VIU Aerial View

SecureIT Logo

Secure I.T. is an initiative to inspire the VIU community to engage with and control their information security at work, at home, and on the road.

Secure I.T. Highlights

Fall is in the air! Which means a spike in generic and targeted phishing aimed at the education sector. VIU is no exception as we are seeing a significant increase in attempts. Cyber criminals are working overtime, so please be extra cautious with emails asking for your information. 

Email Safety Tips

Look for the VIU ‘external email’ banner. It means you should exercise extra caution before clicking on any links.

Don’t buy into the urgency. If the sender is in a desperate rush for whatever they are asking you to do, that’s a good sign they don’t want you to have time to think.

Double check the email address. Scammers often try to make it look like it’s from VIU, or a reputable organization, even when it isn’t. For example person-viu@gmail.com.

Confirm the sender and the request through other methods of communication. Scammers will say no to phone calls, Teams calls, video calls, or in-person conversations. 

Don’t buy gift cards. VIU employees will NOT ask you to purchase gift cards over email.

When in doubt, play it safe. Think twice before sharing personal information or credit card details, giving financial information, changing your password, etc.

I received a scam email! What should I do?  

  1. Forward the email as an attachment to the IT Service Desk with a note that it is a suspicious email.
  2. If you replied to the e-mail and...
    1. Didn’t do anything else. Great! No further action is required.
    2. Provided your username/password. Go and change your password right away!
    3. Downloaded or installed something on your computer. Turn that computer off immediately and call the IT Service Desk at 250-740-6300.
    4. Purchased something for the attacker with your P-Card? Contact VIU Procurement Services as soon as possible!  
    5. Purchased something on a personal credit card/Cash/Debit/Bitcoin? Follow the guide at the Canadian Anti-fraud Centre for your next steps. 

Please direct any questions to the VIU IT Service desk. You can contact us by phone (250-740-6300) or email (ithelp@viu.ca).

The following sections contain information related to the Secure I.T. initiative:

  • Why Secure I.T.? Find out why information security is everyone's responsibility.
  • Secure I.T. Highlights - Archive - Check out Secure I.T. Highlights from previous months.
  • Secure I.T. Training,  Workshops and Handouts contains specific information about VIU's new information security awareness initiatives.
  • Additional Resources contains links to lots of other useful resources, including recent security threats, so you can ensure all your computer and information technology is secure.
  • Help Secure I.T. if you think there is a computer or information security issue, contact the IT Service Desk 

Every member of the VIU Community has access to sensitive information such as student records, financial data or your own personal data.

Students

Information Security is a core element of good digital citizenship. As a student you benefit from access to many resources provided by the University, including internet access, computer labs, and library resources. It is up to you to use all of these resources responsibly, and to respect the rights of other students to access the same resources. 

Faculty

Information security contributes to a safe learning environment. As an instructor, you handle confidential and sensitive data such as student records, grades, accessibility and disability information, and exams. You also have access to VIU systems like Unit4 HRIS and FIS, email, Wi-Fi, classroom computers and computer labs. Because of that, it is important that you understand how to protect the information and systems that you can access.

Employees

Information Security is a shared responsibility. As a VIU employee, you have a central role in information security. You work with VIU’s data every day, and you have access to sensitive systems like Unit4 HRIS and FIS, email and WiFi. You might have access to very confidential information like student records, hiring information, or even health information. Because of that, it is important that you understand how to protect the information and systems that you can access.

Technical

Secure technology lifecycle starts and ends with an IT Professional. Information Technology professionals play key role in assuring the confidentiality, integrity, and availability of information and technology at VIU. Developers are responsible for integrating security into the development lifecycle; system administrators are responsible for maintaining our systems; and, support personnel are responsible for responding to, and remediating incidents as they occur.

Leaders

Anyone can be an Information Security leader.

Secure I.T. Vision

To have a stable, resilient, approachable information security environment that gives the VIU community the freedom to perform their jobs, learn, and undertake research to meet the university's Mission. To inspire the VIU community to engage with and control their information security at work, at home, and on the road.

August 2022 Secure I.T. Highlights

Sunshine, surfing, and social, oh, my! With summer vacation and staycation plans, you might feel tempted to share the latest and greatest events on social media. But social media communication is not done without risk.

Connect and practice safe social this summer with these social media security tips:

Ready to show off your social media chops, try the August Summer Social Media Security Quiz!

More resources for protecting you and your social media.

July 2022 Secure I.T. Highlights

As George Gershwin said - It's summertime and the livin' is easy. It also means many of us will be traveling. Whether that’s a road trip or flying, it’s important to stay secure while you roam away from home.

Be a smart packer:

Be a savvy traveller:

  • Be mindful of your surroundings when using your devices in a public space – watch out for shoulder surfers and eavesdroppers.
  • Don’t use public USB charging stations with a provided charging dock or cable, these may be unsafe. Always use your own charger cable and power adaptor.
  • Keep your devices with you at all times – in a secured pocket, purse, or backpack. Use secure facilities (i.e., a car trunk, or hotel safe (not a room safe)) to store them if you can’t carry them with you.
  • Stay protected while connected - Stop auto-connecting, and make sure to use secure wi-fi connections (especially for sites and applications that require credentials).
  • Play hard to get - Don't make it easy for the bad guys by posting too much on social media. This lets thieves know your location and that you are out of town.

Give the July Travel Security Quiz a try to see if you are ready for the holidays.

More resources for safe and secure travels:

June 2022 Secure I.T. Highlights

PHISH HAPPENS. Don’t take the Bait!

Phishing attacks are one of the most common online scams around. Taking the bait can lead to loss of funds (both personal and VIU), and breaches of personal, health, or financial information. And if that wasn't bad enough, phishing is now one of the primary entry points for ransomware.

  • Don’t get reeled in, get cyber safe.
    • Be vigilant about staying cyber secure.
    • Be aware that phishing has various forms, including:
      • spear phishing (phishing that targets specific individuals or groups),
      • vishing (voice phishing conducted over the phone), and
      • smishing (phishing that occurs via text or instant messaging).
  • Watch for phishing red flags like:
    • Urgent or threatening language
    • Unexpected delivery notices or receipts
    • Strange links or attachments
  • Keep a weather eye on phishing bait that:
    • Tries to scare you or put you in a panic with threats:
      • “Your most recent payment was REJECTED.” or “We will pursue LEGAL ACTION if you do not respond.”
    • Promises money or a reward – too good to be true:
      • “Special LIMITED-TIME Offer!” or “YOU have won a FREE VACATION!” 
    • Appeals to your kindness:
      • “Hey, I’m stuck in Mexico and I’ve lost my passport and wallet.” or “Please help this holiday season.”
    • Asks you to verify or update your information, then pretend to be a trusted organization:
      • “Please update you Microsoft account information.” or “Please take a second to verify your Paypal account.”
    • Appeals to your curiosity by trying to trick you, like leaving an USB in a parking lot that infects your computer once you plug it in.

Don’t take the Bait!

Ready to test your skills - try the June Phishing Quiz!

May 2022 Secure I.T. Highlights

Be a cyber security superhero!

It’s May and the movie theatre isn’t the only place to see superheroes in action. Become a Cyber Security Superhero and stop the villains with these tips:

Ready for a bigger challenge - try the NEW Cyber Security Superhero quiz!

April 2022 Secure I.T. Highlights

(with thanks to Lord Tennyson)

In the spring a young person's fancy lightly turns to thoughts of…SPRING CLEANING.

There’s junk all over your home… You’re staring at a bunch of things you’re not sure you’ll ever use again...and that’s just on your smartphone! It’s time to shake off the late winter blues and reinvigorate your tech. That's right, spring is the perfect time to:

Looking for more, give the NEW Spring Cleaning quiz a try.

March is Fraud Prevention Month

Fraud - the more it changes, the more it stays the same.

Phishing, the Gift Card Scam, spoofing an email address, a text pretending to be your boss - call it what you will but this type of scam cost Canadians $54 Million last year.  The good news is that the majority of frauds can be prevented by identifying the methods used by fraudsters.

How can I protect against Fraud?

  • STOP, THINK, then ACT.
  • Be Politely Paranoid
    • If you didn't initiate contact, you don't know who you're communicating with
    • Don’t be afraid to ask for credentials or confirm claims BEFORE you agree to anything
  • Watch for email warning signs, like
    • Urgent or threatening language
    • Unexpected delivery notices or receipts
    • Strange links or attachments

Real examples of fake emails

Try out the NEW Fraud Prevention quiz!

The war in Ukraine is also being waged online, phishing from Russia jumped 8-fold on Feb 27th.  
Protect yourself from this new wave of phishing attacks.

February 2022 Secure I.T. Highlights

Fall in Love with Cyber Security! 

 red heartLove is in the air this February! Show your friends and family you care by falling in love with cyber security and adopting these practices:

February 8th is Safer Internet Day
Making the Internet safe for everybody takes everybody.

February 14th is National Clean Out Your Computer Day
Take some time out of your day to do some basic housekeeping on your computer.

January 2022 Secure I.T. Highlights

Simple Cyber Security Resolutions for 2022

As we move into a new year, it is important to make sure that your cyber security knowledge is sharp and up to date. Please take a moment to look at the following to ensure that you have a cyber secure 2022.

January 28th is Data Privacy Day - Manage your online privacy by taking a few small actions.

December 2021 Secure I.T. Highlights

You, are your first line of defense to keep your data safe at work and at home. Before entering any personal information, or clicking on a link, be confident it is from a legitimate source. Take a moment to look at these tips and tricks:

Past Cyber Security Awareness Month Highlights

Check out the fun activities planned for this year's Cyber Security Awareness Month 2021!

Take the opportunity to revisit the activities and links that were planned for Cyber Security Awareness Month 2020.

Did you know that there's a VIULearn course that has been setup for Secure I.T. Training? Take the Information Security and Awareness Course that's available on VIULearn using your VIU Employee Account Credentials. 

Check out the BC Government's Information Security Awareness site for all sorts of information, videos, updates, and the occasional contest.

Get Cyber Safe is a national public awareness campaign created to inform Canadians about cyber security and the simple steps they can take to protect themselves online.

Do you have Media Smarts? Canada's Centre for Digital and Media Literacy offers many resources including free digital skills workshops to help people learn more about using technology in their everyday lives.

So - You want to be a Cyberhero? With access to the Terranova Cyber Security Hub, you’ll have access to a variety of valuable content, including important kits on Ransomware, Phishing, infographics for parents and seniors and even a detailed breakdown of COVID-19 related threats.

Have one of your account passwords been exposed in a breach? Check out Have I Been Pwned? Is the new password you selected as secure as you think? Check Pnwed Passwords.

Answer a few simple questions to get personalized online safety recommendations from the  CR Security Planner
It's confidential - no personal information is stored and they don't access any of your online accounts.

Upcoming Security Events