Cybersecurity Awareness

Securing IoT Devices

While many have come to rely on Internet of Things (IoT) devices for added efficiency and convenience, the devices are also entry points cybercriminals can use to violate your security and privacy. According to Symantec’s 2019 Internet Security Threat Report (ISTR 24), “IoT devices experience an average of 5,200 attacks per month. Routers and connected cameras were the main source of IoT attacks accounting for over 90 percent of activity.” Various IoT devices have been exploited: baby monitors; security...

Securing Home Wi-Fi

Routers are one of the most important electronic devices that you have in your home. They link your other devices together and to the outside world, and that's why they are such a valuable target for attackers.

A secure Wi-Fi system helps keep unauthorized people off your network and reduces the risk of data loss, theft, and/or sabotage. That’s why we put together these key steps to securing your Home Wi-Fi.

Secure Your Router

To create a secure home network, start by securing your router - that’s the...

SSH Key Management

A SSH key with a passphrase provides additional security and can act as an additional authentication factor. Adding a passphrase to your SSH keys is recommended to comply with the Remote Access Services Requirement of the Minimum Security Standard for Networked Devices (MSSND)

See instructions for...

Securing Remote Desktop (RDP) for System Administrators

How secure is Windows Remote Desktop?

Remote Desktop sessions operate over an encrypted channel, preventing anyone from viewing your session by listening on the network. However, there is a vulnerability in the method used to encrypt sessions in earlier versions of RDP. This vulnerability can allow unauthorized access to your session using a man-in-the-middle attack.

Remote Desktop can be secured using SSL/TLS in Windows Vista, Windows 7,...

Settings for Securing Zoom

UC Berkeley Zoom

UC Berkeley's Zoom service may only be used for P3 (and below) data according to the Berkeley Data Classification Standard and may not be used to transmit or store P4 data including, but not limited to: Social Security numbers, financial account numbers, or export controlled data. Refer to the Data Classification Standard for a comprehensive list of P4 data types.

This applies...

Why Reusing Passwords is a Bad Idea

April 16, 2021

"I have a really great passphrase, it's long and easy to remember, so I use it on all my accounts."

Sound familiar? Why is it so hard for us to abandon this idea that reusing passphrases is a bad idea? Well, we're humans and humans tend to rationalize to confirm our decisions. "What are the chances that someone will get my password and compromise my account, I mean, will that really happen to me?" Well, it turns out it does - and more frequently that you might imagine.

According to...

Password Management with LastPass

Overview

Creating strong, unique passwords for each of your personal and work accounts isn't a chore when using a password manager - like LastPass. LastPass can generate and remember passwords for you - no more writing your passwords down and potentially exposing your credentials. Using strong and unique passwords on each of your accounts increases your personal and professional online security.

UC Berkeley offers FREE...

Resurgence of Ransomware in Higher Ed

May 21, 2020

Ransomware is not new; but, it's been popping up more and more in higher ed. Each week brings news of colleges and universities that have fallen victim to ransomware attacks. Some hackers demand payment, while others steal personal data (to sell to identity thieves). Whatever the motives are, school systems around the country have been the targets of recent attacks.

Here are four things you can do to protect yourself: 1. Back it up. Daily.

Use a...

Cybersecurity and COVID-19

Not finding what you're looking for?

Try our Search function!

Training

Discover security training courses and tools Annual Cybersecurity Awareness Training

This mandatory, computer-based-training covers a variety of information security topics that is accessed through the Central Human Resources Learning Management System.

Who has to take the training?

All faculty, staff, and student workers are required to complete the annual training.

Why is training required?

As part of UC system-wide efforts to address the increasing...