A recent FBI report on an uptick in cybercrimes in the higher education sector is a reminder to all employees that protecting University systems and data is a shared responsibility, and everyone has a role to play. While WVU has taken many steps to secure networks, computers and data, the threats are constantly changing, and faculty and staff must remain vigilant.
Here are some ways you can help defend WVU’s data:
Never use your WVU Login username and/or password on non-WVU sites. When those credentials are stolen from Netflix or Facebook, cybercriminals can use them to open a door into WVU systems.
Secure your WVU Login password. Don’t share it with anyone or write it down for someone to find.
Use a strong password or phrase. Ten characters is good, 12 even better. Use these tips to create strong passwords.
Be skeptical. Receive a suspicious-looking email? Don’t reply or click any links. Use the Report Message button in Outlook email or forward it as an attachment to [email protected].
WVU has already implemented many of the FBI’s recommended security measures to secure networks, computers and data, including: implementing two-factor authentication systemwide; limiting remote access to WVU systems, devices and data; enabling remote, automatic security updates to all WVU-owned and -managed computers; training and conducting phishing simulations; restricting access for people with administrative privileges on databases and servers; and segmenting networks to prevent unauthorized access.
“Security-related changes to the way WVU works are just part of the modern reality,” says Interim Chief Information Officer Brice Knotts. “Research universities like ours are data-rich targets for bad guys, and the threats are relentless and constantly changing. We need to be proactive in addressing them.”
That’s why developing a comprehensive, long-range Information Security Strategy is one of the foundational projects in the WVU Modernization Program,” Knotts said.
According to the report from the FBI’s Internet Crime Complaint Center (IC3), Russian cybercriminals in January 2022 sold or shared public access to college and university networks across the…