Ask Your CISO, Policies and Procedures, Security Awareness Newsletters

This Week’s Cybersecurity News, 05/31/2023

Posted on May 31, 2023Share on

Warning sign letting you know that only authorized personnel are allowed to enter

Good morning.

Based on several recurring incidents in the past couple of weeks, I want to discuss how important physical security is. I also want to answer a great question about which wireless network you should choose when connecting to WiFi at work.

Physical Security

  • UTIA IT0129 – Physical and Environmental Protection Policy and UTIA IT0129P – Physical and Environmental Protection Procedures
    • I spend a lot of time giving you tips on how to identify and deal with cybersecurity issues, but physical security is extremely important, as well.
    • The above policy and its accompanying procedures were implemented in 2018, in order to cover the controls put in place for Institute-owned and University-owned IT assets.
    • Have you ever thought that things weren’t exactly as you left them when you returned to your office the next morning?
    • Do you feel that someone has been going through your office when you weren’t there or have evidence that someone has plugged an external device into your computer without your permission?
    • We need to always be aware of how we can protect the data on our Institute-owned assets and this includes protecting where these assets are located.
    • This means that not only are the assets themselves protected by least privilege, but the physical location of the assets should be protected in the same manner.
      • Remember that “least privilege” means giving a user the minimum levels of access necessary to perform his/her job responsibilities.
      • Least privilege is not based on what you might need some day, but is supposed to be only what you need to do your job on a daily basis.
      • If someone does not NEED access to a particular office or lab to fulfill their job responsibilities, then they should not have such access.
    • Please do these things to help protect the Institute and University:
      • Lock your computer if you need to walk away for any reason, by simply pressing the Windows key + L.
        • Some people think this is a hassle because you have to log in when you return.
        • I can tell you it is a much bigger hassle when your data is tampered with because the computer was left wide open for anyone to access.
        • If you don’t lock the computer and someone else does something they shouldn’t be doing, YOU are the person investigators and auditors will look to because you were the one logged in.
      • Notice how things look when you leave for the day.
      • Keep in mind that others you don’t see, like maintenance and cleaning services, often have access to those locations in order to fulfill their job responsibilities, so please keep items with sensitive data locked away when you are away from your desk.
      • Remember that it is never okay to plug any device into someone else’s computer without their permission…and presence, if possible.
      • If you have access to sensitive data, electronic or otherwise, and you think someone has accessed your area without a valid reason, report it to your supervisor.
      • If you have evidence that someone has connected a device to your computer without your permission, take a screenshot (press Windows key + Print Screen on the keyboard, then open Paint or a similar app and paste the screenshot to save) or take a picture with your phone and save the file to share with your supervisor so they can report via the proper chain of command.
    • If you have questions about physical security, please don’t hesitate to ask!

Ask Your CISO

  • Why should you choose “eduroam” over “ut-open” when connecting to the wireless network?
  • This is a great question because I don’t think people often realize there is much difference.
  • There are two UT wireless networks from which to choose.
    • eduroam
      • eduroam is a secure, international wireless network developed for users in research, higher education, and further education.
      • eduroam is based on the most secure encryption and authentication standards available.
      • eduroam provides simple and secure connectivity from thousands of hotspots across more than 100 countries.
      • eduroam is intended to be used by faculty, staff, and students at UTK and other universities worldwide.
    • ut-open
      • ut-open is an unsecured network available to faculty, staff, students, and visitors.
  • As you can see, eduroam is the smart choice for wireless connections at UT.
  • However, if you absolutely, positively cannot connect to eduroam for some valid reason, be certain you are using the VPN when connecting to ut-open!
  • To learn more about how to connect to the wireless network, please read UTK OIT’s WiFi: Connect to the UT Wireless Network.

I thank you all so much for all you do to protect the Institute and its data. Please don’t hesitate to let me know when you have any questions or concerns when it comes to security!

Have a great rest of the week!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu