[3472] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, January 28, 2013
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Mon Jan 28 14:36:18 2013
Resent-From: ist-security-fyi@mit.edu
From: Monique Yeaton <myeaton@mit.edu>
To: ist-security-fyi <ist-security-fyi@mit.edu>
Date: Mon, 28 Jan 2013 19:34:53 +0000
Message-ID: <3ACED3B2A8CEFB4598A845F07FD4A05F10F7A426@OC11EXPO24.exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Cc: "itss@mit.edu" <itss@mit.edu>
Content-Type: multipart/mixed; boundary="===============1253469169=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============1253469169==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_3ACED3B2A8CEFB4598A845F07FD4A05F10F7A426OC11EXPO24excha_"
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F10F7A426OC11EXPO24excha_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. Securing Your e-W2 Tax Forms
2. Laptop Tags and Registration on January 30
3. Today is National Data Privacy Day
---------------------------------------------
1. Securing Your e-W2 Tax Forms
---------------------------------------------
It is tax time, which means we need our W2's. At MIT you can access your el=
ectronic W2's from SAP Self Service. As with any personal data you access o=
nline, there are measures you can take to minimize the risk of exposure.
The SAP Self Service website requires authentication via personal web certi=
ficates, and these are obtained with your MIT Kerberos username, a password=
and your MIT ID number. Make sure to never share your password with anyone=
, and make sure it is strong<http://kb.mit.edu/confluence/x/3wNt> and updat=
ed on a regular basis. You can also protect your web certificate with a pas=
sword.
After downloading your W2 and printing it out or submitting it for processi=
ng, you should clear your browser's history and cache<http://kb.mit.edu/con=
fluence/x/RYCR> and securely delete<http://kb.mit.edu/confluence/x/nEFB> th=
e W2 from your downloads folder.
If your files are backed up to an external drive, use a tool such as Identi=
ty Finder<http://kb.mit.edu/confluence/x/tAKL> to find social security numb=
ers and other sensitive data on your systems. Added protection can be obtai=
ned by encrypting<http://kb.mit.edu/confluence/x/HZIBCQ> your computer.
Printing from an MIT printer may bring risks as well. Check with your local=
IT support person to see if proper measures are in place to secure or remo=
ve files stored in the printer's memory.
No system is 100% secure, even those with security measures in place. An at=
tacker may gain access, regardless of those measures. Therefore it is all o=
f our responsibility to think about security and to use proper hygiene on a=
computer. If we take steps to secure personal information, we can minimize=
the risks.
If you are concerned, use strong passwords, access personal information onl=
ine only when using a protected computer or an encrypted network (such as a=
home network, protected by a password, or via the MIT VPN<http://ist.mit.e=
du/vpn>) and use the hygiene recommendations listed in this article by foll=
owing the steps linked to in the Knowledge Base.
--------------------------------------------------------------
2. Laptop Tags and Registration on January 30
--------------------------------------------------------------
In collaboration with the MIT Police, IS&T is providing a monthly opportuni=
ty to have laptops registered and tagged with a STOP tag.
The next upcoming tagging event is this Wednesday, January 30th, from 11:00=
am to 1:30 pm in E17-121.
Learn more about this laptop theft prevention program<http://kb.mit.edu/con=
fluence/x/e4CSAw>.
--------------------------------------------------
3. Today is National Data Privacy Day
--------------------------------------------------
January is Data Privacy Month<http://kb.mit.edu/confluence/x/xpgBCQ> and it=
culminates in Data Privacy Day<http://www.staysafeonline.org/data-privacy-=
day/>, which is today, January 28th. The resolution for Data Privacy Day, w=
hen it was passed by the US House of Representatives, was to "raise awarene=
ss of data protection and privacy laws and of specific steps that can be ta=
ken to protect the privacy of personal information online."
It is important that users are aware that if they are online, information a=
bout them is out there, in one form or another. Whether it is your web brow=
sing history, which sites you subscribe to, your communications via the Int=
ernet or actual personal information (such as your name, address, age, etc)=
, you have likely left behind snippets of information about yourself online=
.
Data Privacy Day promoters try to empower people to protect and control the=
ir digital footprint. Learn what you can by visiting the above links and ed=
ucating yourself about the impact of digital data on your privacy.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Sincerely,
Monique Yeaton
IT Security Communications Consultant
Information Services & Technology, MIT
http://ist.mit.edu/security
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F10F7A426OC11EXPO24excha_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html dir=3D"ltr">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-8859-=
1">
<style id=3D"owaParaStyle" type=3D"text/css">P {margin-top:0;margin-bottom:=
0;}</style>
</head>
<body ocsi=3D"0" fpstyle=3D"1">
<div style=3D"direction: ltr;font-family: Tahoma;color: #000000;font-size: =
10pt;">In this issue:<br>
<br>
1. Securing Your e-W2 Tax Forms<br>
2. Laptop Tags and Registration on January 30<br>
3. Today is National Data Privacy Day<br>
<br>
<br>
---------------------------------------------<br>
1. Securing Your e-W2 Tax Forms<br>
---------------------------------------------<br>
<br>
It is tax time, which means we need our W2's. At MIT you can access your el=
ectronic W2's from SAP Self Service. As with any personal data you access o=
nline, there are measures you can take to minimize the risk of exposure.<br=
>
<br>
The SAP Self Service website requires authentication via personal web certi=
ficates, and these are obtained with your MIT Kerberos username, a password=
and your MIT ID number. Make sure to never share your password with anyone=
, and make sure it is
<a href=3D"http://kb.mit.edu/confluence/x/3wNt" target=3D"_blank">strong</a=
> and updated on a regular basis. You can also protect your web certificate=
with a password.<br>
<br>
After downloading your W2 and printing it out or submitting it for processi=
ng, you should
<a href=3D"http://kb.mit.edu/confluence/x/RYCR" target=3D"_blank">clear you=
r browser's history and cache</a> and
<a href=3D"http://kb.mit.edu/confluence/x/nEFB" target=3D"_blank">securely =
delete</a> the W2 from your downloads folder.<br>
<br>
If your files are backed up to an external drive, use a tool such as <a hre=
f=3D"http://kb.mit.edu/confluence/x/tAKL" target=3D"_blank">
Identity Finder</a> to find social security numbers and other sensitive dat=
a on your systems. Added protection can be obtained by
<a href=3D"http://kb.mit.edu/confluence/x/HZIBCQ" target=3D"_blank">encrypt=
ing</a> your computer.<br>
<br>
Printing from an MIT printer may bring risks as well. Check with your local=
IT support person to see if proper measures are in place to secure or remo=
ve files stored in the printer's memory.<br>
<br>
No system is 100% secure, even those with security measures in place. An at=
tacker may gain access, regardless of those measures. Therefore it is all o=
f our responsibility to think about security and to use proper hygiene on a=
computer. If we take steps to secure
personal information, we can minimize the risks. <br>
<br>
If you are concerned, use strong passwords, access personal information onl=
ine only when using a protected computer or an encrypted network (such as a=
home network, protected by a password, or via the
<a href=3D"http://ist.mit.edu/vpn" target=3D"_blank">MIT VPN</a>) and use t=
he hygiene recommendations listed in this article by following the steps li=
nked to in the Knowledge Base.<br>
<br>
<br>
<br>
--------------------------------------------------------------<br>
2. Laptop Tags and Registration on January 30<br>
--------------------------------------------------------------<br>
<br>
In collaboration with the MIT Police, IS&T is providing a monthly oppor=
tunity to have laptops registered and tagged with a STOP tag.
<br>
<br>
The next upcoming tagging event is this Wednesday, January 30th, from 11:00=
am to 1:30 pm in E17-121.
<br>
<br>
<a href=3D"http://kb.mit.edu/confluence/x/e4CSAw" target=3D"_blank">Learn m=
ore about this laptop theft prevention program</a>.<br>
<br>
<br>
<br>
--------------------------------------------------<br>
3. Today is National Data Privacy Day<br>
--------------------------------------------------<br>
<br>
January is <a href=3D"http://kb.mit.edu/confluence/x/xpgBCQ" target=3D"_bla=
nk">Data Privacy Month</a> and it culminates in
<a href=3D"http://www.staysafeonline.org/data-privacy-day/" target=3D"_blan=
k">Data Privacy Day</a>, which is today, January 28th. The resolution for D=
ata Privacy Day, when it was passed by the US House of Representatives, was=
to "raise awareness of data protection
and privacy laws and of specific steps that can be taken to protect the pr=
ivacy of personal information online."<br>
<br>
It is important that users are aware that if they are online, information a=
bout them is out there, in one form or another. Whether it is your web brow=
sing history, which sites you subscribe to, your communications via the Int=
ernet or actual personal information
(such as your name, address, age, etc), you have likely left behind snippe=
ts of information about yourself online.
<br>
<br>
Data Privacy Day promoters try to empower people to protect and control the=
ir digital footprint. Learn what you can by visiting the above links and ed=
ucating yourself about the impact of digital data on your privacy.<br>
<br>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D<br>
Read all Security FYI Newsletter articles and submit comments online&n=
bsp;at <a href=3D"http://securityfyi.wordpress.com/">
http://securityfyi.wordpress.com/</a>.<br>
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D<br>
<div><br>
<br>
Sincerely,<br>
<br>
<div style=3D"font-family:Tahoma; font-size:13px">
<div class=3D"BodyFragment"><font size=3D"2">
<div class=3D"PlainText">Monique Yeaton<br>
IT Security Communications Consultant<br>
Information Services & Technology, MIT<br>
http://ist.mit.edu/security</div>
</font></div>
</div>
</div>
</div>
</body>
</html>
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F10F7A426OC11EXPO24excha_--
--===============1253469169==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1253469169==--
