Home » Security

Category Archives: Security

How to Shop Online Like a Security Pro

The Holidays are here. Read this article: https://krebsonsecurity.com/2018/11/how-to-shop-online-like-a-security-pro/ for some helpful hints when shopping online.

Learn IT @ Lunch Box Security Essentials: Followup Resources

Miss yesterday’s Learn IT @ Lunch session “Box Security Essentials” ? A recording is available online. Note: You may be prompted to update your MS Silverlight Plug-in to view the recording.

Resource materials are posted here: https://duke.box.com/v/BoxSecurityEssentials.

Our presenters: Matt Royal (OIT Collaborative Services) and Jay Gallman (Duke IT Security)

Seminar – DNS as Defense Vector

DNS enables everything else on the Internet — both good and bad. By watching what bad guys do with their DNS configurations and offering them differentiated (that is to say, poor) service, defenders can re-level the playing field in our favor. In this keynote address, Internet pioneer and CEO of Farsight Security, Inc., Dr. Paul Vixie, CEO of Farsight Security, will explain how the bad guys are exploiting DNS to commit fraud and other cybercrime and specific techniques you can use i.e. DNSSEC, TSIG, RRL and RPZ to defend your organization.

DNS as Defense Vector
Tuesday, October 23
noon – 1:00 p.m.
Fitzpatrick Center Schiciano Auditorium Side B, room 1466

No registration is required.

Learn IT @ Lunch MFA Session: Followup Resources

Miss yesterday’s Learn IT @ Lunch session “MFA – because a good password isn’t enough” ? A recording is available online. Note: You may be prompted to update your MS Silverlight Plug-in to view the recording.

How NOT to fall for a phishing scam!

In observance of cybersecurity awareness month, Duke’s IT Security watchdogs offer advice on what to look for in scam emails. Read the full article on DukeToday: https://today.duke.edu/2018/10/how-not-fall-phishing-scam.

Test your phishing detection skills and you could win an AppleWatch

As part of National Cyber Security Awareness Month in October, Duke staff, faculty and students can take a quiz to test their phishing detection skills. All Duke users who take the quiz will be entered into a drawing to win an AppleWatch. In addition, any Duke users who report a phishing email to security@duke.edu in October will be entered into a separate drawing to receive a special gold challenge coin recognizing them as a Duke information security ambassador.

Throughout October, Duke’s IT Security Office will share tips and resources to help staff, faculty and students protect their digital security. In addition, Duke IT staff will present two Learn IT @ Lunch sessions and will be available at various on-campus events giving away webcam covers and other freebies. Read more in Working@Duke: https://today.duke.edu/2018/10/how-not-fall-phishing-scam.

For details and to take the quiz, visit https://security.duke.edu.

Sensitive Data Management for Researchers

Sensitive Data Management for Researchers workshop
Tuesday, October 9, 2018
11:30 a.m. – 1:00 p.m.
Room 223 Sanford School of Public Policy (Rhodes Conference Room)
Register Online

The goal of this session is to help you better understand best practices for projects that collect, store, and/or analyze data considered “sensitive.” We will discuss: common data types and sources; how Duke’s Institutional Review Board (IRB), Office of Research Support (ORS), and the Information Technology Security Office (ITSO) expect data to be protected throughout a project’s lifecycle; resources available for sensitive data storage and analysis; and how best to utilize those resources.

A variety of box lunches and drinks will be provided. If you have special dietary restrictions, email oit-training@duke.edu by Oct. 1.

Tips for Traveling with Technology

Traveling abroad this summer?  Duke experts offer information and help for safeguarding your mobile devices and more. Read this Duke Today story.

Learn IT @ Lunch Identity Theft: Followup Resources

Miss this week’’s Learn IT @ Lunch Session, “Protecting yourself against identity theft”? Watch a session recording online. Note: You may be prompted to update your MS Silverlight Plug-in to view the recording. Session slides are available in PDF format.

John Straffin (Duke IT Security) sharing tips to stay safe during tax season and all year through.

Additional MFA Requirements Added April 17

Students will be required to use Multi-Factor Authentication (MFA) on some services beginning April 17.

For students, MFA will be required to access DukeHub, Box, Sakai, and Outlook Web Access (OWA) to Office 365. They are already required to use it for Duke@Work, the Virtual Private Network (VPN), Virtual Computing Manager (VCM), and Teer Lab machines.

For faculty/staff, we will be adding MFA in front of OWA/Office 365 and Time and Attendance, when accessing these sites from off-campus (similar to what we did with Box). Time and Attendance is picking up the requirement due to it being “behind” the same authentication infrastructure as O365 (Microsoft ADFS).

If you have any questions, please ask the OIT Service Desk or the IT Security Office.