[8102] in Security FYI
[IS&T Security-FYI] SFYI Newsletter, September 10, 2013
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Tue Sep 10 09:18:45 2013
Resent-From: ist-security-fyi@MIT.EDU
From: Monique Yeaton <myeaton@MIT.EDU>
To: ist-security-fyi <ist-security-fyi@MIT.EDU>
Date: Tue, 10 Sep 2013 13:14:35 +0000
Message-ID: <3ACED3B2A8CEFB4598A845F07FD4A05F323BA850@OC11EXPO24.exchange.mit.edu>
Content-Language: en-US
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0522044858=="
Errors-To: ist-security-fyi-bounces@MIT.EDU
--===============0522044858==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_3ACED3B2A8CEFB4598A845F07FD4A05F323BA850OC11EXPO24excha_"
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F323BA850OC11EXPO24excha_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
In this issue:
1. September 2013 Security Updates from Microsoft
2. Security Tip: Backups and Recovery
3. Data Security for Online Classrooms
---------------------------------------------------------------------
1. September 2013 Security Updates from Microsoft
---------------------------------------------------------------------
Microsoft is planning to release 14 new security bulletins<http://technet.m=
icrosoft.com/en-us/security/bulletin/ms13-sep> on Tuesday, September 10.
The systems affected:
* Microsoft Outlook 2007 and 2010
* SharePoint
* Internet Explorer
* Windows (all versions)
* Office
It is recommended to accept the updates. MIT WAUS subscribers will receive =
the updates after they have been tested for compatibility.
----------------------------------------------------
2. Security Tip: Backups and Recovery
----------------------------------------------------
This OUCH! newsletter issue<http://www.securingthehuman.org/newsletters/ouc=
h/issues/OUCH-201309_en.pdf> (.pdf) on backups and recovery covers the impo=
rtant steps you can take to protect your information.
Backing up and recovering from a stored backup allow you to recover your da=
ta when something goes wrong, such as:
* Hard drive failures
* Accidental file deletions
* Stolen or lost devices
* Malware infections
Learn more about backup options at MIT<https://ist.mit.edu/backup>.
----------------------------------------------------
3. Data Security for Online Classrooms
----------------------------------------------------
Online learning and classrooms are now a way of life. Many teachers are usi=
ng online learning tools for their classes. But in this Internet age, we kn=
ow that with these new technologies come additional risks, especially to ou=
r privacy.
In a NY Times article<http://www.nytimes.com/2013/06/23/business/data-secur=
ity-is-a-classroom-worry-too.html>, Mr. Porterfield, a parent of elementary=
school students, who happens to also be an engineer at Cisco Systems, talk=
s about how he did a bit of his own research when he heard that his kids' t=
eachers were using an online learning network. He found that the site did n=
ot encrypt user sessions using a standard encryption protocol called Secure=
Sockets Layer (or SSL for short).
SSL protects many sites, such as those for online banking and e-commerce. W=
hen logged in over an open (unencrypted) Wi-Fi network, SSL protects your p=
ersonal information from snoopers.
Even if the information being shared on a site is not necessarily secret in=
formation, according to Mr. Porterfield, "There's a lot of contextual infor=
mation you could use to gain trust, to make yourself seem familiar to the c=
hild. As a parent, that's the scariest thing."
Learn more about protecting a child's privacy. Take the Securing the Human =
course "Beyond Basics" that discusses the dangers children face when online=
. To access the course in the SAP Learning Center<http://web.mit.edu/sapweb=
ss/PS1/training_home.shtml>, you need an MIT certificate, and make sure the=
browser pop-up blocker is turned off.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Read all Security FYI Newsletter articles and submit comments online at htt=
p://securityfyi.wordpress.com/.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D
Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F323BA850OC11EXPO24excha_
Content-Type: text/html; charset="us-ascii"
Content-ID: <994F8BCD28EC1D4CBEC090149EA525B9@exchange.mit.edu>
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-lin=
e-break: after-white-space; color: rgb(0, 0, 0); font-size: 14px; font-fami=
ly: Garamond, sans-serif; ">
<div>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; ">In thi=
s issue:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. September 2013 Securi=
ty Updates from Microsoft </p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Security Tip: Backups=
and Recovery</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. Data Security for Onl=
ine Classrooms</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
---------------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">1. September 2013 Securi=
ty Updates from Microsoft </p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
---------------------------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Microsoft is planning to=
release 14 new
<a href=3D"http://technet.microsoft.com/en-us/security/bulletin/ms13-sep">s=
ecurity bulletins</a> on Tuesday, September 10. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">The systems affected:</p=
>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<ul>
<li style=3D"margin: 0px; font-family: Helvetica; ">Microsoft Outlook 2007 =
and 2010
</li><li style=3D"margin: 0px; font-family: Helvetica; ">SharePoint </li><l=
i style=3D"margin: 0px; font-family: Helvetica; ">Internet Explorer </li><l=
i style=3D"margin: 0px; font-family: Helvetica; ">Windows (all versions) </=
li><li style=3D"margin: 0px; font-family: Helvetica; ">Office </li></ul>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">It is recommended to acc=
ept the updates. MIT WAUS subscribers will receive the updates after they h=
ave been tested for compatibility.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
----------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">2. Security Tip: Backups=
and Recovery</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
----------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">This <a href=3D"http://w=
ww.securingthehuman.org/newsletters/ouch/issues/OUCH-201309_en.pdf">
OUCH! newsletter issue</a> (.pdf) on backups and recovery covers the import=
ant steps you can take to protect your information. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Backing up and recoverin=
g from a stored backup allow you to recover your data when something goes w=
rong, such as:</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<ul>
<li style=3D"margin: 0px; font-family: Helvetica; ">Hard drive failures </l=
i><li style=3D"margin: 0px; font-family: Helvetica; ">Accidental file delet=
ions </li><li style=3D"margin: 0px; font-family: Helvetica; ">Stolen or los=
t devices </li><li style=3D"margin: 0px; font-family: Helvetica; ">Malware =
infections </li></ul>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; "><a href=3D"https://ist.m=
it.edu/backup">Learn more about backup options at MIT</a>.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
----------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">3. Data Security for Onl=
ine Classrooms</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">------------------------=
----------------------------</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Online learning and clas=
srooms are now a way of life. Many teachers are using online learning tools=
for their classes. But in this Internet age, we know that with these new t=
echnologies come additional risks,
especially to our privacy.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">In a <a href=3D"http://w=
ww.nytimes.com/2013/06/23/business/data-security-is-a-classroom-worry-too.h=
tml">
NY Times article</a>, Mr. Porterfield, a parent of elementary school studen=
ts, who happens to also be an engineer at Cisco Systems, talks about how he=
did a bit of his own research when he heard that his kids' teachers were u=
sing an online learning network.
He found that the site did not encrypt user sessions using a standard encr=
yption protocol called Secure Sockets Layer (or SSL for short). </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">SSL protects many sites,=
such as those for online banking and e-commerce. When logged in over an op=
en (unencrypted) Wi-Fi network, SSL protects your personal information from=
snoopers.</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Even if the information =
being shared on a site is not necessarily secret information, according to =
Mr. Porterfield, "There's a lot of contextual information you could us=
e to gain trust, to make yourself seem
familiar to the child. As a parent, that's the scariest thing."</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; ">Learn more about protect=
ing a child's privacy. Take the Securing the Human course "Beyond Basi=
cs" that discusses the dangers children face when online. To access th=
e course in the
<a href=3D"http://web.mit.edu/sapwebss/PS1/training_home.shtml">SAP Learnin=
g Center</a>, you need an MIT certificate, and make sure the browser pop-up=
blocker is turned off. </p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Helvetica; min-height: 17px; "><br>
</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
<p style=3D"margin: 0px; font-family: Arial; ">Read all Security FYI Newsle=
tter articles and submit comments online at
<a href=3D"http://securityfyi.wordpress.com/">http://securityfyi.wordpress.=
com/</a>.</p>
<p style=3D"margin: 0px; font-family: Arial; ">=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D</p=
>
</div>
<div><br>
</div>
<div><span class=3D"Apple-style-span" style=3D"border-collapse: separate; f=
ont-family: Calibri; font-size: medium; border-spacing: 0px; "><span class=
=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacing: 0=
px; font-family: Helvetica; font-size: 14px; ">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line=
-break: after-white-space; ">
<span class=3D"Apple-style-span" style=3D"border-collapse: separate; border=
-spacing: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse:=
separate; border-spacing: 0px; "><span class=3D"Apple-style-span" style=3D=
"border-collapse: separate; border-spacing: 0px; "><span class=3D"Apple-sty=
le-span" style=3D"border-collapse: separate; border-spacing: 0px; "><span c=
lass=3D"Apple-style-span" style=3D"border-collapse: separate; border-spacin=
g: 0px; "><span class=3D"Apple-style-span" style=3D"border-collapse: separa=
te; border-spacing: 0px; font-size: 12px; ">
<div><br>
</div>
<div>Monique Yeaton</div>
<div>IT Security Communications Consultant</div>
<div>MIT Information Services & Technology (IS&T)</div>
<div>(617) 253-2715</div>
<div>http://ist.mit.edu/security</div>
<div><br class=3D"khtml-block-placeholder">
</div>
<br class=3D"Apple-interchange-newline">
</span></span></span></span></span></span></div>
</span></span></div>
</body>
</html>
--_000_3ACED3B2A8CEFB4598A845F07FD4A05F323BA850OC11EXPO24excha_--
--===============0522044858==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============0522044858==--
