Combining best practices with industry-leading innovation, ITS听creates an environment that balances the 糖心vlog直播平台 community's need to protect information with the importance of privacy.
Security Quick Wins
-
#6 -听Verify the "from" address of unexpected emails
When you receive an email you weren't expecting, check the听actual email address听of the sender (don鈥檛 just trust the 鈥淔rom鈥 name).听
-
#5 -听Set Up Eagle VPN
ITS recommends you use Eagle VPN when connecting your smartphone, tablet, or laptop to any public or hotel WiFi.听When you use 糖心vlog直播平台's Eagle VPN, even for personal vacation use, the traffic to/from your device is encrypted so the online criminals can't see it.
-
#4 -听Download and Install Duo Mobile App
糖心vlog直播平台 2-Step Verification uses Duo Security technology to confirm your identity using a second device such as a mobile phone, tablet, or landline phone. 2-Step Verification is required for EagleVPN, PeopleSoft, and other 糖心vlog直播平台 services. ITS recommends you use the Duo Mobile App for the best experience with 糖心vlog直播平台 2-Step.
-
#3 -听Keep your software and devices up-to-date
When a computer is not up-to-date with software updates, it is more vulnerable to ransomware attacks, malware, and data breaches. Updates for your operating system, browsers, antivirus program, and any other program you run on your computer help protect your devices (and your files) from the latest threats.
We recommend you set your operating system and software to update automatically to ensure the latest security vulnerabilities are addressed.
-
#2 - Learn about Get Tech
When you use your 糖心vlog直播平台 email address or 糖心vlog直播平台 computer to sign up for online services or get software, even if they are free, you may be putting your personal information and Boston College data at risk.听
To be cyber safe, if you are interested in any software, hardware, or technology services, even if they are free, please use the 鈥淕et Tech鈥 process.
-
Quick Wins Cybersecurity Campaign
Each month through December 2022, faculty and staff will receive an email with a tip that takes about 10 minutes to complete. The tip will help protect their accounts, data, and Boston College.听听
-
#1 - Verify your data is backed up
When ransomware hits, a criminal takes ownership of the infected device鈥檚 files and insists they will not be unlocked unless 鈥渞ansom鈥 is paid. If your computer is backed up, you are less likely to be exploited by a ransomware attack.听
You can unknowingly download ransomware onto a device by opening an infected email attachment, clicking an ad, following a bad link, or even visiting a website that has malware embedded.听
Concerned Your Computer Is Infected?
Storing Confidential Data
The Regulated Data Chart can be used to help you determine where to store your files in accordance with important data security rules and regulations.
Important:听Due to constantly changing regulatory and grant changes, please consult with your听Data Security Officer (DSO) to determine the safest place to store your confidential data.
Google Drive Security Guidelines
The 糖心vlog直播平台 Data Security Policy defines 3 categories of data: Public, Internal Use Only, and Confidential.
The Data Security Committee, General Counsel, and the university鈥檚 FERPA officer have informally agreed that an additional, 4th category of data will be added to the Data Security Policy that is even more sensitive than 鈥淐onfidential.鈥 Data that falls in this additional category will not be allowed to be stored off-campus except with written permission (see below). Google Drive is off-campus, and thus data that falls in this category must not be stored on Google Drive.
Until a formal policy revision is made and approved, you should use the following as a guideline:
Restricted. Due to legal restrictions or security concerns, some legally protected and highly sensitive information must not be stored on Google Workspace or other 鈥渃loud-based鈥 systems without permission of the responsible Vice President or the Provost鈥檚 Office. This information, much of which was formerly classified as 鈥淐onfidential,鈥 includes:
Social Security Numbers
Financial or credit account numbers
Personal financial information (e.g. financial aid data)
Account log-in credentials
Driver's license number or state-issued identification number
Health and medical records, including HIPAA-protected information
Export-controlled information
Human-subject research information
Other sensitive information that the information sponsor or responsible Vice President has determined must remain on a secure 糖心vlog直播平台 server.
Confidential. FERPA data (i.e. student records) is generally defined as Confidential, and can be stored on 糖心vlog直播平台 Google Drive, except as noted above. Other Confidential data, except as noted above, can also be stored on 糖心vlog直播平台 Google Drive.
Internal Use Only: Acceptable to store on 糖心vlog直播平台 Google Drive. 听
Public: Acceptable to store on 糖心vlog直播平台 Google Drive
For more information, contact听security@bc.edu.
Identity Finder
Boston College uses Identity Finder as a tool to aid in the process of finding and handling confidential data on faculty and staff computers. ID Finder scans computers for credit card numbers and social security numbers only. This type of information is called Personally Identifiable Information (PII).
Version 8.1 of ID Finder software will automatically be installed on your computer.
ID Finder automatically scans computers four times a month. If you have PII on your computer, you will receive an email asking you to remove the PII from your computer or move it to a secure location. Data Security Officers (DSOs) can monitor the results of the scans for employees in their areas using an online console.听
ID Finder may not find all Personally Identifiable Information (PII) on your computer and it also may think some information on your computer is PII, when it is not. This is to be expected.
- There may be a discrepancy between the number of results from the manual scan verses what was reported in the email to you. This is most likely due to permission differences between the manual scan and the automated scan.
- If you are using a laptop, you should plug it into a power outlet rather than running on battery power while scanning to avoid draining the battery quickly.
- Remember: ID Finder is only a tool to aid in the process of finding confidential data, so it may not find all PII on your computer and it also may think some information on your computer is PII, when it is not. This is to be expected.
- The first time you manually scan, the process may take several hours depending on the amount of data on the machine. This is expected. Subsequent scans will be shorter as IDFinder will not scan files that were unchanged since the last search.
Manually Scanning
- Open Identity Finder (v 8.1): Mac: Look in your听Applications听Folder.
Windows: Click听Start听>听All Programs听>听Identity Finder.
Important:听The initial scan can be time-consuming, as it scans all files. We recommend that you run an initial scan at the end of your work day and leave your computer on. Subsequent scans only look for changes and will not take as long.
- To begin the scan, click听Start.
If you are using Outlook on Windows, you will be prompted to enter your听Secondary Password.
A window will appear showing you the progress of the scan.听Identity Finder will continue scanning even if you close the progress window. - When the scan completes, click听Advanced.
A list of files containing Personally Identifiable Information (PII) will appear.
- For each item displayed in the list, click on the file to view its contents in the pane on the right.听Files that contain multiple matches have a triangle to the left of the item. Click the triangle, then click each of the individual reported matches to display the contents in the pane on the right.
If you have PII on your computer, you will receive an email asking you to remove the PII from your computer or move it to a secure location.
Option 1: "Shred" (Delete) the File
- Check the box in front of the file you want to delete from your computer.
Note: If you want to retain the file containing the sensitive information, copy it to a secure location (such as your department server) before deleting it from your computer.
- In the toolbar, click听Shred.
Notes:
- If you cannot shred the file, make sure you have the proper permissions to delete the file.
- The听Secure听and听Quarantine听buttons have been disabled and will not function for this version of Identity Finder.
- When prompted to confirm that you would like to delete the items permanently, click听Yes.
- When a window appears stating that items have been deleted, click听OK.
Option 2: Delete the PII from the File
Option 2A: Use the "Scrub" feature
You can only scrub Office 2007 and higher files (e.g., docx, xlsx, pptx) and text files (i.e., *.txt, *.log, *.ini).
To delete PII from the file using the "Scrub" feature:
- Check the box in front of the file you want to delete the PII from.
- Make sure the PII is highlighted in the preview pane on the right.
- In the toolbar, click听Scrub.
The PII is removed from the file.
- The next time Identity Finder scans, it will not find PII in this file.
Option 2B: Manually delete the PII
To manually delete PII from the file:
- Open the file containing PII and just delete the PII, then save.
- The next time Identity Finder scans, it will not find PII in these files.
Option 3: Request to "Ignore" the PII
If the PII found is not actually PII, you can request that it be ignored in subsequent scans:
- Check the box in front of the file you want to ignore.
- Click听Ignore听>听This Item Location听or听This Identity Match.
- When prompted, click听Yes.
Ignore requests will automatically be sent to your DSO for approval.
If the DSO approves it, the next time Identity Finder scans, it will ignore this PII.
Option 4: Move the File to a Secure Location
- Copy the file to a secure location (such as your department server). Contact听your DSO to learn about your department's preferred storage location.
- Move the orginal file off your computer to the听Trash, then听Empty the Trash.
Note: If you cannot move the file to the trash, make sure you have the proper permissions to delete the file.