The protection of information resources at McNeese State University is a high priority. The Information Security website is designed to educate the university community about technology policies and information security best practices, and equip students, faculty and staff with the tools needed to protect the information resources of the University, it's members and connected networks. McNeese State University is committed to implementing policies and encouraging best practices that do not impose on the University's established culture of openness, trust, and integrity.
Please read the Policies, Guidelines, and Laws Relating to Information Security.
McNeese will NEVER ask for account information via email. Messages about quotas, upgrades or maintenance are likely Phishing attempts.
Adobe Flash continues to be plagued by vulnerabilities
Calls to Retire Adobe Flash Player
The new Facebook Chief Security Officer has tweeted
that, "It is time for Adobe to announce the end-of-life date for Flash."
Password Day 2015
Are you as clever as you think?
Data breaches make the news almost daily
. If your passwords are easily crackable, your accounts may already be compromised. If you do not regularly change your passwords or use the same password for multiple accounts, you are at even greater risk. You (or others
) can check if your credentials have appeared on password dump sites with minimal effort. Upgrading your password now is easy and can save you a lot of trouble later.
- Make long and strong passwords.
- Use unique passwords for every account.
Don't share your passwords.
- Use a password manager.
Change your passwords regularly.
Lock your mobile with a PIN or password.
Stop using one word passwords.
Guidance on security of printers, scanners and copiers
Replication Device Security
The National Institute of Standards and Technology has published the internal report, Risk Management for Replication Devices
. It provides guidance on protecting information processed, stored, or transmitted on replication devices (i.e. printers, scanners, copiers, multifunction devices).
The report addresses threats and vulnerabilities including:
- Default passwords and configurations
- Unencrypted data transmission or storage
- Access control - waste of resources, denial of service, unathorized storage
- Open ports/protocols
- Outdated and/or unpatched operating systems and firmware
- Compromise (e.g. use in botnet or as relay point)
- Physical security
The report also describes security considerations throughout the system development life cycle including:
- Initiation - how the device will be used
- Development/acquisition - the necessary capabilities
- Implementation - configuration of security controls
- Operation/Mainenance - performing updates/upgrades and identifying compromise