The protection of information resources at McNeese State University is a high priority. The Information Security website is designed to educate the university community about technology policies and information security best practices; and equip students, faculty and staff with the tools needed to protect the information resources of the University, it's members and connected networks. McNeese State University is committed to implementing policies and encouraging best practices that do not impose on the University's established culture of openness, trust, and integrity.
Please read the Policies, Guidelines, and Laws Relating to Information Security.
Internet Security Shouldn't Be A Volunteer Project
Heartbleed reveals our neglect of Internet security
The U.S. Government: Paying to Undermine Internet Security, Not to Fix It
by Julia Angwin ProPublica, April 15, 2014, 12:50 p.m.XKCD
The Heartbleed computer security bug is many things: a catastrophic tech failure, an open invitation to criminal hackers and yet another reason to upgrade our passwords on dozens of websites. But more than anything else, Heartbleed reveals our neglect of Internet security.
The United States spends more than $50 billion a year on spying and intelligence, while the folks who build important defense software, in this case a program called OpenSSL that ensures that your connection to a
CIS Cyber Security Advisory 2014 - 028
OpenSSL TLS 'heartbeat' Extension Information Disclosure Vulnerability
A vulnerability has been discovered in OpenSSL’s implementation of the TLS ‘heartbeat’ extension that could allow for the disclosure of sensitive information. OpenSSL is an open-source implementation of the SSL protocol used by a number of other projects. SSL (Secure Sockets Layer) is a protocol that ensures secure communication over the Internet via encryption. This issue could allow an attacker to compromise the private key and other sensitive data stored in memory.
Proof-of-concept code has been released. This vulnerability was first included in OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the issue. Software products known to be using OpenSSL are the open source web servers Apache and nginx.According to Netcraft's April 2014 Web Server Survey ( http://news.netcraft.com/archives/2014/04/02/april-2014-we
Published on Jul 25, 2013
As technology has evolved over the past two centuries, so have our expectations about privacy. This new digital world allows us to connect with each other with increasing ease, but it has also left our personal information readily available, and our privacy vulnerable. Cultural norms have pushed us all online, seemingly at the mercy of whatever terms of service are put before us...
"When internet fraudsters impersonate a business to trick you into giving out your personal information, it's called phishing. Don't reply to email, text, or pop-up messages that ask for your personal or financial information. Don't click on links within them either - even if the message seems to be from an organization you trust. It isn't. Legitimate businesses don't ask you to send sensitive information through insecure channels." - www.onguardonline.gov/phishing