This message was sent to all UW students, faculty and staff with approval from the University of Washington Chief Information Security Officer.
October is National Cybersecurity Awareness Month, and it’s a good time to remind everyone how to be safer and more secure online.
We all have a part to play in protecting personal and UW data and using University resources appropriately.
To find out more about the information mentioned below, search the UW site for “CISO Annual Communications,” where you can find a copy of this message on the home page with links to relevant resources.
1. Recognize phishing and scams.
Scammers commonly use phishing emails to trick you into giving them your personal information, such as passwords or credit card numbers, and they’re often successful. Be skeptical of any email that urges you to click on links or download attachments. Phishing emails may appear to come from a recognizable person or organization, such as your supervisor, UW organizations or the health department. Be suspicious of unsolicited job opportunities, offers of financial aid, requests to purchase gift cards or opportunities that seem too good to be true.
2. Secure your UW NetID and other accounts.
Be careful not to use your UW NetID password with any other account. Multi-factor authentication (MFA) helps prevent others from signing in as you, even if they know your password. Two-factor authentication (2FA), a form of MFA, will be required for most UW NetID accounts by November 2, 2022. Learn more, including how students can opt in early, on the 2FA page on IT Connect. It is recommended that you also use 2FA (or some other form of MFA) for your other accounts and services, such as personal emails, social media, and bank and financial accounts.
3. Secure your computer and other devices.
Keep computers, devices and all applications — including antivirus software — up to date. Encrypt computers and devices, and keep track of the encryption key.
4. Secure UW institutional data.
Learn what types of data you are responsible for and take steps to secure data appropriately. Three data classifications are described on the UW Privacy Office website: UW Confidential, Restricted, and Public. Certain data types are protected by laws and regulations. Back up your data in at least two different ways, including one offline version.
5. Secure your Wi-Fi communications.
Configure your devices to use eduroam — a free, encrypted Wi-Fi network available at the UW (and at any eduroam-enabled institution throughout the world). There are instructions for how to set up your device to access eduroam on IT Connect.
6. Secure communications while working remotely.
Use a virtual private network (VPN), such as Husky OnNet, when working at home or remotely to access resources on the UW network. Take steps to secure your home Wi-Fi network by using strong passwords and the strongest encryption possible on home routers.
7. Know the rules.
State law prohibits the use of UW computing resources, tools or services for commercial or political purposes. Follow copyright laws for software, images, music or other intellectual property, such as books and videos. For more information, review the Appropriate Use web page on IT Connect.
If you have any questions or concerns, please contact help @uw.edu (no spaces).
Thank you for helping to secure your personal and UW data.
Rebekah Skiver Thompson
UW Chief Information Security Officer