Jan 12, 2023
Posted in: facilities, GDI
To bring further awareness to cyber security, the Gabriel Dumont Institute (GDI) IT department will be writing a series of articles around this topic over the next three months. Cyber Security is one of the biggest threats to the organization and something that impacts all staff. Every staff member needs to be vigilant in order to protect the organization.
The term cyber security covers a vast number of different threats and incidents. From phishing emails asking for personal info to ransomware, viruses, and hacking. We will cover some of these areas and what the GDI IT department is doing are doing to help protect all students, staff, and faculty against it.
Phishing
The most common cyber security threat is phishing emails. This type of email asks the recipient to provide personal, financial, or security information such as username and password, personal data, banking info, etc. There may be a file attached or a link to follow that quite often have a virus embedded into it.
Some of the common subject matters for phishing emails are courier delivery, banking or account compromise, and CRA refunds. Phishing emails usually look reasonably official and legitimate. Here are a list of things that can help identify a phishing email:
A received email should pass a ‘sniff’ test. If there is anything odd about it, do not open it or click on a link and report to IT to take a closer look.
2 Factor Authentication (2FA or MFA)
Passwords are the main source of cyber security threats and intrusions. So many people either use insecure passwords, write them down, or reuse the same password throughout many systems.
Many systems employ multi-factor authentication (MFA) to alleviate password problems (you have probably seen this with online banking and Facebook). Multi-factor authentication occurs after successfully logging into a website. You are then prompted to perform an additional action, such as calling your cell phone, sending a text or email, and many other methods. This extra layer of authentication is very effective as no connection is allowed and will be refused without this additional information.
Here at GDI, we are embarking on this 2FA path. We have just purchased licenses to use a product called Cisco Duo. This will mean that logins will require authentication by an app installed on a phone or via another token. We have been testing this product, and it has worked very well. Initially, we will first be using this product to secure VPN connections to the main networks, then we will work on evaluating how to incorporate this product into our Microsoft 365 login systems (which are used as the single sign-on source for many other systems).
The initial rollout to VPN connections should be completed by the end of September, with further testing on other systems to continue.
DNS Firewall
Another system change GDI IT made to help with cyber security is the introduction of a DNS Firewall through the Canadian Internet Registry Agency (CIRA). This is a monitoring service that checks all incoming and outgoing traffic to our main office connections and will block website requests from known bad sites or sites that contain viruses, phishing attempts, or malware.
The DNS Firewall was implemented at the end of July in Regina, Saskatoon, and PA. Since then, it has shown an over 100,000 web requests per-day and is reporting over 450 malware or phishing blocks.
Cyber Security Awareness Training
We have been running Cyber Security Awareness training from D-Zone for the last few years. When a new staff member starts, they are automatically enrolled in the introductory courses and a phishing simulation.
If you haven’t already, please complete the initial training and any subsequent training sessions to ensure we can maintain a low risk score. This is an important tool in our fight against Cyber Crime.