Information Technology Services
Information Technology Services

Cyber Security Awareness Month 2015

October is Cyber Security Awareness Month!

National Cyber Security Month (NCSAM) is an annual event spanning several countries where governments and industries come together to promote safe internet practices. Educating the public on important issues ensures users are staying safe and secure online. Queen’s Information Technology Services (ITS) is proactive about putting cyber security measures in place to ensure that our hardware and networks are protected against cyber attacks.

We use technology everyday to perform work tasks, manage our finances and connect with loved ones. Cyber security matters to everyone, everyday. The more you know about Cyber Security, the better equipped you will be to protect yourself against attacks. Cyber Security Awareness Month is the perfect time to review your online safety practices and learn how to protect yourself in an ever-evolving online environment. 

Each week in October, ITS will be presenting an important topic to help users build their Cyber Security Survival Toolkit.  We will tell you about a cyber security risk and give you some tips and tricks to help you identify it.  

Visit this page daily to see a new Cyber Security Tip (posted on the left) or follow us on  ITQueensU Twitter to receive the tips.  Each week in October a new topic will be unlocked with new tips and tricks to add to your toolkit.

toolkit iconCyber Security Survival Toolkit

Educating yourself about cyber security is like building a toolkit of internet safety. The more you know, the better you are equipped to protect yourself against attacks.

  • Visit this page daily to see a new Cyber Security Tip posted on the left, and
  • Check back each week in October as ITS will be revealing a new tool to help campus users build their Cyber Security Survival Kit in order to protect themselves and their data.


Week One: Phishing

Week One - Phishing Awareness

What is Phishing?

Phishing is a form of identity theft where victims are lured into giving away sensitive information, usually through email. Messages are designed to look like they are coming from trusted businesses, like schools, banks or government agencies. Often they are trying to steal your identity or login credentials to gain access to your accounts and to use them to commit other crimes.

How to Identify Phishing Scams

The best way to avoid being a victim of a phishing attack is to know how to protect yourself.
Read our Phishing Samples page for a few examples of phishing emails seen in circulation at Queen's.

Tips and Tricks

Three quick tips to help spot a phishing email.
Watch out for ...

  1. An urgent request for information
  2. "Fishy" links, attachments or email addresses
  3. Errors and inconsistencies

phishing scam imagePhishing Quiz

It is estimated that Queen's University sends and receives over 200,000 emails everyday. Some of these messages are legitimate while many others are fraudulent. Take the "Phishing Scams - Avoid the Bait" quiz to see if you can spot the phishing attempts.


Test your knowledge:
Try your hand at the SonicWall Phishing IQ Test..

phishing imageSecurity Video

Video: The Internet's Most Wanted: The Phisherman.


This video by Microsoft Safer Online will help you recognize phishing scams. Check it out!



Week Two: Mobile Device

Week Two - Mobile Security

Mobile Device Best Practices

We use our mobile devices to stay in touch, take pictures, shop, bank, listen to music, connect through social media and work flexibly away from the office. Whether used personally or professionally, these devices often contain sensitive or confidential data.

Tips and Tricks

Help keep your phone secure by following these guidelines:

  1. Use a password or PIN to keep your device locked and your data from being easily accessed by others.
  2. Install updates to your system and/or applications; they often fix reported bugs or security vulnerabilities, not just functionality.
  3. Make sure the auto-lock feature is enabled so that your device is locked when not in use. Usually this is automatic when you set a password or PIN, but you can sometimes control the amount of time before it locks automatically in your device's settings.

For more helpful guidelines to protect yourself when using your mobile device, visit our Mobile Device Best Practices page.



Week Three: Social Media

Week Three - Social Media Security

Social Media Best Practices

With the popularity of social media sites like Facebook and LinkedIn, it has become almost second nature to post personal information online without questioning where that information could go and who could potentially have access to it.

Tips and Tricks

Here is a list of preventative measures you can take to stay safe on social media sites:

  1. Never give anyone your password and always use a strong password that can't be easily guessed.
  2. Only add people you know and trust to your social networks. Adding people you don't know as friends or connections opens the potential that these unknown users might be trying to steal your information.
  3. Limit what you share publicly. Don't put too much personal information online, including your public profile. Details like your date of birth, home address, phone number and family relationships can be used to steal your identity. Try a Google search for yourself and find out what your profile looks like to someone who isn't logged in.
  4. Check the privacy settings for your account to control what people can see. Many sites set their default privacy controls very low, which means you could be sharing personal details with people you wouldn't normally (including current or potential employers).

For more helpful guidelines to protect yourself when using social media, visit our Social Media Security page.

security video iconSecurity Video

Video: Heads Up: Stop. Think. Click.


This video by will help you stop and think before you click on social media. Check it out!



Week Four: Encryption


Week Four - Encryption

What is Encryption?

Encryption is a systematic way of scrambling the information on a device or hard drive to prevent unwanted access to that information. Desktops, laptops, tablets, phones and external USB drives can be encrypted.

Tips and Tricks

Here is a list of preventative measures you can take to stay safe:

  1. A login password or screen saver password is NOT encryption.
  2. Buying a new computer?  Make sure you can encrypt it.
  3. Make sure your new computer has a Trusted Platform Module (TPM) microchip. Computers that have a TPM have the ability to create a cryptographic code that requires an encryption key to unlock at the initial stage of the computer's startup process.
  4. If your computer does not have an TPM chip you may still be able to encrypt the hard drive. Visit the IT Support Centre for more information.
  5. If you are emailing Queen's files that contain sensitive or personal information, those files must be encrypted.


What is your responsibility?

  1. Encryption policies should be reviewed with new employees and current employees at least once a year.
  2. Take the Information Security Awareness Course offered on Moodle. (Login using your NetID).

For more helpful guidelines to protect yourself, visit our Encryption Service page.



Free Cyber Security Resources:

For more information about Cyber Security Awareness Month and protecting yourself online, check out these valuable sites.

Additional Online Tools and Resources:

Queen's faculty, staff and grad students are licensed to use Microsoft System Center Endpoint Protection (SCEP) for antivirus as well as spyware and adware protection. ITS recommends that students use Windows Security Essentials to keep their devices protected. The following resources are meant for additional information and are not supported by Queen's ITS.