This page serves as a resource for announcements and tips regarding computer and personal security both within and away from Greece Central School District.  Be sure to scroll down the page for more tips, email practices, and cyber security resources. 

A great deal of thanks to the SANS Institute for a number of these tips!

=====================================================

Click Here for Cyber Security Information and Resources

=====================================================

Cyber Security Tips

Don't download files from unknown sources
Not all web sites are safe. Always ensure that the source you are downloading from is legitimate. Use extreme caution if you are referred to a site by an email message. If you're uncertain, don't download.

Don't click the "unsubscribe" link at the bottom of unsolicited emails.
Spam filters are catching most unwanted e-mail, but some might still reach you. Most spam is designed to get you to respond with your own email or to click a link to "unsubscribe." When you respond or click the "unsubscribe" link, the sender takes your email address and adds it to a SPAM database of active email addresses. You might then start to receive a large amount of SPAM in your inbox. Do not respond or click the "unsubscribe" links.

Don't enter your username and password on any computer you don't control
Using public computers will always carry the risk of exposing your personal data. "Public" computers — as in college library computers. A Kentucky college student has been charged with identity theft and unlawful access to a computer for allegedly breaking into other students' email accounts at the University of the Cumberlands, and using the access and information to blackmail them.

He did this by allegedly placing spyware on computers at the college library to harvest the information he needed to access the email accounts. Then he threatened to divulge the contents of certain messages unless the students complied with his demands. 

For more information: http://blogs.techrepublic.com.com/10things/?p=322

If your browser questions a website's security, stop, think, and verify
When visiting the "https" secure sites of banks and online shopping retailers, you may see an onscreen warning, such as "There is a problem with the website's security certificate" or "Secure Connection Failed." Don't just click to continue or to make an exception. The warning may only indicate that there is a harmless temporary problem with the site or with the network. But it can also mean that the site is bogus or has been compromised by hackers, and someone is listening in on your conversation with your bank or retailer.

Be smart. Contact your bank or retailer by phone to find out if they know about a problem with their website or the network. Don't be the next victim of fraud.

Make your password long
With the advent of the new district password complexity rules being put into effect, we offer the following password tips.  Make your password at least eight characters long, and the longer the better. Passwords shorter than 8 characters are easy to crack.

Follow these password rules. Avoid common words and proper names. Use both uppercase and lowercase letters, numbers, and symbols. Trouble is, who can remember a password like Fm79$#Xk? Try a passphrase instead: When I was 7, my dog Dolly went to Heaven. This contains 42 easy-to-remember characters, follows all the rules, and is in plain English. (Not every system will accept passphrases; when in doubt, try it out.) The odds against anyone cracking it even with the help of a supercomputer are astronomical.

Make your passphrase original. Don't use familiar or famous quotations. Don't use any real names especially your own, your family members, or your pets. Nonsensical passphrases are the hardest to crack.

If you are a victim of identity theft, report it immediately
Here are some things you should do:
 v Contact the three major credit bureaus and place a fraud alert on your credit report.
 v If a credit card was involved, contact the credit card company and close the account. 
 v Contact your local law enforcement agency and file a report. 
 v File a complaint with the Federal Trade Commission. 
 v Document all conversations so you know whom you spoke to and when.

Be Better Than James Bond
In Casino Royale, Bond chose a password to protect a multi-million pound money transfer.  What does he choose?  His girlfriend's name!  Why bother torturing him when you can just guess his cunning plans?  We can all do better than that.  For most situations a password should be 8 characters long and be a mixture of letters, numbers, and other characters.  It should conform to the district's complexity rules (implemented December 16th).  It should not be a word you would find in a dictionary, the name of your spouse, partner, child, pet, favorite band or any of these followed by a single digit. Use of common sense is always recommended - Razorlight1 isn't a good choice if you have a poster of the band behind your desk.

Spam Email Best Practices

Whenever there is an increase in the number of Help Desk calls about email spam, it's best to review the best practices for the prevention of email spam.  The BOCES email system incorporates a spam filter that dramatically reduces the amount of spam received.

Well over 400,000 spam emails are blocked on a daily basis by the services provided by BOCES.  Unfortunately, the filters can not block every piece of spam email.  To do so, the filters would have to be so restrictive that it would shut down delivery of email completely.

Spammers even have ways of making spam look like it comes from within the district. Your best bet is to never reply to spam email and to simply delete the email +/or block the sender's domain via email rules if you are suspicious of or you see an email is spam after examining it.

Below you will find additional steps you can take for better control over how effective spam filtering can be for you.

How the filter works:

How you can minimize your chances of getting spam:

pdf file: You need Adobe Acrobat Reader (version 7 or higher) to view this file. Download the free Adobe Acrobat Reader for PC or Macintosh.