Directives from Auburn University, the State of Alabama, and federal legislation are major factors in determining the policies and procedures that must be implemented to manage information technology at Auburn University Montgomery. As the provider of the physical network, major services and applications, security, and infrastructure information technology, the Office of Technology and its departments are charged with implementing the following information technology policies on campus. A complete listting of technology policies, and other campus policies, can be found in the university policy section of the website.
Data security is important not just to the university, but to all individuals. Our goal is to provide you with information and tips to secure your data, your computer, yourself, and the university network. Here some tips regarding some of the most common security topics:
Phishing is the act of attempting to fool a user into providing their credentials. The attacker can use various methods to attempt to steal credentials. Did you know every day 80,000 people fall for a phishing scam and voluntarily give away their personal information to a criminal. The following present phishing warning signs:
- Fake emails, text messages, or calls claiming to be IT support outside of ITS
- Non-personalized greeting (e.g. “Dear User”)
- Urgent/Threatening language (e.g. “Your account will be terminated if you do not …”)
- Poor grammar/misspellings
- Request for personal information (e.g. “Please submit your email address and password”
What should you do if you suspect a phishing attempts?
- Forward suspect emails to ITS (firstname.lastname@example.org) and they can help to verify
- Ask for official identification if someone arrives on site asking for information and/or access to secure areas. Often scams can occur from people pretending to be contractors needing access to secure areas.
- Never give out your password! ITS does not need your password and will never ask for it.
Antivirus software is used to prevent malicious programs from being run on a computer. Auburn University at Montgomery provides Sophos Antivirus for all university computers. A Home version is also available for all students and employees at no charge. You can get full details at https://mars.aum.edu/secure/sophos/. Sophos will automatically update several times daily.
To verify that Sophos is running, you should be able to locate a small “shield” icon in your taskbar on the bottom right of your screen (Windows) or in the top right (Mac). If you are not certain if Sophos is installed, please contact ITS.
SPAM is the use of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately. Examples of SPAM include unsolicited emails with advertising diet pills, cheap stocks. ITS is committed to reduce SPAM by deploying a Barracuda SPAM filter to filter out a majority of spam that comes through. However, no service is able to catch 100% of SPAM. Our filter screens out approximately 100,000 junk messages daily.
If you suspect a message is spam, you can forward a copy of the message to email@example.com and ITS will inspect the message and add it to the blocked list if it is spam. If some of your emails are being marked as spam and they should not be, you can send a request to the ITS helpdesk to request that a specific email address be added to a trusted list of email addresses.
Email Abuse is the use of electronic email to advertise unethically, harass, annoy, or cause harm to the email recipient. Abuse can take the form of bulk email, SPAM, threatening e-mail, e-mail sent with the intent to slow productivity of, or cause damage to, the recipient's computer system. It is a world wide problem and anyone with an e-mail address is vulnerable.
What should I do if I get an abuse email?
- If you're being threatened, call Campus Police.
- To report harassment, impersonation, child exploitation, or other abusive activities received, forward the offending email to firstname.lastname@example.org. Include any relevant information, such as the number of times you've received messages from the account and the relationship, if any, between you and the sender.
- You may also contact ITS and a technician will investigate any potential abusive activities.