Read Our Latest Articles

October was Cybersecurity Awareness Month and the Office of Information Technology (OIT) and the Office of Security and Compliance (OSC) partnered with security and compliance departments across the university to deliver a month of cybersecurity content. This included webinars, news articles, and sharing best practices information.

Each week during the month of October featured a cybersecurity threat prevention tool and explained why they are helpful. The month kicked off with university information security officers from across CU campuses answering your top security questions in a Threat Prevention and Awareness Roundtable. If you missed the event, you can watch the recorded webinar online.

Top takeaways from Cybersecurity Awareness Month:

Phishing attempts persist and are one of the top threats across campus. Cyber criminals use phishing to gain access to your personal information and credentials. While you may not have access to confidential information in your position, you have university access and once a cyber criminal is in the system it is much easier for them to move around and get to individuals with higher levels of access which is why it is so important for everyone to protect their information.

Phishing attempts can come in the form of emails, text messages, or even Multifactor Authentication (MFA) approval requests. Make sure you read things carefully and if it doesn’t seem right, it’s probably not.

Phishing attempts typically include spelling and grammatical errors, links that when you hover over them (NOT click) do not go to the destination they are claiming to go to, requests to purchase gift cards, or offers that are too good to be true. Familiarize yourself on all the ways you can spot phishing attempts and report any suspicious emails or text messages to phishing.samples@ucdenver.edu.

Best ways to protect your information:

While phishing is a continuous threat, there are several tools and best practices available to protect your and the university’s information.

1. Understand how university information is classified and the sensitivity level of the information you work with. The university has best practices for dealing with each classification level and who should or should not have access to the content. Learn more about understanding your data and the best way to protect it.
2. Create strong, unique passwords to protect your information and never reuse a password. Cracking passwords is a top way cyber criminals gain access to your information and if you use the same password for multiple accounts, then multiple accounts are compromised with one password break.
3. Utilize Multifactor Authentication (MFA) when possible. This prompts a second verification which provides an extra layer of protection for accessing confidential or private information. The university utilizes MFA with Duo mobile app. Be sure to only approve MFA requests when you are the one logging in. Some cyber criminals will attempt a login and hope that you approve the MFA without noticing. If you didn’t submit the request, deny the access.

While Cybersecurity Awareness Month is over, cybersecurity is a conversation and practice that is relevant every day. Visit the OIT website for more information, FAQs, and resources so that you can take measures to keep your information safe.