News

ISO hosts October program

By Amanda Cole  |  Oct 27, 2008

October is National Cybersecurity Awareness Month, and the Information Security Office (ISO) has a full program planned. Each of their activities include chances to win prizes and, for some, to gain amnesty for bandwidth and copyright violations.

Mary Ann Blair, director of ISO, believes that the most important thing to focus on is awareness and educating the campus community about securing their information and avoiding prosecution for copyright infringement.

The first event that the ISO has planned specifically for students happens today in McConomy at 4:30 p.m. and focuses on intellectual property and copyright issues. The presentation, “iSafe Music Rules: Learn B 4 U Burn,” will discuss illegal downloading and ways to acquire intellectual property legally. Blair sees this as perhaps the most important event for students.

“Students as individuals are on the hook for their online peer-to-peer file sharing. The ISO as the agent is responsible for identifying these folks [based on IP addresses] and relating to them the cease and desist notices,” she said. Blair also emphasized, however, that the university will not provide students’ names to the prosecuting companies unless they are presented with a subpoena.

When students are presented with cease and desist notices, as well as when they exceed the bandwidth limitations for the network, they lose network connectivity for a specified amount of time. This week, however, students who have lost their network privileges have a chance to regain them without the wait.

Two events sponsored by the ISO, today’s iSafe presentation and Wednesday afternoon’s talk about unhacking Windows, are geared specifically toward students. If students who have lost network privileges attend these events, they will be granted amnesty. In addition, attending the events can provide an opportunity to win prizes like iTunes gift cards.

The talk about unhacking Windows will focus on methods used to remove malware from personal computers. The ISO has made one particular program, Identity Finder, that is available to protect the personal information of the campus community. Although currently available only for Windows, a Mac version is in the works, and Mac users can run the program using Parallels. Identity Finder searches for personal information stored on the computer and offers the user options for how to deal with it. Users can choose to delete the information, quarantine it, or password protect it for safety.

Blair offered additional tips for students to keep their information safe. She recommends changing passwords once each semester, and reminds students to choose strong passwords of at least eight characters. The ISO currently does not enforce these password recommendations, but is looking at this in the future.

Besides securing this information, Blair said that students should be careful about what they post on popular social networking sites like Facebook.

“Anything you put on the web, believe that it will be there forever,” she said.

Alessandro Acquisti, a professor of information technology and public policy at the Heinz College, agreed, but also recognized that students aren’t completely to blame for their disregard of privacy.

“There is only that much that the individual can do,” he said. Acquisti, who assesses the issue based on theories of behavioral economics, believes that more of the burden should lie with site creators.

He said that the best solution to help users keep their information private is to “inform [them] about the consequences,” but he reinforced the idea that “the responsibility is not only on the user.” He added that there should be better legislation in place to protect certain kinds of data.

For more information on Cyber Security Awareness Month, including a schedule of events, or keeping your personal data secure, visit the ISO's website at (www.cmu.edu/iso).