Secure Our World

Cybersecurity Awareness Month 2024

Welcome to Cybersecurity Awareness Month! BGSU Information Technology Services (ITS) is excited to announce our participation in the Cybersecurity and Infrastructure Security Agency’s (CISA) annual campaign where together, we can Secure Our World online, at work, and at home by taking a few basic steps.

Throughout the month we will share tips on how to stay cyber safe online, at work and at home via Campus Update, Our BGSU and social media posts. This information will focus on CISA’s “Four Easy Ways to Stay Safe Online":

Four Easy Ways to Stay Safe Online

  1. Recognize & Report Phishing
  2. Use Strong Passwords
  3. Turn on Multi-Factor Authentication (MFA)
  4. Update Software

Learn more about each step and how they are utilized at BGSU below!

1. Recognize & Report Phishing

Phishing attempts are becoming more prevalent as hackers become better at disguising their messages and links. These attempts to access your personal information could come in the form of an email, text message or even a phone call. It may look/sound legitimate and seem to come from your email service, friend or coworker but seems a little off. Perhaps the timing of the message is out of place, it’s littered with mistakes or just seems suspicious. This is likely a phishing scheme, many of which are disguised in the form of a clickable link/URL in an email that looks like it will take you to a specific or familiar destination, but in reality, it does not. Typically, these links are configured to do one of the following:

  • Take the user to a malicious webpage that attempts to install malware on the user's computer. The malware can do anything from retrieving the user's password to encrypting or stealing data from the user's device.
  • Redirect the user to a fraudulent login page where the user enters their username and password under the impression that they are logging in to a legitimate website. From this page, hackers can access the user's password which can then be used to log in and access protected services.

Always be cautious before you click on any link, and if a message seems suspicious report it to ITS by following these instructions:

Report Fraudulent Message to ITS
  1. Do not click on any links/attachments.
  2. Do not respond with any sensitive information. 
  3. Do not pass along to your peers or supervisors.
  4. Do not forward to any ITS email addresses other than abuse@bgsu.edu.
  5. Send to ITS for investigation using the Outlook Report Message button or by forwarding to abuse@bgsu.edu.
  6. Delete the message from your Inbox.
CISA RESOURCES
CISA Phishing Information
Tips to Avoid Phishing Video
ITS RESOURCES
Email Phishing Info
Data Security
Compromised Accounts
Guidelines for Using Links in Campus Email Communications

2. Use Strong Passwords

It can take an experienced hacker as little as 30 seconds to crack an 8-character password, with the average being 12 minutes. Password length and complexity requirements help prevent your password from being guessed. The longer and more complex a password is, the more time it takes for a computer/hacker to guess what it is. You should also use unique passwords for each different application and site you access. 

In March 2022, ITS increased the BGSU password character requirement to 12 characters; however, we recommend passwords of at least 16 characters to better protect your account and the University. You can also use free services like “Have I Been Pwned” to check if a recent privacy breach has compromised your account and to determine if a password change is necessary.

CISA RESOURCES
CISA Strong Password Information
Stop Online Crime with Strong Passwords Video
LEARN MORE
Password Tips
Password Management Self-Service
Security Question Guidelines
Password Self Help Articles

3. Turn On Multi-Factor Authentication

You need more than a password to protect your online accounts, and enabling Multi-Factor Authentication (MFA) makes you significantly less likely to get hacked! BGSU uses Duo Two Factor Authentication as its MFA method to protect valuable information and resources like your BGSU email, Canvas, the MyBGSU portal and the BGSU VPN. We also suggest using MFA to protect your other accounts like social media, banking, personal email, etc.  

ITS recommends using Duo push notifications as your Two Factor Authentication method, and you should never approve an authentication attempt that you did not initiate.

CISA RESOURCES
CISA MFA Information
Make Your Account Safer with MFA Video
LEARN MORE
Duo Two Factor Authentication
Duo Best Practices
Two Factor Authentication Cybersecurity Attacks
Duo Self Help Articles

4. Update Software

Don’t delay – if you see a software update notification, act promptly. Better yet, turn on automatic updates! Be sure to update the operating system on your mobile phones, tablets, and laptops (personal and university –owned). It’s also important to update applications, especially the web browsers, on all your devices.  

Thanks to ITS' updated process, most application updates occur in the background and require no user intervention. most application updates occur in the background and require no user intervention. However, there may be times you receive a prompt on your university device asking you to confirm or continue an update. This change will keep your software secure and at optimal performance.

CISA RESOURCES
CISA Software Update Information
Update Software for Safety Video
LEARN MORE
Application/Software Update Prompts
Windows Version Updates
Mac Version Updates
BGSU Application/Software Self Help Articles

Updated: 09/13/2024 09:23AM