Take Action Today!

 

ASU Information Security Office

ASU Information Security Office's Mission:
 
Arizona State University’s Information Security Office is committed to preserving the availability, confidentiality, and integrity of its information resources while preserving and nurturing the open information-sharing requirements of its academic culture.

ASU Information Security Office's Vision:

  • Embed information security into the culture of ASU
  • Ensure alignment of the information security program to the University's mission
  • Increase visibility into the University’s security posture

Read More

2018 IT Risk Assessment Toolkit

Resources for addressing Risk Assessment corrective actions.

  • US-CERT Current Activity:
    The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
    http://www.us-cert.gov/ncas/current-activity/
  • Internet Crime Complaint Center (IC3):
    The Internet Crime Complaint Center (IC3) is an alliance between the National White Collar Crime Center (NW3C) and the Federal Bureau of Investigation (FBI). IC3’s mission is to address crime committed over the Internet.
    http://www.ic3.gov/media/default.aspx
  • Microsoft Security Bulletins:
    Microsoft security bulletins provide information & news about computer vulnerabilities and security updates to keep your computer protected.
    http://technet.microsoft.com/en-US/security/dn481339
  • Apple Security Updates:
    This document outlines security updates for Apple products.
    http://support.apple.com/kb/ht1222
  • Oracle Critical Patch Updates, Security Alerts and Third Party Bulletin:
    This page lists announcements of security fixes made in Critical Patch Update Advisories and Security Alerts, and it is updated when new Critical Patch Update Advisories and Security Alerts are released.
    http://www.oracle.com/technetwork/topics/security/alerts-086861.html

Protecting Against Phishing

What is Phishing?

Phishing, in a nutshell, is the online version of a con-job. The perpetrators of phishing messages are essentially tech-savvy con-artists. In a phishing scam, these con-artists send out messages and emails that "look" legitimate, hoping to trick the unsuspecting user into giving out their personal information, including usernames and passwords, and allowing the perpetrator to conduct identity theft.

Read more

Troubleshoot: DUO and iOS 11.3

Submitted by mathom37 on April 26, 2018 - 8:32am

If you experience issues with ASU authentication on a mobile application that requires Duo two-factor authentication, please view this article regarding Duo Push notifications and iOS 11.3.  This issue only affects Apple devices with iOS 11.3 and 11.3.1 and only affects the applications installed on the mobile device itself.  Apple is aware of the issue and is working to resolve it in their next iOS patch release. Earlier versions of iOS are also unaffected.

ASU Office365 Email and junk mail

Submitted by twitucky on April 12, 2018 - 5:18pm

Microsoft has changed how they identify junk emails causing legitimate email to incorrectly be marked as spoofed or junk. As a response, we have implemented a temporary solution for emails sent to exchange. This may increase the amount of email delivered to your inbox which typically gets filtered to junk. We understand the importance and impact of the issue and are working to correct it.

Student Jobs E-Mail Scam

Submitted by mathom37 on March 13, 2018 - 12:16pm

A large number of phishing scam emails have been seen targeting ASU students. The scam works by sending you an email with the promise of a job. The email subjects vary, some saying “Student Jobs" and others saying "Application Approved", even though you never submitted an application. The scamming email will ask you for your full name, address, and telephone number. The scammer then tells you that you will be doing various things, like acting as a middleman to purchase office supplies.