University Moves to Restrict Common Words for Passwords

Password iconIn an effort to strengthen password security, starting December 19, 2022, any new password may not contain all or part of the user’s account name, common passwords, or words related to an SMU campaign that are vulnerable to password-guessing attacks. Continue reading University Moves to Restrict Common Words for Passwords

Security Site Update Kicks Off OIT Web Refresh Project

This week, the Office of Information Technology (OIT) launched an updated site for Information Security at smu.edu/infosec. The site received a new look, new content, easier navigation, and is now more mobile friendly. The new Information Technology site makes it easy to educate yourself about security threats, quickly find security policies, protect your devices with OIT services, and report security incidents or lost devices.

Information Security at SMU
Before
Information Security at SMU
After

Continue reading Security Site Update Kicks Off OIT Web Refresh Project

New Email Phishing Simulations Coming Soon

AnitPhish (Anti-Phishing Campaign)Phishing attempts are email messages sent by hackers pretending to be your friends, coworkers, or trusted companies. These emails try to lure you to reveal your personal information, such as your passwords, credit card numbers, or bank account numbers, with alarmist sounding messages. Some may even direct you to an official-looking website requesting such information. These websites may also be infected with computer viruses or other forms of malicious software. Phishing messages have potential to damage our IT infrastructure and expose sensitive University data.

Due to the increased volume of recent phishing attempts, SMU’s Information Security Team is launching another round of the phishing awareness program, AntiPhish. This program will send simulated phishing emails, analyze how SMU employees respond to these messages, and track the success of employees in recognizing and deleting phishing emails. For those falling victim to the phishing attempts, the Information Security Team will offer training tools to help employees learn how to avoid falling victim to phishing messages. The phishing simulations will take place at SMU in the coming weeks.

As a reminder, if you receive any email message that appears malicious or asks for confidential personal information, Information Security asks that you do the following:

  • Contact the IT Help Desk or your local IT Support group regarding the email.
  • Delete the email from your mailbox without clicking on any hyperlinks or attachments.

For valuable resources and other information, please visit the Information Security website at www.smu.edu/OIT/Infosec.

If you have questions about the upcoming phishing simulation or training tools, please contact the IT Help Desk at 214-768-4357 (HELP).

Physical Security

Physical-Security2by George Finney

Physical Security – Technology can only help us so much when it comes to protecting University owned assets.  People are always our first line of defense.  This means not leaving your laptop unattended at a coffee shop or in your car overnight.  It also means locking your filing cabinets at night or putting sensitive files back into a locked cabinet when they are no longer needed.

Online Training is available for SMU faculty and staff in Courses.SMU.

For more information about Information Security and Security Awareness Training, visit smu.edu/infosec.