Welcome to Cybersecurity Awareness Month! BGSU Information Technology Services (ITS) is excited to announce our participation in the Cybersecurity and Infrastructure Security Agency’s (CISA) annual campaign where together, we can increase our cybersecurity online, at work, and at home by taking a few basic steps.
Throughout the month of October, we will be sharing the basics of cybersecurity through email, social media posts and on our website.
4 Steps to Increase Cybersecurity
This year's Cybersecurity Awareness Month campaign focuses on 4 key action steps everyone should take to increase their security online:
- Enable Multi-Factor Authentication
- Use Strong Passwords
- Recognize and Report Phishing
- Update Your Software
Learn more about each step and how they are utilized at BGSU below!
1. Enable Multi-Factor Authentication
You need more than a password to protect your online accounts, and enabling MFA makes you significantly less likely to get hacked! BGSU uses Duo Two Factor Authentication as its MFA method to protect valuable information and resources like your BGSU email, the MyBGSU portal and the BGSU VPN. We also suggest using MFA to protect your other accounts like social media, banking, personal email, etc.
ITS recommends using Duo push notifications as your Two Factor Authentication method, and you should never approve an authentication attempt that you did not initiate.
2. Use Strong Passwords
It can take an experienced hacker as little as 30 seconds to crack an 8-character password, with the average being 12 minutes. Password length and complexity requirements help prevent your password from being guessed. The longer and more complex a password is, the more time it takes for a computer/hacker to guess what it is. You should also use unique passwords for each different application and site you access.
In March 2022, ITS increased the BGSU password character requirement to 12 characters; however, we recommend passwords of at least 16 characters to better protect your account and the University. You can also use free services like “Have I Been Pwned” to check if a recent privacy breach has compromised your account and to determine if a password change is necessary.
3. Recognize & Report Phishing
Phishing emails are becoming more prevalent as hackers become better at disguising their messages. If you receive an email that is out of place, littered with mistakes or just seems suspicious please report it using our fraudulent email reporting process.
If you receive an email that you suspect is fraudulent:
- Do not click on any links/attachments.
- Do not respond with any sensitive information.
- Do not pass along to your peers or supervisors.
- Do not forward to any ITS email addresses other than firstname.lastname@example.org.
- Send to ITS for investigation using the Outlook Report Message button or by forwarding to email@example.com.
- Delete the message from your Inbox.
4. Update Your Software
Don’t delay – if you see a software update notification, act promptly. Better yet, turn on automatic updates! Be sure to update the operating system on your mobile phones, tablets, and laptops (personal and university –owned). It’s also important to update applications, especially the web browsers, on all your devices.
In January 2022, ITS updated its process for updating BGSU applications on university devices. Now, most application updates occur in the background and require no user intervention. However, there may be times you receive a prompt on your university device asking you to confirm or continue an update. This change will keep your software secure and at optimal performance.
Updated: 10/03/2022 04:16PM