of your online and device privacy and security settings by visiting this website for additional resources – https://staysafeonline.org/stay-safe-online/
  • Share information with care. An online post about yourself and others is like advertising on a public banner. Think about what it can reveal, who may see it and how it can be perceived both now and in the future.
  • Keep all security software, browsers and operating systems up to date. This will help you stay protected against data loss, or malware infections.

Be Cyber Smart, lock down your logins today and enjoy peace of mind.

Tip for Week 3: Privacy First

Cybersecurity and Privacy involves the protection of personal information, data, networks and devices from unauthorized access. Everything we do today relies on computer systems and the internet. Almost all our personal information is stored or shared on the internet via computers, or smartphones. It is a priority for you to know how to protect your information and that of the College.

Below are some simple tips to help you:

  • Use an antivirus software to protect you against malware and viruses.
  • Keep all your software and operating systems up to date, to protect you from vulnerabilities or weaknesses.
  • Use strong, long passwords or passphrases to protect you from a cyber criminal easily guessing your password and hacking into your account.
  • Double your login protection by enabling Multi-Factor Authentication to monitor and protect your accounts, and ensure that you are the only one who can gain access to them.
  • Protect your personal information by keeping your personal details private. Limit the information you share, and share it securely, only if it is necessary.
  • Constantly keep tabs on your apps by checking your app permissions to prevent them from gathering personal information from your device without your knowledge or approval.
  • When sending emails, double check email attachments and recipient addresses in the sender field. This will protect you from misdirecting emails or sharing sensitive files inadvertently.

Tip for Week 4: Fight the Phish

One risk of humans being technology immersed is the creation of digital footprints – the leaving of your personal information all over the Internet such as on publicly accessible social media platforms.

Cyber criminals will often use this personal information to conduct “Social Engineering” attacks such as “phishing”. They will send you an email with a malicious embedded link or attachment, the purpose of which is to capture sensitive information or place malware (including ransomware) onto your computer or mobile phone.

There are many types of phishing attacks –

  • Phishing – Cybercriminals trying to trick multiple recipients at once,
  • Spear Phishing – Carefully crafted phishing attacks, using your digital footprint information, aimed specifically at yourself,
  • Whaling – Phishing attacks directed towards large value targets such as executives,
  • Smishing – Phishing using texting (SMS), and
  • Vishing – Phishing using landline or mobile telephony.

Some of the common tactics to watch out for include –

  • Requesting sensitive information such as SIN, Date of Birth, user ID, or passwords,
  • Requesting you to click on a link (which may download malicious software on your device),
  • The message creates a sense of urgency for you to perform a specific action,
  • The message creates a feeling of fear if you do not perform a specific action,
  • An offer that appears too good to be true or requesting urgent assistance or help.

How do we protect ourselves?

  • Always check the “from” address by hovering your mouse over it. If it displays an unknown or unusual email address, be suspicious,
  • Do not click on any link or attachments unless you are certain it is from a trusted individual or entity,
  • Always verify who the individual or person the message came from, before acting on it,
  • Keep your antivirus software up to date,
  • Use different passwords or passphrases for different accounts,
  • Forward or report a suspected phishing email using the “Report Phishing” Icon located on your Microsoft Outlook email Quick access toolbar. If you do not have this icon (which looks like a fish), please contact the ITS Service Desk for assistance to install it.

For additional helpful resources, visit GetCyberSafe here.