<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
	xmlns:content="//purl.org/rss/1.0/modules/content/"
	xmlns:wfw="//wellformedweb.org/CommentAPI/"
	xmlns:dc="//purl.org/dc/elements/1.1/"
	xmlns:atom="//www.w3.org/2005/Atom"
	xmlns:sy="//purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="//purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>UM Todaycyber security &#8211; UM Today</title>
	<atom:link href="https://umtoday-wordpress.ad.umanitoba.ca/tag/cyber-security/feed/" rel="self" type="application/rss+xml" />
	<link>https://umtoday-wordpress.ad.umanitoba.ca</link>
	<description>Your Source for University of Manitoba News</description>
	<lastBuildDate>Tue, 27 Jan 2026 15:13:58 +0000</lastBuildDate>
	<language>en-US</language>
		<sy:updatePeriod>hourly</sy:updatePeriod>
		<sy:updateFrequency>1</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.7.1</generator>
	<item>
		<title>CBC Manitoba: PowerSchool paid hackers a fee to delete stolen data: Manitoba school board memo</title>
        
          <alt_title>
                 
</alt_title>
        
        
		<link>https://umtoday-wordpress.ad.umanitoba.ca/cbc-manitoba-powerschool-paid-hackers-a-fee-to-delete-stolen-data-manitoba-school-board-memo/</link>
		<comments>https://umtoday-wordpress.ad.umanitoba.ca/cbc-manitoba-powerschool-paid-hackers-a-fee-to-delete-stolen-data-manitoba-school-board-memo/#respond</comments>
		<pubDate>Mon, 13 Jan 2025 21:35:14 +0000</pubDate>
		<dc:creator><![CDATA[Fiona Odlum]]></dc:creator>
				<category><![CDATA[UM in the News]]></category>
		<category><![CDATA[Computer Science]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[hackers]]></category>
		<category><![CDATA[Manitoba school division]]></category>

		<guid isPermaLink="false">https://news.umanitoba.ca/?p=209747</guid>
		<description><![CDATA[A cyberattack that exposed student information on a web-based management system has impacted 80 per cent of Manitoba school divisions across the province, according to a cabinet spokesperson. PowerSchool is a California-based provider of cloud software to over 16,000 customers in more than 90 countries. The company informed its Manitoba customers on Tuesday that a [&#8230;]]]></description>
        
        <alt_description><![CDATA[<img width="120" height="90" src="https://umtoday-wordpress.ad.umanitoba.ca/wp-content/uploads/2024/03/fraud-awareness-UM-today-120x90.png" class="attachment-newsfeed size-newsfeed wp-post-image" alt="A person working on a laptop computer and holding a cellphone in their left hand." style="margin-bottom:0px;" decoding="async" /> 80 per cent of school divisions in Manitoba have been impacted by the data breach, says the province]]></alt_description>
        
				<content:encoded><![CDATA[<p dir="ltr">A cyberattack that exposed student information on a web-based management system has impacted 80 per cent of Manitoba school divisions across the province, according to a cabinet spokesperson.</p>
<p dir="ltr">PowerSchool is a California-based provider of cloud software to over 16,000 customers in more than 90 countries. The company informed its Manitoba customers on Tuesday that a cyber incident had occurred on Dec. 28 and that some specific student information had been compromised.</p>
<p dir="ltr">&#8220;There&#8217;s some conversations now, going around, that maybe they waited too long to inform people … it took until the beginning of January before people started to find out,&#8221; said David Gerhard, head of computer science at the University of Manitoba.</p>
<p dir="ltr">To read the entire article, please follow the link to <a href="https://www.cbc.ca/news/canada/manitoba/powerschool-fee-delete-data-1.7428152">CBC Manitoba</a>.&nbsp;</p>
]]></content:encoded>
			<wfw:commentRss>https://umtoday-wordpress.ad.umanitoba.ca/cbc-manitoba-powerschool-paid-hackers-a-fee-to-delete-stolen-data-manitoba-school-board-memo/feed/</wfw:commentRss>
		<slash:comments>0</slash:comments>
		</item>
		<item>
		<title>Don&#8217;t Get Hooked This Season</title>
        
          <alt_title>
                Don't Get Hooked This Season 
</alt_title>
        
        
		<link>https://umtoday-wordpress.ad.umanitoba.ca/dont-get-hooked-this-season/</link>
		<comments>https://umtoday-wordpress.ad.umanitoba.ca/dont-get-hooked-this-season/#respond</comments>
		<pubDate>Fri, 25 Oct 2024 15:51:07 +0000</pubDate>
		<dc:creator><![CDATA[Terry Vandenbroeck]]></dc:creator>
				<category><![CDATA[Network News]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Faculty and Staff]]></category>
		<category><![CDATA[gift cards]]></category>
		<category><![CDATA[scams]]></category>

		<guid isPermaLink="false">https://news.umanitoba.ca/?p=205731</guid>
		<description><![CDATA[As the holiday season nears, it&#8217;s important to stay wary against phishing email gift card scams. Cybercriminals are increasingly targeting unsuspecting gift-shoppers, exploiting the festive spirit to their advantage. Here&#8217;s what you need to know to protect yourself and our UM cyber community. Common Phishing Email Gift Card Scams Phishing email gift card scams rely [&#8230;]]]></description>
        
        <alt_description><![CDATA[<img width="120" height="90" src="https://umtoday-wordpress.ad.umanitoba.ca/wp-content/uploads/2024/10/Gift-card-scam-UM-today-120x90.jpg" class="attachment-newsfeed size-newsfeed wp-post-image" alt="" style="margin-bottom:0px;" decoding="async" /> As the holiday season nears, it's important to stay wary against phishing email gift card scams. Cybercriminals are increasingly targeting unsuspecting gift-shoppers, exploiting the festive spirit to their advantage. Here's what you need to know to protect yourself and our UM cyber community.]]></alt_description>
        
				<content:encoded><![CDATA[<p>As the holiday season nears, it&#8217;s important to stay wary against phishing email gift card scams. Cybercriminals are increasingly targeting unsuspecting gift-shoppers, exploiting the festive spirit to their advantage. Here&#8217;s what you need to know to protect yourself and our UM cyber community.</p>
<p><strong>Common Phishing Email Gift Card Scams</strong></p>
<p>Phishing email gift card scams rely on impersonation and social engineering tactics to engage with victims and ask them to purchase gift cards. The attackers often impersonate executives, supervisors, or trusted contacts, using a sense of urgency to pressure recipients into buying gift cards or transferring funds under the guise of a business requirement.</p>
<p><strong>How to Recognize a Phishing Email</strong></p>
<ol>
<li><strong>Unexpected Requests</strong>: Any sudden pleas for money or sensitive information should immediately raise suspicion. Verify these requests directly through a known phone number before taking any action.</li>
<li><strong>Unverified Sources</strong>: Always verify the origin of a request through known, independent contact details. UM officials or departments will never ask for banking or personal details through unsolicited communication.</li>
<li><strong>Sense of Urgency</strong>: Phishing emails often create a sense of urgency, pressuring you to act quickly without thinking. Be cautious of any email that demands immediate action.</li>
<li><strong>Poor Spelling and Grammar</strong>: Many phishing emails contain spelling and grammatical errors. If an email looks unprofessional, it could be a scam.</li>
</ol>
<p><strong>How to Protect Yourself</strong></p>
<ul>
<li><strong>Verify Requests</strong>: If you receive an email asking you to buy gift cards, verify the request through official channels before taking any action. Call your supervisor or the person requesting the gift cards using a known phone number.</li>
<li><strong>Report Suspicious Emails</strong>: If you suspect a phishing email, report it to <a href="https://umanitoba.ca/information-services-technology#contact-us">IST Service Desk</a> or <a href="mailto:spam@umanitoba.ca">spam@umanitoba.ca</a>.</li>
<li><strong>Stay Informed</strong>: Educate yourself about the signs of phishing emails and how to respond to them. Regular training and awareness programs can help prevent these scams.</li>
</ul>
<p><strong>Information Security Starts with You</strong></p>
<p>The holiday season is a prime time for cybercriminals to exploit the generosity and busy schedules of shoppers. By staying informed and cautious, you can enjoy a scam-free holiday season. For more information on how to protect yourself from phishing scams, visit <a href="https://umanitoba.ca/information-services-technology/information-security-compliance/email-security">https://umanitoba.ca/information-services-technology/information-security-compliance/email-security</a></p>
]]></content:encoded>
			<wfw:commentRss>https://umtoday-wordpress.ad.umanitoba.ca/dont-get-hooked-this-season/feed/</wfw:commentRss>
		<slash:comments>0</slash:comments>
		</item>
		<item>
		<title>VP Evolution Project enables Entra MFA for VIP/ESS access on April 3</title>
        
          <alt_title>
                VP Evolution Project enables Entra MFA for VIP/ESS access on April 3 
</alt_title>
        
        
		<link>https://umtoday-wordpress.ad.umanitoba.ca/vp-evolution-project-enables-entra-mfa-for-vip-ess-access-on-april-3/</link>
		<comments>https://umtoday-wordpress.ad.umanitoba.ca/vp-evolution-project-enables-entra-mfa-for-vip-ess-access-on-april-3/#respond</comments>
		<pubDate>Mon, 01 Apr 2024 14:25:36 +0000</pubDate>
		<dc:creator><![CDATA[Terry Vandenbroeck]]></dc:creator>
				<category><![CDATA[Campus News]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[MFA]]></category>
		<category><![CDATA[Things to Know]]></category>

		<guid isPermaLink="false">https://news.umanitoba.ca/?p=194753</guid>
		<description><![CDATA[The VIP Evolution project is a multi-year project, with dedicated resources from Information Services and Technology (IST), Human Resources and Payroll, led by a project board of leaders from across the UM community. The project’s focus is leveraging VIP functionality, reducing risk, and improving the user and employee experience. The project’s next implementation prioritizes the [&#8230;]]]></description>
        
        <alt_description><![CDATA[<img width="120" height="90" src="https://umtoday-wordpress.ad.umanitoba.ca/wp-content/uploads/2024/04/vpn-ess-UM-today-2-120x90.jpg" class="attachment-newsfeed size-newsfeed wp-post-image" alt="Hands typing at a desktop computer" style="margin-bottom:0px;" decoding="async" /> The VIP Evolution project is a multi-year project, with dedicated resources from Information Services and Technology (IST), Human Resources and Payroll, led by a project board of leaders from across the UM community. The project’s focus is leveraging VIP functionality, reducing risk, and improving the user and employee experience.]]></alt_description>
        
				<content:encoded><![CDATA[<p>The VIP Evolution project is a multi-year project, with dedicated resources from Information Services and Technology (IST), Human Resources and Payroll, led by a project board of leaders from across the UM community. The project’s focus is leveraging VIP functionality, reducing risk, and improving the user and employee experience.</p>
<p>The project’s next implementation prioritizes the system&#8217;s security. On April 3, 2024, the VIP Evolution project will enable Entra MFA (multi-factor authentication) for VIP/ESS. Multi-factor authentication is a crucial tool in safeguarding the university&#8217;s sensitive data.</p>
<p>Entra MFA&#8217;s successful integration into numerous UM systems makes its extension to VIP/ESS an instrumental stride in fortifying data security.</p>
<h3>What will change?</h3>
<p>The most noticeable change will be the login experience for all users. As with other MFA-protected university systems, you will now log in using your email address and password instead of your UMNetID. You will then receive a message requesting you verify your identity through Entra MFA.</p>
<p>To prepare our employees for this modification, the VIP Evolution project conducted several information sessions and ran a soft launch to gather feedback. The project team found that the new authentication experience does not drastically impact the overall user experience. However, you will have to log in to VIP/ESS every time you want to access it.</p>
<p>&#8220;Validating the logout function is an important security feature to keep private information safe,&#8221; explains project architect Lonnie Smetana. &#8220;We will have to log in to VIP/ESS even if we are already logged in to university systems in a browser. We must also re-authenticate if we close our browser or if our VIP session times out,&#8221; Smetana adds.</p>
<h3>What does it mean to you?</h3>
<p>Before the implementation on April 3, 2024, all staff should ensure they have <a href="https://umanitoba.ca/information-services-technology/my-security/set-up-mfa">set up Entra MFA</a> and are using either the Microsoft Authenticator app or a hardware token to verify their identity. For those already using it, the transition will be seamless – begin using it for VIP/ESS when prompted.</p>
<p>Ensuring our data is protected is a shared responsibility, and we all have a role to play in safeguarding our university from data breaches.</p>
<p>We welcome your feedback and suggestions regarding this change and thank you for your cooperation during this transition.</p>
<p>Please feel free to contact the <a href="https://umanitoba.ca/information-services-technology/#contact-us">IST Service Desk</a> with any questions or concerns.</p>
]]></content:encoded>
			<wfw:commentRss>https://umtoday-wordpress.ad.umanitoba.ca/vp-evolution-project-enables-entra-mfa-for-vip-ess-access-on-april-3/feed/</wfw:commentRss>
		<slash:comments>0</slash:comments>
		</item>
		<item>
		<title>Account workout</title>
        
          <alt_title>
                Account workout: Pump up your password strength 
</alt_title>
        
        
		<link>https://umtoday-wordpress.ad.umanitoba.ca/account-workout/</link>
		<comments>https://umtoday-wordpress.ad.umanitoba.ca/account-workout/#respond</comments>
		<pubDate>Fri, 06 Oct 2023 15:18:42 +0000</pubDate>
		<dc:creator><![CDATA[Terry Vandenbroeck]]></dc:creator>
				<category><![CDATA[Network News]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Things to Know]]></category>

		<guid isPermaLink="false">https://news.umanitoba.ca/?p=184719</guid>
		<description><![CDATA[Cybercriminals love weak passwords! Protect yourself and the university with these best practices.&#160; Use a strong and unique password that is hard to guess Is your password the name of your pet or child? Easy to remember but also easy to find. Cybercriminals look for information that is readily available on social media and other [&#8230;]]]></description>
        
        <alt_description><![CDATA[<img width="120" height="90" src="https://umtoday-wordpress.ad.umanitoba.ca/wp-content/uploads/2023/10/Cyber-security-umtoday-image-02-edit-120x90.jpg" class="attachment-newsfeed size-newsfeed wp-post-image" alt="" style="margin-bottom:0px;" decoding="async" loading="lazy" /> Cybercriminals love weak passwords! Protect yourself and the university with these best practices.]]></alt_description>
        
				<content:encoded><![CDATA[<p><span data-contrast="auto">Cybercriminals love weak passwords! Protect yourself and the university with these best practices.</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></p>
<h3><b><span data-contrast="auto">Use a strong and unique password that is hard to guess</span></b></h3>
<p><span data-contrast="auto">Is your password the name of your pet or child? Easy to remember but also easy to find. Cybercriminals look for information that is readily available on social media and other online sources for clues to guessing your password.&nbsp;</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></p>
<p><span data-contrast="auto">Try using a </span><a href="https://www.cyber.gc.ca/en/guidance/best-practices-passphrases-and-passwords-itsap30032"><span data-contrast="none">passphrase</span></a><span data-contrast="auto"> instead of a password. A passphrase is a mix of random words only you would think to combine. According to </span><a href="https://www.getcybersafe.gc.ca/en/blogs/how-strong-your-password-five-ways-evaluate"><span data-contrast="none">GetCyberSafe.ca</span></a><span data-contrast="auto">, ideally, each passphrase would be at least four words and at least 15 characters long. A quick way to choose one is to look around and create a passphrase out of the first four words you see. For example, you might see a phone, tissue, lemonade and bracelet. The resulting passphrase would be entirely unique to you and almost impossible to guess!&nbsp;&nbsp;&nbsp;</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></p>
<h3><b><span data-contrast="auto">Don&#8217;t share your password</span></b></h3>
<p><span data-contrast="none">Not sharing your password is a fundamental cybersecurity practice. Following this principle helps protect your digital identity, keep your personal information secure and maintain control over your online presence.</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></p>
<h3><b><span data-contrast="auto">Change your password regularly</span></b></h3>
<p><span data-contrast="auto">The University’s&nbsp; </span><a href="http://umanitoba.ca/information-services-technology/sites/information-services-technology/files/2022-03/u-of-m-security-procedure-password-standard.pdf"><span data-contrast="none">Password Standard</span></a><span data-contrast="auto"> and </span><a href="https://umanitoba.ca/information-services-technology/computer-accounts-usage-agreement"><span data-contrast="none">Computer Accounts Usage Agreement</span></a><span data-contrast="auto"> requires everyone to change passwords and re-accept the usage agreement on an annual basis.&nbsp;</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></p>
<h3><b><span data-contrast="auto">Use a different password for each app and website</span></b></h3>
<p><span data-contrast="auto">Use your university email address and password only for university accounts. In 2023, PayPal, Reddit, Discord, UPS Canada, Duolingo, Forever 21, and Freecycle were just a few of the popular sites that reported data breaches. Keep bad actors away from your university data by using your account information for University of Manitoba services only.&nbsp;</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></p>
<h3><b><span data-contrast="auto">Enable MFA in all accounts</span></b></h3>
<p><span data-contrast="auto">Multi-factor authentication (MFA) pairs something you know (e.g., your password/UMNetID) with something you have (e.g., mobile phone or hardware token) to verify your identity when logging in to your account. MFA is required for all UM accounts.&nbsp;</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></p>
<p><span data-contrast="auto">Enable MFA in your personal accounts where possible to add that extra layer of protection to your data.</span></p>
<h3 aria-level="2"><span data-contrast="none">This week’s challenge</span><span data-ccp-props="{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:40,&quot;335559739&quot;:0,&quot;335559740&quot;:259}">&nbsp;</span></h3>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto">Take five minutes to try this interactive learning module: </span><a href="https://training.knowbe4.com/modstore/view/5c215964-f416-4e56-9dd0-31ce7619de5a"><span data-contrast="none">Eight Ways to Strengthen and Secure Your Passwords Today!!</span></a><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto">Enable multi-factor authentication on all your social media accounts.</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1">Ask a question and grab a snack at one of our Cyber Month info booths!<span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559685&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto">Oct. 10 – University Centre – 10 a.m. to 12 p.m.</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></li>
<li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto">Oct. 11 – Brodie Atrium – 10 a.m. to 12 p.m.</span><span data-ccp-props="{&quot;201341983&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}">&nbsp;</span></li>
</ul>
</li>
</ul>
<p>&nbsp;</p>
]]></content:encoded>
			<wfw:commentRss>https://umtoday-wordpress.ad.umanitoba.ca/account-workout/feed/</wfw:commentRss>
		<slash:comments>0</slash:comments>
		</item>
		<item>
		<title>UM’s info security policy is your guide to securing our data</title>
        
          <alt_title>
                UM’s info security policy is your guide to securing our data 
</alt_title>
        
        
		<link>https://umtoday-wordpress.ad.umanitoba.ca/ums-info-security-policy-is-your-guide-to-securing-our-data/</link>
		<comments>https://umtoday-wordpress.ad.umanitoba.ca/ums-info-security-policy-is-your-guide-to-securing-our-data/#respond</comments>
		<pubDate>Tue, 12 Oct 2021 19:42:49 +0000</pubDate>
		<dc:creator><![CDATA[Terry Vandenbroeck]]></dc:creator>
				<category><![CDATA[Network News]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Information Security]]></category>

		<guid isPermaLink="false">https://news.umanitoba.ca/?p=154833</guid>
		<description><![CDATA[With cyber threats and breaches increasing exponentially over the last few years, it is essential we all do our part to keep our data safe and protected. To better protect the information used and shared by the university community, the information security policy, procedure and standards were developed and approved by the UM Board of [&#8230;]]]></description>
        
        <alt_description><![CDATA[<img width="120" height="90" src="https://umtoday-wordpress.ad.umanitoba.ca/wp-content/uploads/2021/10/iStock-942893738-120x90.jpg" class="attachment-newsfeed size-newsfeed wp-post-image" alt="" style="margin-bottom:0px;" decoding="async" loading="lazy" /> To better protect the information used and shared by the university community, new/updated information Security policy, procedure and standards were developed and approved by the UM Board of Governors on Feb. 3, 2020. ]]></alt_description>
        
				<content:encoded><![CDATA[<p>With cyber threats and breaches increasing exponentially over the last few years, it is essential we all do our part to keep our data safe and protected.</p>
<p>To better protect the information used and shared by the university community, the information security policy, procedure and standards were developed and approved by the UM Board of Governors on Feb. 3, 2020.&nbsp;</p>
<p>“Higher education institutions manage vast amounts of sensitive data involving finance, research, health and more, which makes them prime targets for hacking and malicious breaches of security,” says Patrick McCarthy, director, IST information Security and Compliance.</p>
<p>“With cyber threats and breaches increasing exponentially over the last few years and the requirement to have robust security controls in place to obtain cyber insurance, it is essential we all do our part to keep our data safe and protected.”</p>
<p>The policy, procedure and standards apply to everyone in the university, including visitors, because, as McCarthy notes, we all have a responsibility to keep our data safe and protected.</p>
<h3>WHAT DO I NEED TO DO?</h3>
<p>Read the <a href="http://umanitoba.ca/computing/ist/security/policies.html">policy, procedure and associated standards.</a></p>
<p>Some standards like the <a href="http://umanitoba.ca/computing/ist/security/media/ISS-E01-Password-Standard-2020.02.06.pdf">Password Standard</a> apply to everyone, while others like the <a href="http://umanitoba.ca/computing/ist/security/media/ISS-001-Workstation-Patch-Mgmt-Standard-2020.02.06.pdf">Workstation Patch Management Standard </a>&nbsp;apply to anyone responsible for managing, updating or maintaining computer systems.</p>
<p>Review these <a href="https://umanitoba.ca/student-supports/academic-supports/academic-learning/support-learning-remotely/online-safety">additional tips for online safety</a>.</p>
<h3>WHERE DO I GET MORE INFORMATION?</h3>
<p>The purpose of the Information Security Policy is to:</p>
<ul>
<li>ensure the protection of all information and information systems;</li>
<li>mitigate risks associated with theft, loss, misuse, damage or abuse of information systems;</li>
<li>ensure staff, students, faculty and researchers are aware of and comply with provincial and federal legislation;</li>
<li>minimize the university’s exposure to cyberattacks;</li>
<li>ensure that information users understand their responsibilities; and</li>
<li>protect the university from liability.</li>
</ul>
<p>If you have any questions, concerns or would like more information about your responsibilities, email the Information Security and Compliance team directly at infosec [at] umanitoba [dot] ca.</p>
<p>Thank you for your continued help in ensuring the confidentiality, integrity and availability of the university’s data.</p>
<p>Remember: Information Security Starts with You!</p>
<p>&nbsp;</p>
]]></content:encoded>
			<wfw:commentRss>https://umtoday-wordpress.ad.umanitoba.ca/ums-info-security-policy-is-your-guide-to-securing-our-data/feed/</wfw:commentRss>
		<slash:comments>0</slash:comments>
		</item>
		<item>
		<title>October is Cyber Security Awareness Month</title>
        
          <alt_title>
                October is Cyber Security Awareness Month 
</alt_title>
        
        
		<link>https://umtoday-wordpress.ad.umanitoba.ca/october-is-cyber-security-awareness-month-2/</link>
		<comments>https://umtoday-wordpress.ad.umanitoba.ca/october-is-cyber-security-awareness-month-2/#respond</comments>
		<pubDate>Tue, 01 Oct 2019 16:05:41 +0000</pubDate>
		<dc:creator><![CDATA[Terry Vandenbroeck]]></dc:creator>
				<category><![CDATA[Campus News]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[phishing]]></category>

		<guid isPermaLink="false">https://news.umanitoba.ca/?p=119880</guid>
		<description><![CDATA[Cyber Security Awareness Month is an internationally recognized campaign held each October to inform the public of the importance of cyber security. The university’s Information Security and Compliance Team uses a number of tools to ensure your data is as safe as possible, but it is important that every individual who uses the network be [&#8230;]]]></description>
        
        <alt_description><![CDATA[<img width="120" height="90" src="https://umtoday-wordpress.ad.umanitoba.ca/wp-content/uploads/2019/09/cyber-security-month-um-today-SMG-120x90.jpg" class="attachment-newsfeed size-newsfeed wp-post-image" alt="Image has text which says Cyber Security Awareness Month" style="margin-bottom:0px;" decoding="async" loading="lazy" /> Cyber Security Awareness Month is an internationally recognized campaign held each October to inform the public of the importance of cyber security.]]></alt_description>
        
				<content:encoded><![CDATA[<p>Cyber Security Awareness Month is an internationally recognized campaign held each October to inform the public of the importance of cyber security.</p>
<p>The university’s Information Security and Compliance Team uses a number of tools to ensure your data is as safe as possible, but it is important that every individual who uses the network be aware of the tricks cyber criminals use to access our valuable information.</p>
<p>Over the last three years, the university has implemented a phishing simulation program to help staff and faculty recognize suspicious emails. This year, we are extending the program to students.</p>
<h3><strong>Monthly phishing simulations </strong></h3>
<p>Starting this October, some students will receive a suspicious looking email message in their <em>myumanitoba.ca</em> Inbox. The phishing simulation messages are designed using popular social engineering techniques and contain common markers that identify a suspicious email message.</p>
<p>These tests will continue every month to the end of the Fall-Winter school year.</p>
<h3><strong>What is phishing?</strong></h3>
<p>Cybercriminals use phishing—a type of <a href="https://usa.kaspersky.com/resource-center/definitions/social-engineering">social engineering</a>—to manipulate people into doing what they want. Social engineering is at the heart of all phishing attacks, especially those conducted via e-mail.</p>
<p>Social engineering is the art of manipulating people so they give up confidential information.&nbsp; Perhaps you’ve seen an email that looks like it came from TD Bank asking you to click on a link, and the link went to a website asking for more personal information? This is an example of social engineering. Attackers will try to fool you into believing they are trustworthy.</p>
<h3><strong>Phishing Checklist</strong></h3>
<p>Use the checklist below to verify the message. If the message matches one or more the criteria below, DELETE it or forward it to spam[at]umanitoba[dot]ca for confirmation.</p>
<p>Any message from an unknown sender could be a phishing email:</p>
<ol>
<li><strong>Does the address match the sender name?</strong> If there is no match, it could be a phish</li>
<li><strong>Is the email signature too generic? </strong>If there is only a name or title at the bottom of the message, then it could be suspicious.</li>
<li><strong>Do the name and URL match?</strong> <a href="https://news.umanitoba.ca/think-before-you-click/">Think before you click</a>. Mouse over links in email to reveal their true URL. If the name and the URL do not match, DELETE the email.</li>
<li><strong>Does it contain an unexpected attachment?</strong> They are a cybercriminal’s #1 choice for spreading malicious software.</li>
<li><strong>Does that email feel ‘off’ in some way? </strong>It probably is. Forward it to spam[at]umanitoba[dot]ca to confirm the message.</li>
<li><strong>Is it urgent? Slow down</strong>. An “IMPORTANT MESSAGE” may be a phishing attempt. Cybercriminals want you to do what you’re told, when you’re told.</li>
</ol>
<p>Don&#8217;t be fooled.&nbsp; Information Security Starts With You!</p>
<p>Go to the <a href="http://umanitoba.ca/computing/ist/security/index.html">Information and Security Compliance website</a> for more information and for list of the latest <a href="http://umanitoba.ca/computing/ist/security/latestphish.htm">phishing alerts.</a></p>
<p>&nbsp;</p>
]]></content:encoded>
			<wfw:commentRss>https://umtoday-wordpress.ad.umanitoba.ca/october-is-cyber-security-awareness-month-2/feed/</wfw:commentRss>
		<slash:comments>0</slash:comments>
		</item>
		<item>
		<title>Did you click the link?</title>
        
          <alt_title>
                Did you click the link? Online tax-phishing simulation catches fewer than last year 
</alt_title>
        
        
		<link>https://umtoday-wordpress.ad.umanitoba.ca/did-you-click-the-link/</link>
		<comments>https://umtoday-wordpress.ad.umanitoba.ca/did-you-click-the-link/#respond</comments>
		<pubDate>Tue, 21 May 2019 19:02:04 +0000</pubDate>
		<dc:creator><![CDATA[Terry Vandenbroeck]]></dc:creator>
				<category><![CDATA[Network News]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[information security and compliance]]></category>
		<category><![CDATA[phishing]]></category>
		<category><![CDATA[Staff]]></category>
		<category><![CDATA[Things to Know]]></category>

		<guid isPermaLink="false">http://news.umanitoba.ca/?p=112937</guid>
		<description><![CDATA[Information Security &#38; Compliance sent all U of M employees a simulated phishing email during National Fraud Prevention Month in March. Last year, the same phishing simulation was used. And like last year, the email pretended to be from the university’s payroll department and contained the subject line, “Important notice regarding your tax information.” Compared [&#8230;]]]></description>
        
        <alt_description><![CDATA[<img width="120" height="90" src="https://umtoday-wordpress.ad.umanitoba.ca/wp-content/uploads/2019/05/Did-you-click-smg-120x90.jpg" class="attachment-newsfeed size-newsfeed wp-post-image" alt="pie chart image" style="margin-bottom:0px;" decoding="async" loading="lazy" /> Information Security & Compliance sent all U of M employees a simulated phishing email during National Fraud Prevention Month in March. Last year, the same phishing simulation was used. And like last year, the email pretended to be from the university’s payroll department and contained the subject line, “Important notice regarding your tax information.”]]></alt_description>
        
				<content:encoded><![CDATA[<p>Information Security &amp; Compliance sent all U of M employees a simulated phishing email during National Fraud Prevention Month in March. Last year, the same phishing simulation was used. And like last year, the email pretended to be from the university’s payroll department and contained the subject line, “Important notice regarding your tax information.”</p>
<p>Compared to last year, the simulation saw a slight decrease in the number of people who clicked the link &#8212; 6.7% compared to last year&#8217;s 6.8%.&nbsp;</p>
<p>The results also showed that of the 6.7% who clicked the link, many were repeat offenders.</p>
<p>&#8220;Given the global coverage of our community, this is not surprising,&#8221; says David Treble, IT Security Officer. &#8220;Sometimes users travelling outside the country are more apt to click links that stress urgency or action, as they may not wish to be inconvenienced while travelling.&nbsp; Other times a phishing email may be timed nicely with real life events, like tax time. &#8221;</p>
<p>Regardless,&nbsp; the trend over three years of the same phishing simulation shows a gradual decrease in staff and faculty who click the link.&nbsp;</p>
<p>To avoid falling for a tax-phishing scam, follow these three simple tips:</p>
<ul>
<li><strong>Don&#8217;t open it</strong>. Most tax-related government agencies do not initiate contact by email, text message or social media. If the email mentions tax forms, it is likely a scam. Either delete the email or forward it to <a href="mailto:spam@umanitoba.ca">spam@umanitoba.ca</a> for review.</li>
<li><strong>Verify the sender</strong>. Don’t assume an email is legitimate by looking at the header– it’s easy to fake a <em>From: </em>or <em>Reply-to:</em> Call the sender to confirm the request is legitimate.</li>
<li><strong>Check if the URL is correct</strong>. Don’t be misled by sites claiming to be a government agency or tax-software company. Just mouseover any link to verify the URL it is really linked to. Make sure URLs are spelled correctly too.&nbsp;</li>
</ul>
<p>Think before you click!</p>
<p>&nbsp;</p>
<h2>About email simulations</h2>
<p>Simulated email messages provide a realistic experience in a safe and controlled environment. They are designed to help us recognize and resist tactics used in real phishing attacks.</p>
<p>Periodic simulations will continue as a part of the university’s Cyber Security Awareness Campaign.</p>
<h2><strong><br />
Remember, information security starts with you!</strong></h2>
<p><em>For more information about phishing attacks, visit the Information Security and Compliance web page at </em><a href="http://umanitoba.ca/computing/ist/security/phishing.html"><em>http://umanitoba.ca/computing/ist/security/phishing.html</em></a><em>. </em></p>
<p>&nbsp;</p>
]]></content:encoded>
			<wfw:commentRss>https://umtoday-wordpress.ad.umanitoba.ca/did-you-click-the-link/feed/</wfw:commentRss>
		<slash:comments>0</slash:comments>
		</item>
		<item>
		<title>Free coffee and donut for students who update their signUM email account!</title>
        
          <alt_title>
                Free coffee and donut for students who update their signUM email account! 
</alt_title>
        
        
		<link>https://umtoday-wordpress.ad.umanitoba.ca/free-coffee-and-donut-for-students-who-update-their-signum-email-account/</link>
		<comments>https://umtoday-wordpress.ad.umanitoba.ca/free-coffee-and-donut-for-students-who-update-their-signum-email-account/#respond</comments>
		<pubDate>Mon, 15 Oct 2018 18:33:57 +0000</pubDate>
		<dc:creator><![CDATA[Terry Vandenbroeck]]></dc:creator>
				<category><![CDATA[Network News]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Information Security]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[Students]]></category>

		<guid isPermaLink="false">http://news.umanitoba.ca/?p=98893</guid>
		<description><![CDATA[Information Services and Technology will offer a free coffee and donut to every student who uses the Mobile Service Desk to update their signUM email account on October 23 and 24. The booth will be set up as part of Cyber Security Awareness Month, which runs through the month of October. Students are now required [&#8230;]]]></description>
        
        <alt_description><![CDATA[<img width="120" height="90" src="https://umtoday-wordpress.ad.umanitoba.ca/wp-content/uploads/2018/10/CyberSecurity-SMG-free-coffee-donuts-120x90.jpg" class="attachment-newsfeed size-newsfeed wp-post-image" alt="" style="margin-bottom:0px;" decoding="async" loading="lazy" /> Information Services and Technology will offer a free coffee and donut to every student who uses the Mobile Service Desk to update their signUM email account on October 23 and 24.]]></alt_description>
        
				<content:encoded><![CDATA[<p>Information Services and Technology will offer a free coffee and donut to every student who uses the Mobile Service Desk to update their signUM email account on October 23 and 24. The booth will be set up as part of <a href="http://news.umanitoba.ca/october-is-cyber-security-awareness-month/">Cyber Security Awareness Month</a>, which runs through the month of October.</p>
<p>Students are now required to change their email password and re-accept the account user agreement annually. A strong password is an important step in blocking attempts to access your data. That’s why the university’s new password policy requires everyone to have a password that’s a minimum of 10 characters long, with at least one uppercase character, one lowercase character and one number.</p>
<p>If you haven’t changed your password yet, here is your chance to do so and be rewarded with a free snack before you receive your expiry notification.</p>
<p>Watch this quick animation for more about email and password security.</p>
<p><iframe loading="lazy" title="Cyber Security Awareness Month - Change Your Password" width="500" height="281" src="https://www.youtube.com/embed/YqNgNpPQh9U?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe></p>
<p>The Mobile Service Desk will be available at both campuses on the following days and times:</p>
<p><strong>Fort Garry<br />
</strong>University Centre<br />
Tuesday, October 23 and Wednesday, October 24<br />
9:00 am – 12:00 pm</p>
<p><strong>Bannatyne<br />
</strong>Brodie Centre Atrium<br />
Wednesday, October 24<br />
1:00 pm – 4:00 pm</p>
<p>Also during Cyber Security Month: Don’t forget to view the <a href="https://universityofmanitoba.desire2learn.com/d2l/home/318305">Phishing module in UM Learn</a> for your chance to win a new iPad and enter our <a href="http://umanitoba.ca/computing/ist/security/poster-contest-rules.html">Cyber Security Poster contest</a>.</p>
]]></content:encoded>
			<wfw:commentRss>https://umtoday-wordpress.ad.umanitoba.ca/free-coffee-and-donut-for-students-who-update-their-signum-email-account/feed/</wfw:commentRss>
		<slash:comments>0</slash:comments>
		</item>
	</channel>
</rss>
