Digital Data Security

• Don't fall victim of a scam by responding to unexpected emails or text messages and don't click on any links or attachments within them.
• Make sure that your computer's firewall is active and up to date.
• Regularly check that your computer's operating system and software is up to date.
• Always, choose a password and secret answer that you will remember, but will not be easily guessed by anyone else.
• Secure sites have addresses that start with 'https' and a small padlock icon that appears in the status bar at the bottom of your browser window.
• When you visit any of our websites type the URL address into your browser. This will ensure you go to the correct site and not a spoof or fraudulent site.

Online fraud and phishing

There has been a steady rise in the volume of phishing attempts, which use fraudulent emails and websites to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, etc. Such attempts are increasingly professional and both the email and website may look entirely genuine, mimicking the trusted brand identity of the organisation involved. Banks, credit card agencies and online services such as  AIB, Bank of Ireland, eBay, and Paypal have been targeted.

To protect yourself

• Do not give out personal information in response to an unsolicited contact, whether by phone, e-mail or another medium
• Note that responsible organisations will never request such information by email
• You must be very careful when asked to give out security information such as a password, pin number or security code and be particularly suspicious if too much is asked for: increasingly banks only ask for partial information for example the third, fifth and first digit of a pin
• Do not be too reassured by the locked padlock icon on your browser: it simply means that the internet transaction is encrypted (and so very difficult to intercept) - not that it is going to the genuine site
• Although online fraud is increasing, be aware that most credit card fraud is still in restaurants: do not let your card out of your sight
• Note also that there is a rise in fraud through monitoring personal information at cash machines - do not use a cash machine if you see anything strange about it, there have been incidents where miniature cameras have been used to record pin numbers, while a realistic false front has been installed to record (or "skim") card details
• Be sure you are going to the correct site by typing the address yourself or by using your own personal bookmark
• You are recommended to delete the fraudulent message, though if you are particularly concerned, do feel free to report the matter, but do not attempt to engage in correspondence with the sender
• If an offer seems too good to be true, then it probably is not true, particularly if it is the promise of money from a lottery you have not entered or money for handling a large sum for somebody you have never met

Phishing

Phishing is a fraudulent activity designed to trick you into giving out your login details. Fraudsters can then use this information to log in to your account and steal information

Identifying a phishing email

• Be suspicious of any requests for personal or financial information.  We will never ask you to confirm your bank details or login information by email.
• 'Dear Student' - phishing emails are usually sent out in bulk and therefore are unlikely to contain your first name or surname
• Check the quality of the communication.  Misspelling, poor punctuation and bad grammar are often tell-tale signs of phishing.
• 'Failure to respond in 24 hours will result in your account being closed' these types of messages are designed to convey a sense of urgency to prompt a quick response.

Viruses and Trojans

• Viruses are harmful programs that disturb the way computers work. They come in many forms and can be attached to emails, disguised as innocent-looking programs and documents, or spread by infected websites.
• Viruses will try to either collect information about you and send it on to an unauthorised third party or damage your computer by removing important files or altering data.
• Trojans can detect passwords when you log into a website and credit card details when you shop online. Some advanced Trojans can direct you to fake pages or a spoofed website, tricking you into disclosing sensitive information.
• If your computer is affected by malware your personal and financial information could be easily compromised. There are a number of steps you can take to ensure that the information on your computer is safe.

Install anti-malware software

• Good anti-malware software will scan your incoming emails, the websites you visit and files you open, for known viruses.
• New viruses are discovered daily, so it is important that you set your anti-malware software to update at least every 2 or 3 days.

Turn on your Firewall

• A firewall is an essential barrier between your computer and the internet, preventing anyone from connecting to your computer without your permission. Most computers have inbuilt firewalls that will alert you if they are not turned on. There are other firewall products that can be downloaded and some will come as part of an antivirus package.
• Make sure your computer has a firewall installed and that it is always turned on.

Keep your operating system up to date

• Malware can be made to target security loopholes and flaws in your operating system and the software it runs.
• Most operating systems and software have an option to automatically check for updates when you connect to the internet; make sure this is turned on.
• Other software you use can be updated by checking the manufacturer's website.

Protect your wireless network

The wireless router which is used to connect your computer to the internet is the most common device that can be targeted by hackers to steal personal information from your computer. We don't advise using Wi-Fi hot spots to access your account. If you use a Wi-Fi network at home, make sure that it is secure.

Keep your mobile device up to date

If you are accessing your account using a smartphone or tablet device, always make sure that your device's firmware, operating system and apps are up to date.

Passwords

Tips for choosing a password

• Don't use something that people can easily guess about you eg. your name, date of birth, or the town you are from
• Always use a mixture of characters; letters and numbers
• Don't use the same password for different accounts
• Change your password regularly

Protect your identity

• Destroy all unwanted paperwork
• Keep valuable documents in a secure place
• Don't fall victim of a scam by responding to unexpected emails or text messages and don't click on any links or attachments within them

Website security

• When you log in your online account is protected by secure encryption to keep your information safe. Our secure sites have addresses that start with 'https' and a small padlock icon in the status bar at the bottom of your browser window.
• Double click the padlock symbol to view information confirming that the site is genuine.
• Always log out of our site when you have finished using it, and close the browser window. This ensures that your user session is closed properly.
• We recommend that when you visit any of our websites that you type the URL address into your browser. This ensures you are going to the correct site and not a spoof or fraudulent site.

Social networking

The nature of social networking sites such as Facebook and Twitter can create security risks. It is important to remain cautious when using them.

• Always create strong passwords for online accounts and update them regularly on social media sites. Longer passwords (8-10 characters) that contain letters, numbers and symbols are more secure. Avoid using the same password for multiple social media sites.
• Be cautious of the information you post publicly such as your Customer Reference Number, address or date of birth. Use the site's privacy settings to limit who can see your personal information and posts.
• Be careful who you befriend. You put yourself at risk by not taking the time to filter who you accept into your inner circle. Friend requests can be used by social bots to hack your network and by phishers trying to steal your personal information.
• Stay up to date with changes to your social network's settings as small changes can cause big problems. If a site decides to changes it's privacy settings or policy this could leave your personal details more publicly available than they had been previously.
• Review your social media profiles. Always consider how others may view the information you provide about yourself, your family and your friends and remember that social media sites are public resources.
• Don't fall victim to a scam by responding to unexpected emails or text messages and don't click on any links or attachments within them.
• Make sure that your computer's firewall is active and up to date.
• Regularly check that your computer's operating system and software is up to date.
• Always, choose a password and secret answer that you will remember, but will not be easily guessed by anyone else.
• Secure sites have addresses that start with 'https' and a small padlock icon that appears in the status bar at the bottom of your browser window.

When you visit any of our websites type the URL address into your browser. This will ensure you go to the correct site and not a spoof or fraudulent site

What do I do if I get a Ramsomware message?

If you receive a Ransomware notification on your computer, please power down the device and contact the Cyber Incident line immediately 01 - 700 7990.

You can also log a ticket with your name, location and contact phone number. 

Please add the subject of the email as 'Urgent - Ransomware attack'.

What is Ransomware?

Ransomware is a Malware/Virus that stops you from using your PC. It holds your PC or files for ransom. Ransomware can make its way onto a system through various means, with the victim ultimately downloading and installing a malicious application.

Once on the device, the malicious application will spread throughout the system and encrypt files on the hard drive or simply lock the system itself. In some cases, it may block access to the system by displaying images or a message across the device’s screen to persuade the user to pay the malware operator a ransom for the encryption key to unlock the files or system.

What does it look like and how does it work?

There are different types of ransomware, however  all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC.

They can:

• Prevent you from accessing Windows.
• Encrypt files so you can't use them.
• Stop certain apps from running (like your web browser).

They will demand that you do something to get access to your PC or files.

• Demand you pay money.
• Make you complete surveys.
• There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.

Malware Information

Short for "malicious software," malware refers to software programs designed to damage or do other unwanted actions on a computer system. Common examples of malware include viruses, worms, trojan horses, and spyware. Viruses, for example, can cause havoc on a computer's hard drive by deleting files or directory information. Spyware can gather data from a user's system without the user knowing it. This can include anything from the Web pages a user visits personal information, such as credit card numbers.

As Malware can have potentially devastating effects, it is vital that all computer users be aware of this an implement best practices to avoid infection. Malware also possesses the ability to propagate so that once they infect your computer they may be able to send themselves to every email address in your address book, clogging up the College email server. Malware may also propagate via shared folders on the College network disrupting various network facilities.

Anti-malware Procedures

Email

Information Systems Services have invested in comprehensive anti-malware scanning systems to ensure that all email entering and leaving college is scanned for known viruses and infected emails are quarantined or deleted where appropriate. Additionally, some file extensions which are known to be associated with viruses are blocked by the College Mail system.

Computers

DCU has a site licence for the installation of anti-malware software on all computers on the network. All computers attached to the college network are obliged to run up-to-date anti-malware software. Information Systems Services constantly monitor the college network for evidence of virus infections. Where a computer is identified as having a virus that may spread to other computers on the network, Information Systems Services may disable the computers network connection. Users who suspect that their network point has been disabled for this reason should log a ticket. Once ISS support staff have confirmed that the machine is clear of infection the computers network connection will be enabled again.

User Responsibilities

All users should install Anti-malware software and follow the instructions to ensure that their computer is protected from viruses. Please log a Request if you have any questions.

College Policy on Malware Management

College Policy states that Information Systems Services and users are equally obliged to exercise due care and vigilance in combating Malware. It is in the interests of all users to protect the information on their computers as some Malware can do irreversible damage such as deleting your files.

Security

DCU has published ICT Policies and Guidelines  which all university users are obliged to adhere to.

Click here to view ICT Policies and Guidelines 

This document outlines University Policy as well as advice on practical ways that all members of the university can help to protect the confidentiality, availability and integrity of university information technology resources.

IT Security Incidents are reported every year the most numerous of those being malware-related attacks and all users of the university network have a responsibility to ensure that they have taken all possible steps to avoid infection by malware, whether they are using university-owned or privately owned machines.

Anti-malware Procedures

Email

Information Systems Services have invested in comprehensive anti-malware scanning systems to ensure that all email entering and leaving college is scanned for known viruses and infected emails are quarantined or deleted where appropriate. Additionally, some file extensions which are known to be associated with viruses are blocked by the College Mail system.

Computers

DCU has a site licence for the installation of anti-malware software on all computers on the network. All computers attached to the college network are obliged to run up-to-date anti-malware software. Information Systems Services constantly monitor the college network for evidence of virus infections. Where a computer is identified as having a virus that may spread to other computers on the network, Information Systems Services may disable the computers network connection. Users who suspect that their network point has been disabled for this reason should log a ticket. Once ISS Services support staff have confirmed that the machine is clear of infection the computers network connection will be enabled again.

User Responsibilities

All users should install Anti-malware software and follow the instructions to ensure that their computer is protected from viruses. Please log a Request if you have any questions.

Encryption (Documents for Email)

Unencrypted email is not a secure way to transfer sensitive information regardless of the email solution or where that email solution may be hosted (either 'in the cloud' or 'on premises'). DCU's email solution, provided by Google, is not encrypted. Therefore, in common with most commercial email solutions, all data in an unencrypted email can be intercepted as it is sent over the internet.

ISS does not support encryption solutions that encrypt the data held in the header or body of emails as we do not feel that such solutions strike the appropriate security/usability balance for DCU. ISS will continue to monitor all developments within this area and welcomes suggestions and feedback from the DCU community in this regard.

ISS does support the encryption of attachments and we have outlined instructions on how to do this below. If you choose to encrypt attachments please pay particular attention to not include sensitive information in the body of your email.

Never share the encryption password by email even to a different email address. We suggest that you share the password by telephone, in person or by SMS. Please note that ISS will not have access or the ability to retrieve or reset the password you create. You should give consideration to backing up the data you propose to encrypt.

If encrypting attachments by any of the means proposed below is not an option for you, please speak to us and we will be happy to help.

1. • FileSender
   • • Filesender is a web-based application that works through your web browser provided by HeaNet
     • Filesender is a way to share large files or documents with anyone.
     • Filesender can send files up to 500 GB. This considerable sending power allows users to transfer large files with ease.
     • Files can be encrypted by clicking the encrypt option before sending the email.
     • Files sent by Filesender are available for download for up to 30 days after sending.
     • Files can be downloaded an unlimited amount of times over this period.
2.  
   

    

   • Encrypt a document with Office 365
   • • Open the Office file you wish to encrypt.
     • Click on “File” in the upper left-hand corner.
     • Click on “Info”.
     • Click on “Protect Document” then “Encrypt with Password”.
     • You will be prompted to enter a password to encrypt your document: 
     • We highly recommend following the DCU policy: “Guidelines for Creating a Secure Password”  for information pertaining to creating passwords.
     • You will be prompted to re-enter your password: 
     • Once your password is entered, you must save your document for the encryption to take Effect. Please note that if you forget your password, we cannot recover it, nor retrieve the information inside of your document. If you want to check and make sure that it works, close the document and re-open it:  

    

   • '7-Zip' Compression Software
   • • 7-Zip is an archive format, providing high compression ratio. 7-Zip supports encryption with AES-256 algorithm.
     • The software is available for free download from Software Center

Please remember:  Never email the encryption password.

If you forget your password, ISS can neither reset your password nor recover your files.

This Policy has been compiled to define the base level Password requirements for use within Dublin City University (DCU). The policy demonstrates DCU’s commitment to information security and its proactive approach to addressing risks within the campus.

DCU Password Policy

Important notes on Data

Data can be lost in several types of incidents, including computer malfunctions, theft, viruses, spyware, accidental deletion and natural disasters. So it makes sense to back up your files regularly.

  ISS recommend that you back up all important data to Google Drive

File backup

ISS recommend that the hard drive of your computer is not the only location of your data so we recommend using Google drive to backup your local data files. 

Please click on link below for more information about Google Drive

https://www.dcu.ie/iss/google-drive

What to do if a machine needs to be wiped/re-imaged ?

DCU Staff/students must fill in this Customer Backup Checklist form where current machines are being wiped/reinstalled for use or when transferring to a new machine. Note ISS will not be able to retrieve any unsaved user data once a machine is wiped/re-imaged.

ISS Staff Loan Laptops

ISS Staff loan laptops automatically delete all data stored on them.

If you are taking a loan of a laptop, please ensure that you have a separate copy of all data, such as presentations and documents.

Do not leave it on the laptop as it will be deleted and cannot be retrieved.

 Back up and recovery 

All servers and network drives are backed up each night by ISS.  The data is copied to a disk-based backup system (ExaGrid), using Veritas Netbackup. 

These backups are then duplicated to another ExaGrid backup server which is hosted in HEAnet’s data centre in Parkwest.   Therefore in the event of a major disaster destroying our two server rooms in DCU, we would be able to recover all data to the previous night.

The EX5000 servers use a technology called Deduplication and Replication.

Recovery

Data is retained for the following periods:

• • Daily backups (Monday to Thursday), are retained for two weeks
  • Weekly backups (Fri or Sat or Sun) are retained for five weeks
  • Monthly backups (every fifth weekend) are retained for six months

If files are lost or corrupted, the sooner we are informed, the better the chances of restoring.  If it is discovered within two weeks, we can restore to the previous night’s backup.  Any longer than that, we can only restore from the previous weekend or previous month, depending on the time that has elapsed.

Requests for Restores

The following information is required by ISS in order to restore files.

• • The name of the server where the files were stored, and the full name of the directory/folder which contained the files.
    
    eg. L:\Files\Common files
    
    To find your directory go to My Computer click on required network drive and again go to your folder.
    
    Then put your cursor on the top bar and press control button and A (select), next control button and C (copy) then control button and V (paste).
  • The date when the files were last known to exist, before they were deleted or corrupted.