Other 2014 Accomplishments
Phoenix Disaster Recover Center Reaches Key Milestones
On Jan. 29, the Disaster Recovery Data Center successfully completed Phase II of its implementation in Phoenix, Arizona. The first milestone in this multi-phase project was creation of automated disc replication for secure database back-ups between our Malibu and Phoenix data centers. The second milestone was the successful installation of a space-saving virtual server system which will allow the Phoenix data center to provide a complete set of services to students, faculty and staff in case of Malibu-based emergencies. The center not only helps us in case of an emergency or disaster in California, but it allows us to build innovative new technology for better, faster services for students, faculty and staff.
Pepperdine's Endpoint Protection service distributes Sophos antivirus
IT deployed the new Endpoint Protection service for all Pepperdine-owned computers. This new service monitors malware activity and take corrective measures to minimize malware action and data loss. On July 14, 2014, the Device Management Service began installing the Sophos antivirus client on Pepperdine-owned Windows computers and removing the old antivirus, Trend Officescan. Installation on Macintosh computers will follow thereafter. Successful installation was marked by Sophos shield icon on your computer.
For more information, please visit: http://devicemanagement.pepperdine.edu/.
Secure backup service provides whole disk encryption for pilot users
In November, IT began a Secure Cloud Backup pilot program for all staff currently using whole disk encryption software on their Pepperdine-owned workstations. Whole disk encryption ensures that restricted data on the workstation is protected from unauthorized physical access.
The Secure Cloud Backup Service, powered by Crashplan PROe, is an important addition to whole disk encryption. The service ensures that users have a current backup of their profiles located in a secure place in case their workstation becomes unusable due to hardware failure, software glitches, or compromise.
During the pilot program, the Secure Cloud Backup Service was installed on select computers to gauge interest and utility of providing a university-wide cloud backup solution. Those who will be a part of the pilot were notified via email. To learn more about the pilot program, please contact IT at firstname.lastname@example.org.
Device Management successful distributes software to Pepperdine community
For the past two years, Device Management has been successful distributing software and quietly installing updates to Pepperdine-owned computers. In 2014, the DM service has protected computers from malware by keeping all computers up-to-date with the proper software that they need.
Device Management is a proactive, efficient, and effective service provided by IT to keep all Pepperdine-owned computers up-to-date with the latest software needs. Distributed software included Sophos, CrashPlan, and Adobe Acrobat Pro XI.
Stay up-to-date with the Device Management team at http://devicemanagement.pepperdine.edu/.
Information Security conducts Pepperdine phishing testDid you get a suspicious email? Did you do your anti-phishing homework?
Beginning on October 31, 2013 the Information Security Office (ISO) conducted a monthly phishing training and test on the entire Pepperdine community. Phishing is an email scam used to trick people into giving away their personal information. Emails usually come posed as a legitimate email with familiar logos and images.
To help students, faculty and staff scrutinize unexpected emails, ISO sent out emails posed as a phishing scam with a link asking for their Pepperdine password. The results of the test gathered whether the recipient detected it was a phishing scam by simply deleting the email or if they were duped into clicking the link and giving away their Pepperdine password. Those who failed the phishing test were required to go through phishing training.
"The test emails are nearly identical to real phishing messages that have been received at Pepperdine," commented Chief Information Security Officer Kim Cary. "The community is not picking up on these poorly crafted messages as being suspicious."
Phishing made simple
If you receive an unexpected email request:
- If it seems suspicious - delete it!
- If it seems likely to be legit - call or email the sender.
Entering your password on a site:
- Check for encryption - https or a lock symbol.
- Check the web address - is it pepperdine.edu or a familiar site?
"The idea of these skills is to help people be self-sufficient," Kim added. "If you see a suspect message your first stop shouldn't be to call your technical contact, it should be to scrutinize the email using these skills."
The ISO team will continue to educate and train the community on how to combat phishing scams while preserving trust in the University and protecting its community. To learn more about phishing or to get trained, please visit: http://community.pepperdine.edu/it/security/training/phishing/.