CofC Logo
Ask the Cougar

Archives For Security

New MyCharleston Password Recovery Functionality

By Monica Lavin
Posted on 10 August 2015 | 11:59 am

*At this time, Information Technology will postpone the MyCharleston Password Recovery Implementation that was originally scheduled for tomorrow, Wednesday August 19th, until after the start of classes. We will keep the campus informed of the new implementation date.

We are excited to announce an upcoming improvement to your MyCharleston password recovery experience. We are implementing a functionality that will allow you to manually recover your Cougars password by answering a series of questions. You will no longer need to contact Helpdesk to recover or reset your Cougars password. This new functionality also improves the security of the password recovery process.

When Information Technology implements this new functionality, you will be asked to complete your recovery profile when you first log into MyCharleston. You’ll be asked to answer a series of eight questions.

Please keep the following in mind:

  • You will only have to set up your recovery profile once.
  • If you forget your password, you’ll be prompted to answer two of the eight questions to recover your password manually.
  • The login process will not change.
  • All eight questions must be answered.
  • No duplicate answers will be accepted.

If you have any questions, please contact the IT Helpdesk at (843) 953-3375 or by emailing Helpdesk@cofc.edu.

Phishing Attempt

By Monica Lavin
Posted on 29 June 2015 | 10:11 pm

Information Security has been alerted to a Phishing email that is being delivered to accounts at the College. This does not indicate that your account has been compromised. The e-mail has the subject: “Fraudulent CC charge from XXXXXXXX@cofc.edu.

The body reads:

“I have this $582 charge on my card from XXXXXXXX@cofc.edu

I am attaching my credit card statement, please cross reference it with your data and tell me what this is.

I wanted to contact you before I call the authorities.

Regards,

Derek L. Cody”

The email is being delivered with an attached file titled “Statement.doc”

Please do not open the attachment and immediately delete the email and empty your “Trash” folder.

If you have any questions or concerns, please contact the Information Technology Helpdesk at (843) 953-3375 or by emailing helpdesk@cofc.edu.

Holiday Season Phishing Scams and Malware Campaigns

By Monica Lavin
Posted on 2 December 2014 | 8:08 am

The Information Security team would like to share some Holiday Information Security Tips provided by the United States Computer Emergency Response Team (US-CERT). This is an especially active time for scammers!

As the holidays approach, we would like to remind you to be aware of seasonal scams and cyber campaigns, which may include:

  • electronic greeting cards that may contain malware
  • requests for charitable contributions that may be phishing scams and may originate from illegitimate sources claiming to be charities
  • screen savers or other forms of media that may contain malware
  • credit card applications that may be phishing scams or identity theft attempts
  • online shopping advertisements that may be phishing scams or identity theft attempts from bogus retailers
  • shipping notifications that may be phishing scams or may contain malware

We also encourage you to use caution when encountering these types of email messages and take the following preventative measures to protect yourself:

Improve Your Cybersecurity

By Monica Lavin
Posted on 8 October 2014 | 2:16 pm

Security is an essential element of software design, development, testing, and maintenance. The software we use every day on our phones, tablets, and computers may have vulnerabilities that can compromise our personal information and privacy.

How we use our IT products and devices is important. From locking our portable devices to making sure that all devices have the latest operating systems, patches and anti-virus software, users should always take advantage of their products’ existing security features.

You can take a few steps to improve your cybersecurity. For instance, when purchasing software or hardware, users should:

  • Install and maintain vendor-distributed patches or updates
  • Ensure they are using the latest operating systems on their computers and mobile devices
  • Be aware of vulnerabilities that may exist

October is National Cyber Security Awareness Month. The Department of Homeland Security is hosting a Twitter Chat on Thursday, October 9th at 3:00PM EST. For more information, please visit: http://www.dhs.gov/national-cyber-security-awareness-month-2014-week-two.

Cyber Security Awareness Poster

Source: http://www.dhs.gov/

Outlook Web App Security Features

By Monica Lavin
Posted on 27 May 2014 | 2:19 pm

One of the security features of the Outlook Web App (OWA) is your ability to monitor and administer all of the devices that you may use to connect to your College email account. With OWA, you can ensure that only the devices that you have authorized to sync are connected, as well as delete the accounts of old devices no longer in use, or which have become lost or stolen, in order to protect personal information. These security features are common to all Exchange servers and mobile devices.

The Android device will alert you if you add your Exchange email account to your phone. In order to proceed with the installation of the account, you must approve of the notification that the “Exchange server requires that you allow it to remotely control some features…”. You must approve of this requirement in order to connect to the College’s server.  Details of the notification may differ, but it may include any of the following:

  • Erase all data
  • Set password rules / Limit password
  • Monitor screen-unlock attempts / Watch login attempts
  • Lock the screen / Force lock
  • Set lock-screen password expiration
  • Set storage encryption

You can access all of these features by:

  • Logging on to OWA webmail
  • Click on the Options drop down box in the upper right corner, then click See All Options
  • Click the Phone link
  • You will see all of the mobile devices that you have connected to your CofC Outlook account.  You will also be presented with options that will allow you to administer, manage, wipe or disconnect each mobile device that you own as well as check their status.

If you have any questions, please contact the Information Technology Helpdesk at (843) 953-3375 or by emailing helpdesk@cofc.edu.

Cyber Safety and Tax Season

By Monica Lavin
Posted on 15 April 2014 | 8:50 am

The end of tax season is the prime time for hackers. If you file your taxes electronically, Information Technology would like to offer a few helpful tips during this time.

  • Never provide your Social Security Number (SSN) over email, even to a legitimate company with a legitimate reason to ask for it, unless the email is encrypted on both sides.
  • If you receive an email that contains personal identifiable information (PII), you should not reply or forward the email until you have deleted all of the PII.
  • If you simply MUST email a document, redact or remove the first five digits of your SSN before you send it. The format would look like this: XXX-XX-1234.
  • Be cautious of phishing emails asking you to log-in and check the status of a tax return. The hackers are hoping that you provide personal or financial information. Don’t take the bait!

Please note that if you send personal information over email, it’s possible for any number of people to grab it in transit.

As always, we encourage you to review the College of Charleston Privacy Policy (http://policy.cofc.edu/documents/11.1.pdf) and the Data Loss Prevention (DLP) Policy (http://policy.cofc.edu/documents/10.19.pdf) before you send information via College email systems.

If you have any questions or concerns, please contact the Information Technology Helpdesk at (843) 953-3375 or by emailing helpdesk@cofc.edu.

Data Loss Prevention (DLP) Policy Posted

By Hannah Swanson
Posted on 19 March 2013 | 10:13 am

The College of Charleston has approved and posted a new policy on Data Loss Prevention (DLP). The policy can be found at policy.cofc.edu/documents/10.19.pdf. Please be sure to review to policy and adjust your usage of College resources accordingly.  College resources exist for the purpose of conducing legitimate business for the College. The College is bound by state and federal law to protect certain information that is transmitted using College systems, hardware, and networks. Pursuant to these objectives, the College has a duty to actively prevent the loss of Protected Information. One method of fulfilling this duty is Data Loss Prevention (DLP).  Read more about DLP at it.cofc.edu/security/dlp/.

Skip to toolbar