Protecting our Devices from Malware, Hackers and Spies

Whether we are surfing the internet, checking our email or plotting directions, we live in a world where we are constantly plugged in. We share all kinds of data -- including photos and location -- with family, friends, apps and social media. All of these actions provide ample entry points for bad actors to access our personal information and create all kinds of problems for us.

At UAlbany, Information Technology Services (ITS) is responsible for maintaining a collection of tools to defend against a range of threats. The ITS information security team helps protect the confidentiality, integrity and availability of UAlbany’s digital assets.

UAlbany CISO Martin Manjak
CISO Martin Manjak

 

But the best way to keep your information safe is to understand the risks to your data and take steps to protect it. Chief Information Security Officer Martin Manjak offers additional insight on how UAlbany’s defensive measures protect the University’s data and what to do if you suspect you are being targeted by hackers.

Q: How does UAlbany protect its digital assets?

A: The University employs a number of different detective and preventative tools, such as firewalls and other resources, to defend against various threats targeting both individuals as well as data.

But even the best firewalls cannot prevent all cyber threats. This may include malicious emails targeting staff. The best defense against these is employee awareness.

Faculty and staff can contact [email protected] to participate in the training we offer to help employees recognize and properly respond to email-based threats.

Q: What are phishing schemes, and how do I report a suspicious email to ITS?

A: Phishing schemes and other social engineering scams are email-based attempts to fool you into performing a harmful action; clicking on a link, opening an attachment, or purchasing gift cards. In each case, the author of the message is posing as a trusted partner, in some cases as a known colleague or supervisor.

We make it easy for employees to report these messages. Clicking on the Phish Alert add-on in the Outlook client (or when using the Outlook Web App) will automatically send a copy of the message, along with any attachments, to the Information Security team, and delete the message from your account.

Q: How can I protect my personal information?

A: The best preventative measure is to be judicious in the information you share via social media. This information can be harvested and used to lend undeserved credibility to social engineering ploys targeting you, professional colleagues, and family members.

Next, make sure you secure the credentials (user names and password) that control access to your accounts and information. Here are a few best practices.

  • Use two factor authentication whenever it’s offered
  • Use unique passwords for all your accounts
  • Use a password manager such as Keepass or LastPass to store and remember your passwords
  • Don’t share your credentials with anyone else

UAlbany offers 2-factor authentication for students to keep their accounts more secure. To find out more, visit 2-step Login.