Trumba – Changing the Time Zone Setting
OSU’s default setting for Trumba events is Pacific Time. Until OSU Communications (who manages OSU’s license) can resolve this default setting for all OSU employees, each user must change this setting. Once changed, it will become the default for all your events.
When completing the event submission form for Trumba, if your time zone setting is “Pacific Time (US & Canada)” update the time zone by following these steps:
(1) Browse to the Trumba events portal at https://eventactions.com/eventactions/okstate-extension-county#/mysubmissions
(2) In the top left corner click on the “O-Key” sign-in link:
(3) After you have logged into the site with your OSU email address and password, click on the menu option in the top right corner then choose “Settings”:
(4) In the “Time Zone” field, choose “Central Time” from the drop down menu:
(5) Save your update!
(6) Click on the menu option and log out. You are done!
Mobile Device Security When Traveling Abroad – Cyber Security Awareness Month 2017
Securing Your Data: Mobile Device Security When Traveling Abroad
If you need a laptop computer, borrow a loaner from your departmental IT support group. Ensure the laptop has the necessary software you plan to use on your trip. When you return, the IT Specialists should clean the computer (wipe the drive and reinstall software). Assume the laptop computer will become infected with malware while traveling; the cleaning process protects other devices from becoming infected once the laptop computer returns to the local network.
- If your departmental IT support group has a loaner mobile device (for example, iPad, Android tablet), you may consider using it rather than your personal device.
- Unless it is absolutely necessary, disable wireless technologies on your laptop computer and cell phone such as Bluetooth and Wi-Fi. Bluetooth headsets are strongly discouraged and should not be taken with you. When these technologies are needed, make sure all local shared folders are password protected. Wireless technologies can be used to gain entry to hosted devices such as laptop computers, mobile devices and cell phones. Once entry has been gained, access to intellectual property, proprietary information, files and passwords becomes available. In addition, keyloggers can be installed which collect all keystrokes and store them into a file that is later downloaded.
- Never let your cellular phone and mobile devices out of sight. When not being used, turn off your cell phone and mobile devices. Minimize the data contained on the device. Some phones can be remotely controlled so that the microphone and camera are enabled which allows remote users to listen to, watch, and record conversations.
- When connecting to the internet via wired or wireless, use OSU’s virtual private network (VPN) software to access the internet. A VPN provides for a secure and encrypted connection to the internet.
- Be aware of all usernames and passwords you use while traveling. Once you return, change these passwords. Consider creating a temporary account on Gmail or Yahoo before you leave that can be used for email communication. Limit use of instant messaging and text messaging.
- When using thumb/USB drives, use a PIN and encryption code to protect the data. If the drive is scanned or lost, the data is more secure when protected with an extra layer of encryption technology.
- Unless calls from your cell phone are encrypted, the foreign government can monitor them even if you use a U.S. cellular company’s service. Be aware of communicating confidential or proprietary information. Some users may consider a pre-paid cellular phone that can be disposed of upon returning to the U.S.
- Do not take unneeded car/house keys and credit cards. Clean out your billfold/purse of any financial information such as bank numbers and logins/passwords.
- The U.S. Government’s “Smart Traveler Enrollment Program” can be helpful in planning your trip and ensuring a safe return: https://step.state.gov/step/.
Preventing Phishing – Cyber Security Awareness Month 2017
With the increase in fraudulent emails to Oklahoma State University employees over the past year, now is as good a time as any to develop best practices for keeping your devices malware free and your information secure. October is National Cyber Security Awareness Month and with the help of the Department of Homeland Security and the National Cyber Security Alliance, DASNR IT is here to shed some light on phishing attacks.
Phishing (pronounced “fishing”) is the attempt to obtain sensitive information such as usernames, passwords, and credit card details often for malicious reason, by disguising as a trustworthy entity in an electronic communication.
A phishing email can look like it comes from a financial institution, your favorite online shopping website, or even Oklahoma State University itself. Many of these emails are asking you to act quickly because, for example, your account has been compromised and a recent online order cannot be fulfilled without payment. Stop and think before deciding to click any links or open any attachments that might have come with these emails.
According to Symantec  the vast majority of malicious emails will contain links that will take you to websites containing malware or the message will have attachments infected with malware. If you are unsure if an email request is legitimate, try contacting the company directly using information you already know or info that can be easily obtained online.
Phishing, spam, and other scams aren’t limited to just email. Social networking sites such as Facebook are also prevalent with malware. Online advertisements, Facebook status updates, and tweets can also contain malicious links, so “when in doubt, throw it out.” Most online sites, including social networking and media websites, have ways to report spam and phishing as well.
Oklahoma State University has a way to report fraudulent email. You can forward any email you receive to your okstate.edu account and believe to be malicious to firstname.lastname@example.org which is monitored by OSU IT Security. When they find malware that is contained in the email links or attachments, they can respond to the email administrators and then initiate filters to, hopefully, prevent anyone else from getting the email as well.
Below are some links with more information to help you remain vigilant against phishing attacks and, as always, contact your support specialist if you need any further information.