Spartans,

October is Cybersecurity Awareness Month, so this month we will be sharing IT tips intended to boost cybersecurity awareness. We’ll kick off with some ways to help secure your mobile devices.

We have all become reliant upon our mobile devices for much of our online activity. This makes our mobile devices vulnerable. The good news is that there are simple things you can do to boost the security of your mobile devices and protect yourself from digital threats. Here are a few:

• Use Strong Passwords and Biometrics—Make sure all your device passwords are strong and adhere to industry best practices for length and complexity. Additionally, if your device supports biometrics such as fingerprint authentication or Face ID, make use of these options.
• Avoid Free Public WiFi—Most free public WiFi is unsecured, making it easy for cybercriminals to access your passwords, usernames, and other sensitive information. SJSU offers campus-wide secure WiFi for students, faculty, and staff.
• Install Software Updates—Most updates to your mobile device’s operating system include security patches to fix vulnerabilities. You should always install system updates as soon as they become available.
• Enable Device Location—Consider enabling Find My (iPhone / Apple) or Find My Device (Android). This way, if you lose your device, you have a better chance of recovering it.
• Backup Your Data—If your device is lost, stolen, damaged, or compromised, you could potentially lose your valuable data. For this reason, it is prudent to back up your device to another source, such as Google Drive, iCloud, or OneDrive. You should be able to configure automatic backup so you will not have to worry about remembering.

For additional steps that you can take to secure your mobile device, check out the Mobile Device Security page on the SJSU IT site.

Thank you to our Information Security Team for providing this tip and helping protect our university. As always, the SJSU IT Service Desk is here to help by phone at (408) 924-1530 or online.

Thanks,

Bob Lim
Vice President for Information Technology
and CIO at San José State University

Campus Community,

Some members of our campus were recently targeted by a sophisticated email attack. This email claimed to come from an SJSU employee, asking the recipient to open certain attachments and refund purchases.

This type of attack, called “spear phishing,” was an attempt by criminals to gain access to SJSU accounts. Phishing attacks have always been and continue to remain especially prevalent in higher education because of our inherent transparency. Spear phishing attacks take this tactic one step further, targeting specific individuals using specific scenarios that look and feel much more plausible. For example, attackers may claim to be the CEO or other executives attempting to trick Finance employees into sending money, even attaching fake invoices with seemingly-official logos and letterhead. Sometimes these spear phishing attempts happen via text, such as the infamous Gift Card Scam.

Here’s a tip to level up your account security: use Google’s applications, such as Gmail and Chrome, when accessing your @sjsu.edu account on mobile. It’s the best way to get the most out of Google’s security features associated with your SJSU account. 

As a rule, SJSU IT will never ask you for your login information via email.  SJSU IT will also never ask for you to “pivot” from email to SMS (text).  If an email or text message contains content you find questionable or references information you are unaware of, it’s a good idea to contact the sender yourself and verify the situation. Take a moment to call them on the phone.

Visit our website for more information on How to Spot a Phishing Attempt or to sign up for our ongoing phishing education program. You can also visit Google’s site to see how reporting phishing emails in Gmail helps prevent future attempts. If you believe your account may have been compromised, please email security@sjsu.edu immediately. 

Thank you to our Information Security Team for providing this tip and always working to keep our university protected. As always, the SJSU IT Service Desk is here to help by phone at (408) 924-1530 or online.

Thanks,
Bob Lim
Vice President for Information Technology
and CIO at San José State University

Dear Spartans,

At the end of every tip, I like to remind you that the SJSU IT Service Desk is always here to help. But here’s a tip for when you’re on campus: you can visit the Service Desk in person for on-the-spot help. 

Visiting the Service Desk is a great way to get quick help with logins, Duo, password resets, WiFi, accessing SJSU online resources, and more. The SJSU IT Service Desk is located in the Technology Lab on the first floor of Clark Hall.

Thank you Sharon Watkins, Lead Service Desk Support Specialist, for this tip. And of course, as always, the SJSU IT Service Desk is also here to help by phone at (408) 924-1530 or online as well.

Thanks,
Bob Lim
Vice President for Information Technology
and CIO at San José State University

Spartans,

Be technology ready this semester with a quick SJSU IT start-of-semester checklist. Here’s some things to double-check after the first week of Fall:

• Open up all the applications you use frequently and install any updates that might be waiting. Having mismatched or outdated versions of software can create technical and security problems.  It’s better to do it now than in the middle of class. 
• Visit the one.sjsu.edu app portal and explore many of the applications and services available to you as an SJSU student, such as MySJSU, MyGPS, Add/Drop Courses, and more. 
• Consider using an SJSU Zoom background for hybrid or remote courses. 
• Need technology equipment to achieve academic success? The SJSU IT Equipment Loaning Service has laptops, webcams, mics, mobile hotspots, major-specific gear, and more. Check our inventory at http://sjsu.edu/equipmentcheckout. 
• SJSU offers essential software at no cost for students. Take a minute to download something you need or something that just looks interesting. There are LinkedIn Learning courses available to get you familiar with new software. 

For this tip, I want to thank all of the student staff at the SJSU IT Service Desk for this tip and for supporting our university every day. As always, the Service Desk is here to help by phone at (408) 924-1530 or online.

Thanks,
Bob Lim
Vice President for Information Technology
and CIO at San José State University

Campus colleagues,

Here’s a tip for Duo Multi-Factor Authentication (MFA): SJSU IT provides hardware tokens (key fobs) as an alternative to authenticating with your phone. The key fob is a good option for folks without a mobile device, with an older mobile device, or who need to minimize device usage. It generates a random six digit code used for verification. A different code is generated for each login attempt.

To request a key fob, contact the SJSU IT Service Desk by phone at 408-924-1530, in person, or online. Once you’ve put in a request, the SJSU IT Service Desk will let you know when your hardware token is ready to be picked up. Requesting a key fob will take more time than the self-service Duo Mobile app activation process. After your hardware token has been activated and issued to you, you will be prompted at each login to enter the special security code provided by your hardware token.

Thank you Celine Mingfield, Customer Service Specialist, and Sharon Watkins, Lead Service Desk Support Specialist,  for providing this tip to campus. As always, the SJSU IT Service Desk is here to help by phone at (408) 924-1530 or online.

Thanks,

Bob Lim
Vice President for Information Technology
and CIO at San Jose State University