What to do when retiring your old mobile device

Have you recently upgraded your mobile phone, or are you thinking about it in the near future?

With the continual innovation of new technology, the life expectancy of your mobile device can be as short as three years before you need to update – or maybe you elect to update sooner to stay on top of the newest releases.

So what should you do with your old device? Recycle it, of course!

Griffith is committed to finding sustainable solutions for our end of life electronics as part of our E-Waste and Sustainability campaign. To facilitate this, there are E-Waste recycling stations at each campus library, as well as the EcoCentre and various student centres.

However, just as you wouldn’t leave a public computer without logging out of all your personal accounts, don’t forget to remove your personal data from your mobile device before disposing of it!

Lately, there has been an increase in the number of phones being dropped off to be recycled that still have access to the owner’s highly confidential data: private text messages, personal photos, online accounts and even banking passwords!  

To avoid the risk of having your accounts hacked or money stolen, it’s important to ensure you remove your personal data before your recycle.

Simply follow the checklist below, then get recycling!

  • Back up the device
  • Manually remove any personal information (a factory reset does not necessary delete all personal information)
  • Log out of online accounts  (iCloud, iTunes, App Store, Google Play, etc) and social media (Facebook, Instagram)
  • Manually turn off any ‘find my phone’ applications (i.e. Find my iPhone and Android Device Manager)
  • Unpair any devices such as Car Media or iWatch
  • Perform a factory reset
  • Remove your SIM card

For further information on the data management of your device before recycling visit the Recycling Devices webpage, or take a look at the tips on the Mobile Muster, Apple iOS, or Android websites.


Protect your digital life on your mobile device

wb-it-security-mobile-grey

When you lend your mobile device, did you know you’re also sharing your internet account, email and Facebook?

And do really want to give your colleague access to your Facebook account? They’ll just post cringe-worthy selfies from your camera roll or startling revelations about your embarrassing celebrity crush (which is obvs completely false).

Or even worse. They could use up all your internet data to watch cats being funny on YouTube. Which is fine, but only if you got to see the furry feline shenanigans as well.

How does this happen? Well, you’re connected to the Griffith Wi-Fi on your mobile device, right? You’ll notice that once you’ve signed in, you are never asked to sign in again. It’s just so convenient to have it connect automatically when you’re on campus.

But it also means that when you share your mobile phone, tablet or laptop with your colleague, all their internet use will be billed and logged against you!

And don’t forget, you’re probably logged into all your social media and email accounts as well.

Which means they can not only post to your Facebook (as you), but also to Snapchat, Instagram and Twitter. And just for kicks, they could swipe right for all of Tinder.

Now, your friends and colleagues are probably too responsible to be irresponsible with your digital life. They would never prank post on your social media, use all your internet data, or mess with your email.

But if they do. Just remember, we told you so.

For advice on how to stay safe online, visit the Griffith University IT Security web page.


5 of the worst computer viruses ever

Have you ever had a computer virus? They aren’t very nice.

They can break your computer, delete your files or steal your personal information. And you can inadvertently infect your friends and family with the virus (well, not them directly, their computer).

Michael Aranda takes us through the 5 of the worst computer viruses ever in a YouTube video by SciShow. Remember the Melissa Virus? What about the not-so-lovely I love You Virus? They both make the cut.

Watch the video to see how quickly they spread, how many people they affected and the amount of damage they did.

How can you avoid getting a virus? Michael recommends that you:

  • Install an antivirus program
  • Don’t click on suspicious links or emails from Nigerian princes
  • Keep your computer operating system and programs updated with the latest security patches

Installing an antivirus program doesn’t have to cost a fortune. Actually, it doesn’t have to cost you anything at all. As a Griffith staff member, you can access Symantec Endpoint Protection on your device for FREE.

Symantec Endpoint Protection is a leading antivirus and security solution for desktop devices. It is designed to ‘protect against advanced threats with powerful, layered protection backed by industry-leading security intelligence’. See the Symantec website for system requirements.

You can access Symantec Endpoint Protection via the Software Download Service (SDS) on your Griffith University Google Drive account. Head to the Software Services website for handy instructions on accessing home use software.


These are the 25 worst passwords of 2015

passwords

Is your password on the naughty list?

We have all experienced the frustration of having to update our password for one of our gazillion computer accounts; email, Netflix, ASOS, Spotify, Instagram, PayPal, iTunes…

Then there are the passwords for uni. The security-conscious folk at Griffith Uni make us change our passwords regularly so we can keep our account safe from hackers. And we totally appreciate it! Who wants hackers reading your rejected Mills and Boon manuscript saved on your Google Drive?

But let’s be honest, it’s hard having to think of a password you haven’t used in the last 12 months. So inevitably, you may choose a password that is too simple, weak or just plain obvious (c’mon, have you ever used griffith for a uni password?).

So SplashData made a naughty list; the 25 worst passwords for 2015. The list is based on more than 2 million passwords that leaked online last year.

Check out the naughty list and see if any of your passwords are hacker-friendly. Here are a few offenders:

  1. 123456
  2. password
  3. qwerty
  4. login
  5. princess

Read the full article in this month’s issue of PC World, which is available to Griffith students and staff via the EBSCO database:

How safe is your password? For tips on keeping your password secure, go to Griffith University’s Secure passwords page.


How safe is your digital life?

We all lock our doors to keep our houses safe, but just how do we keep ourselves safe online? This articles explores a range of simple things we can all do to help keep our digital lives safe.

Protect your digital life on your mobile device

When you lend your mobile device, did you realise you are also sharing your internet account, email and Facebook? Make sure to sign out of all your accounts and wireless before you do so.

Computer security is in your hands

  • Log out correctly before turning off your computer
  • Never share your passwords
  • Report security issues here

Why should I log out?

If you don’t log out properly you risk:

  • having your internet quota stolen,
  • getting viruses,
  • having your email hacked into.

How safe is your password?

“My bank doesn’t make me change my password” You are responsible for any activity which takes place from your account. If you have any suspicion that your account is being used by somebody other than you, immediately change your password.

Some simple rules for keeping your account safe.

  • Don’t write your password down, you wouldn’t write down your credit card pin.
  • One of the most common things people do when creating a stronger password is to use a word or name followed by two digits (usually  a birth year, age or the current year), followed by an exclamation mark. It’s best to avoid this format.
  • The easiest ways for somebody to find out your password is for them to watch you type it in (commonly known as “shoulder surfing”) or for them to find it written down.

Griffith Policies require that your account be kept safe, the following will help:

  • Ensure your password is at least 8 characters long and contains a combination of upper and lower case letters, numbers and punctuation.
  • Never re-use passwords, and never use a series of passwords which follow a predictable pattern (for example using the same word each time along with an incrementing number).
  • Use a different password for Griffith to what you use for banking, Facebook, and personal email.
  • Make it memorable. Longer passwords made up of several words can be easier to remember and safer.
  • Never share your password. Not even with colleagues, friends or family.
  • Never respond to any email which demands you reply to it with your username and password.
  • Griffith IT Support will NEVER ask you to give them your password via email, phone, or in person.

Don’t be the catch of the day

Beware of Phishing emails pretending to be a legitimate email from a business or organisation, and attempt to fool the recipients into revealing sensitive personal information, usually in the form of credit card numbers or important passwords.

A common one claiming to be from a bank and states your account will be closed if you don’t login immediately. The email looks legitimate and even has a handy link to the login page. However, this is bogus and instead you are giving the phishers your bank login details when you try to access the site. Some versions of this email will even log you into the real site so you don’t realise anything is amiss.

 

 


Griffith, The Heartbleed Bug and You

  • A bug recently found in a commonly used data encryption tool has had an impact on computer systems around the globe. Are you affected?

You may well have seen stories in the news recently about “Heartbleed”. Heartbleed is a bug in some versions of a widely used data encryption tool named OpenSSL, which if taken advantage of, can allow “eavesdropping” on otherwise secure internet traffic.

A lot of internet services, including secure web sites (those which display a padlock icon), utilise this tool so it’s been a busy time for system administrators across the globe checking their systems and patching them against the bug if necessary and Griffith has been no exception. Since we first received notice of the Heartbleed bug, INS has been working to ensure that Griffith’s systems are not vulnerable and that your data is protected and safe from this vulnerability.

Since stories about Heartbleed appeared in the news, INS has received a number of queries from both staff and students asking if their own desktops, laptops, smartphones and tablets could be affected by Heartbleed (referred to in the press as a “Reverse Heartbleed” attack).

The following should address any concerns you may have (with apologies for the necessarily technical details):

  • 1. Griffith assets running the Griffith SOE are not vulnerable to “Heartbleed”.
  • 2. Microsoft Windows and Apple OSX desktops and laptops are unaffected by “Heartbleed”. However, we strongly recommend applying any updates released for your device.
  • 3. Google has advised that smartphones, tablets etc running Android version 4.1.1 are vulnerable to “Heartbleed” related security issues and should be updated.
  • 4. Other versions of Android are not vulnerable to “Heartbleed”.
  • 5. Advice received to date is that other smartphones and tablets (including iPhone, iPad and Windows based phones) are unaffected by “Heartbleed”. However, we strongly recommend applying any updates Apple, Microsoft etc release for your device.
  • 6. Some versions of the Linux operating system might be vulnerable to “Heartbleed”. If you have a device running Linux, or any other unix variant including Raspian, you should ensure that it is fully patched; at the very least ensure that the version of OpenSSL installed is not between 1.0.1 and 1.0.1f. (version 1.0.1g is the first release of the 1.0.1 version tree which is not vulnerable to Heartbleed).

For advice on selecting secure passwords visit the Password Tips webpage.

For more information on IT Security, you can visit the IT Security website.


INS helps protect students’ digital lives

how-safe-mobile-device-baby

  • With the number of hackers and identity thieves continually on the rise, INS has recently launched a new campaign to help students improve their IT safety.

Recently, a baby made headlines when she bought a car on eBay using her dad’s smartphone. Although the family found the (cheap) purchase quite amusing, the incident has again highlighted the potentially devastating effects that a lack of mobile device security can have.

With people increasingly storing sensitive data on their smartphones, laptops and PCs, the opportunities to exploit privacy weaknesses are more tempting than ever. [1]

In an effort to minimise the impact this can have on students, Library and IT staff have recently completed a “security blitz”, encouraging students to increase their IT security, with the following messages:

  • How safe is your mobile device? Scammers, hackers and identity thieves are looking to steal your personal information and your money. Don’t worry – there are steps you can take to protect yourself, like keeping your computer software up-to-date and only giving out your personal information when you have a good reason.
  • Protect your digital life on your mobile device! When you lend your mobile device, did you realise you are also sharing your internet account, email and Facebook?
  • Don’t forget to log out! After your first registration of your mobile device on Griffith WiFi, you never have to log on to use the internet again. While this makes it convenient and easy for you to use, remember not to share the device with someone else, as all their internet will be billed and logged against you!

The messages will continue to be promoted to students throughout the year. For more information, students and staff can visit the IT security website.

[1] How to Prevent Phone Hacking and Sleep Like a Baby Again