Every member of the VIU Community has access to sensitive information such as student records, financial data or your own personal data.

Students

Information Security is a core element of good digital citizenship. As a student you benefit from access to many resources provided by the University, including internet access, computer labs, and library resources. It is up to you to use all of these resources responsibly, and to respect the rights of other students to access the same resources. 

Faculty

Information security contributes to a safe learning environment. As an instructor, you handle confidential and sensitive data such as student records, grades, accessibility and disability information, and exams. You also have access to VIU systems like Unit4 HRIS and FIS, email, Wi-Fi, classroom computers and computer labs. Because of that, it is important that you understand how to protect the information and systems that you can access.

Employees

Information Security is a shared responsibility. As a VIU employee, you have a central role in information security. You work with VIU’s data every day, and you have access to sensitive systems like Unit4 HRIS and FIS, email and WiFi. You might have access to very confidential information like student records, hiring information, or even health information. Because of that, it is important that you understand how to protect the information and systems that you can access.

Technical

Secure technology lifecycle starts and ends with an IT Professional. Information Technology professionals play key role in assuring the confidentiality, integrity, and availability of information and technology at VIU. Developers are responsible for integrating security into the development lifecycle; system administrators are responsible for maintaining our systems; and, support personnel are responsible for responding to, and remediating incidents as they occur.

Leaders

Anyone can be an Information Security leader.

Secure I.T. Vision

To have a stable, resilient, approachable information security environment that gives the VIU community the freedom to perform their jobs, learn, and undertake research to meet the university's Mission. To inspire the VIU community to engage with and control their information security at work, at home, and on the road.

September 2023 Secure I.T Highlights

🍂 Fall is in the air! That means pumpkin spiced lattes, cooler temperatures, and cyber criminals! ☕

Staying cyber safe means knowing who to trust online. Even the strongest security systems can be vulnerable when people are tricked into giving away sensitive information like login credentials  or account details.  Don’t take the bait from scammers!

💯 Think you know all the angles, try the NEW Social Engineering quiz!

We heard you got a new device 💻. Make sure you take a few quick steps to keep it cyber safe!

🐟 Are you prepared to fight phishing messages? Take the quiz and find out.

♥️🔒 2-Step Verification (2SV) has been great news for VIU technology and information security, but you still need strong and unique passwords to ensure all your accounts are safe. 

🍁Fall is a great time to make sure your home office is cyber secure!

🔐 Tips for staying safe while working from home - Get Cyber Safe

🔐 Stay Secure While You Work From Home - National Cybersecurity Alliance 

August 2023 Secure I.T. Highlights.

🎣Thinking of doing some fishing this summer?

So are the cyber criminals. Make sure you ruin a cyber criminal's day!

🎵There once was a phish that came to me. It was not a fish of the great blue sea.

From my bank it claimed to be. But it was a phishing message.

Yo-ho, what did it say? “A deposit was made in your account today”

But the sender’s email wasn’t OK. So I ruined that cyber criminal’s day🎵

🌴This summer why not take the Get Cyber Safe Challenge

Cyber security is easiest when it is in byte-sized pieces.

🍬 Use a strong password

🍬 Set up 2-Step Verification/Multi-factor authentication (MFA)

🍬 Update your system(s)

🍬 Secure your home wi-fi

😎 With summer wrapping up, now is a great time to make sure your home office is cyber secure!

🔐 Tips for staying safe while working from home - Get Cyber Safe

🔐 Stay Secure While You Work From Home - National Cybersecurity Alliance 

Myth: Cybercriminals take vacation ✈️🌴⛱️

Of course they don’t, but you might.

Stay cyber safe following some simple practices to keep your vacation plans free from cybercriminal meddling. 

For some light summer reading 📚, why not learn more about cyber myths and facts.

Traveling with mobile devices can pose risks to you and VIU - what you need to know about device security for travel and work abroad.

July 2023 Secure I.T. Highlights

🔓Oh no! You’ve been notified that your sensitive information has been stolen in a data breach!

Don’t give in to breach fatigue – there are important steps you should take now to make sure the damage is mitigated.

😈 Okay, you think you've been hacked, now what?

If you think your social media or personal email account has been hacked, wrestle it away from the bad guys by acting fast.

For your personal accounts look for the signs, protect your accounts and most importantly what to do if you are hacked.

If you think your VIU account has been hacked:

• Change your VIU password if you can
• Sign out of Microsoft 365 apps everywhere
• Advise the IT Service Desk 250-740-6300 or ithelp@viu.ca

☠️ Just when you thought it was safe to go back online.

Cyber criminals are impersonating government or law enforcement agencies to trick you into believing that a scam is legitimate.

• The Canadian Revenue Agency has sent me an e-transfer? Scam
• My SIN was used in a crime and I'm in big trouble? Scam

It is important to spot the signs of these crafty scams and how you can best protect yourself from losing personal information or money.

June 2023 Secure I.T. Highlights

June is Pride Month 🌈🏳️‍🌈🌈🏳️‍⚧️

Many 2SLGBTQIA+ people have found solace, solidarity, and community with others online. The internet was built to bring people together, even if it doesn’t feel like it sometimes. However, by adopting a few simple behaviors, you can keep yourself secure and protect your privacy.

No matter your sexual orientation or gender expression, you deserve to be online, and you are a valuable addition to our digital citizenry. Don’t let anyone or anything make you feel different!

Additional Resources: LGBT Tech encourages the continued early adoption and use of cutting-edge, new and emerging technologies by providing information, education and strategic outreach for LGBTQ+ communities.

🥱Tired of spring cleaning? Take a break and give your devices a good SCRUBing

• Secure your technology! Now that you use 2SV for your work account, perhaps you should secure your personal accounts too?
• Curate your accounts and devices. Does that app still spark joy? 
• Review - your Cyber Safe resources. Knowing is half the battle.
• Update - your software and devices! It’s one of the simplest ways to foil cyber criminals.
• Block - accounts that send you spam or Phish! Rid yourself, your devices, and your accounts of negativity.April/May 2023 Secure I.T. Highlights

The time to enroll in 2-Step Verification is Now!

Do you worry about the security of your personal data in our digital age?
2-Step Verification (2SV) is the #1 tool you can use to help secure your accounts. It is a proven, effective way to improve your security and frustrate cyber criminals.

Need some help enrolling in 2-Step Verification?
We've got you covered.
Check out one of our in-person 2SV drop-in enrolment sessions on the Nanaimo campus running until May 17th.
Cowichan campus! Look for our technicians to be on site May 3rd.

Thinking about requesting a hardware token for 2SV?
While you can easily enroll yourself in 2SV with your cell phone or the MS authenticator app in only a few minutes, hardware tokens take longer for IT to process and distribute to you.
Don't wait until the last minute, get your request in early! 

March 2023 Secure I.T. Highlights

🏆The Oscars may be happening in March, but that is no reason to roll out the red carpet for fraud. Fraud losses in Canada reach another historic level. The top three most reported types of fraud this past year were phishing, extortion and personal information scams. All designed to get you to pay or give away sensitive information like your Social Insurance Number, passwords or banking details.

Tricks of the Fraud Trade:

• What's in a fraudster's toolbox?
• Mass Marketing Fraud is on the rise - Fraud committed using mass media like telephone, mail, Internet and email.
• Avoid Search Engine Ad Malware! A new type of scam that is becoming increasingly popular.
• What's in your toolbox?
• STOP, THINK, then ACT.
• And most importantly - Enroll in 2-Step Verification the #1 tool you can use to secure your accounts.
•  Enroll early, you could win one of our monthly prizes. 

Feeling confident?  Give the 2023 Fraud Prevention quiz a try!

February 2023 Secure I.T. Highlights

💕This Valentine's Day give yourself the gift of cybersecurity. 💕

Roses are red, violets are blue, and we all know that not everything – or everyone – online is true. 

• So be a little mysterious - don't share too much.

• Don't get too personal out in public - Surf Safe on Public Computers and Wi-Fi

• Freshen up those cyber skills! Take one of our quick and fun I.T. Security Awareness courses. The #1 reason to take the training - you’ll learn how to better protect yourself and your family.
• And most importantly, show your password you care! Set up 2-Step Verification now for a chance to win one of our Monthly prizes.

♫ 'Cause the phishers gonna phish, phish, phish, phish, phish

And the scammers gonna scam, scam, scam, scam, scam

I'm just gonna lock, lock, lock, lock, lock

Lock it down

Lock it down ♫

January 2023 Secure I.T. Highlights

Make Cyber Security your New Year's resolution.

It is time to start 2023 off right with some fresh, new, security habits.

• Freshen up those cyber skills! Take one of our quick and fun I.T. Security Awareness courses. The #1 reason to take the training - you’ll learn how to better protect yourself and your family.
• The bad guys didn't take a holiday. Stop and THINK before clicking on ANY link or attachment in an email, text, or instant message.
• Is your password so last year? Freshen it up with a new strong and secure password.
• Say yes to secure connections in 2023. Use a Virtual Private Network (VPN).
• New year, new devices. Keep them safe and updated.
• Give your password its own password with 2-Step Verification (2SV). 2SV is the #1 tool you can use to help secure your accounts. 2SV at VIU is now available for all faculty and staff.  Enroll now and you could also win a prize!
• Challenge yourself with the NEW Cyber Security Resolutions quiz!

Your Data is Valuable. No really, it is!

Even if you don’t agree, all your online activity generates a trail of data, data that tells the story of you. Data that many organizations and groups would pay top dollar for, and they don’t have your best interests in mind.

January 22 - 28, 2023 is Data Privacy Week. You can control how you share your data with a few simple steps:

• Be an online privacy snob aka Why does this Solitaire app need to know where I live?
• Learn how to manage your data privacy
• Adjust privacy settings to your comfort level
• Keep your bits to yourself: Defend your privacy on social media
• Make Cyber Security your New Year's resolution!

And most importantly - Secure your Accounts - Enroll in VIU's 2-Step Verification!

December 2022 Secure I.T. Highlights

It’s the most wonderful time of the year…for cyber attackers.  Make sure you and your devices have a cyber safe holiday.

• Cyber security is a gift that never goes out of style. Whether you’re giving a gadget, receiving one, or treating yourself these holidays, make sure you are being Cyber Safe.
  • Get Cyber Safe Gift Guide with helpful tips on securing the latest tech
  • We heard you got a new device - take steps to keep your device safe
  • And be sure to check out these Online Shopping Security Tips
• How about these highlights from the Get Cyber Safe Holiday album
  • ♫Oh trip for free, won the lottery, sounds like a phishing message to me♫
  • ♫O giga-byte, a suspicious file warning. I clicked then my luck went from bad to worse ♫
  • And don't miss out on the Festive Yule firewall channel
• Come one, come all, and gather around the gram’ for the tale of when Santa fell for a phishing scam.
  
  • Give the Holiday Scam Quiz a try to see if you are better prepared than Santa.
• Keep your private information private
  • Use a unique and strong password for each of your personal and professional devices, accounts and applications
  • 2-Step Verification (2SV) is coming to VIU in 2023. An extra layer of security for your accounts that can help keep you and your information safe.

• Spread some holiday cheer this year by building a Gingerbread Home Network!

• If you’ve ever felt like you needed a holiday after the holidays, we have one for you: Unboxing Day! Unboxing Day takes place on December 27th and is easy to celebrate. If you received or treated yourself to a new device this holiday, use Unboxing Day to unbox your new gadget and set it up to be cyber secure.

November 2022 Secure I.T. Highlights

Hallowe'en is barely behind us and already the stores are ready for the holidays. Don’t let the bad guys cash in on poor online shopping security habits. Here are some online shopping security tips to follow:

• Make sure that the website that you are buying from is that company’s actual website.
  • If you are shopping on a website you have not purchased from before, verify the seller using a tool, such as Google Safe Browsing. This will help you ensure you are buying from a real online store and that there are no threats on the page.

• Become a confident online shopper and shop using a secure wi-fi connection, such as your private at-home wi-fi or a friend/family member’s private at-home wi-fi.
  • Do not shop online using unsecure public wi-fi connections (wi-fi connections that are open to everyone and do not require a password, or special login or screening process). Also, consider more secure payment methods, like virtual credit cards, which let you generate a single use number and specify the vendor who can accept payment.

• Update your operating system and antivirus software regularly.
  • This ensures your device is protected against malware and other cyber threats that emerge such as keyloggers that could steal your passwords and payment details. 

• You should use a unique and strong password for each of your personal and professional devices, accounts and applications.
  • That way, if one of these devices, accounts, or applications is compromised, your other devices, accounts or applications will be better protected from cyber attackers. A strong password should be complex and use a combination of upper and lowercase letters, numbers and symbols. Consider using a password manager to store your complex password and never reuse passwords.

• Too much reading? Check out the 5 Cyber Security Tips for Online Shopping video.

Have you got what it takes to be a secure online shopper? Then try the Online Shopping Quiz!

Cyber Month is over, but you can still learn to ruin a cyber criminal's day.

October 2022 Secure I.T. Highlights

Are you ready to fight Phishing? October is Cyber Security Awareness Month and we at VIU are proud to partner with Get Cyber Safe as champions to help you stay safe online.

Knowing how to spot a phishing message can be difficult if you aren’t sure what signs to look for. After all, cyber criminals are skilled at tricking their victims into giving up sensitive information.

That’s why the best way to fight phishing is to arm yourself with knowledge. Understanding phishing and the signs to look for will help you to protect your personal data from would-be cyber criminals.

So, for Cyber Month '22 - Fight phishing: Ruin a cyber criminal's day!

Each week in October we will be updating content to help you prepare yourself against, or recover from, all types of phishing. Also, keep an eye out during week 3 to learn how to enter the VIU Cyber Month '22 Challenge!

September 2022 Secure I.T. Highlights

Fall is in the air! Which means a spike in generic and targeted phishing aimed at the education sector. VIU is no exception as we are seeing a significant increase in attempts. Cyber criminals are working overtime, so please be extra cautious with emails asking for your information. 

Email Safety Tips

Look for the VIU ‘external email’ banner. It means you should exercise extra caution before clicking on any links.

Don’t buy into the urgency. If the sender is in a desperate rush for whatever they are asking you to do, that’s a good sign they don’t want you to have time to think.

Double check the email address. Scammers often try to make it look like it’s from VIU, or a reputable organization, even when it isn’t. For example, person-viu@gmail.com.

Confirm the sender and the request through other methods of communication. Scammers will say no to phone calls, Teams calls, video calls, or in-person conversations. 

Don’t buy gift cards. VIU employees will NOT ask you to purchase gift cards over email.

When in doubt, play it safe. Think twice before sharing personal information or credit card details, giving financial information, changing your password, etc.

I received a scam email! What should I do?  

1. Forward the email as an attachment to the IT Service Desk with a note that it is a suspicious email.
2. If you replied to the e-mail and...
1. Didn’t do anything else. Great! No further action is required.
2. Provided your username/password. Go and change your password right away!
3. Downloaded or installed something on your computer. Turn that computer off immediately and call the IT Service Desk at 250-740-6300.
4. Purchased something for the attacker with your P-Card? Contact VIU Procurement Services as soon as possible!  
5. Purchased something on a personal credit card/Cash/Debit/Bitcoin? Follow the guide at the Canadian Anti-fraud Centre for your next steps. 

Please direct any questions to the VIU IT Service desk. You can contact us by phone (250-740-6300) or email (ithelp@viu.ca).

August 2022 Secure I.T. Highlights

Sunshine, surfing, and social, oh, my! With summer vacation and staycation plans, you might feel tempted to share the latest and greatest events on social media. But social media communication is not done without risk.

Connect and practice safe social this summer with these social media security tips:

• Prepare your devices
• Adjust your privacy settings. Here are some guides on how to set your privacy settings for Facebook, Instagram, Twitter, LinkedIn and many others.
• Keep private information private.
• Do not post in real time – wait until you return home
• Connect with Care
• Forget fake news, it is all about scams on social media.
• Stop. Think. Connect.

Ready to show off your social media chops, try the August Summer Social Media Security Quiz!

More resources for protecting you and your social media.

• National Cybersecurity Alliance - Social Media

July 2022 Secure I.T. Highlights

As George Gershwin said - It's summertime and the livin' is easy. It also means many of us will be traveling. Whether that’s a road trip or flying, it’s important to stay secure while you roam away from home.

Be a smart packer:

• Only take required devices with you
• Update your applications and devices
• Lock your device (with a unique PIN, password or passphrase)
• Use multi-factor authentication on your devices, applications and accounts
• Back up your data before you leave.

Be a savvy traveller:

• Be mindful of your surroundings when using your devices in a public space – watch out for shoulder surfers and eavesdroppers.
• Don’t use public USB charging stations with a provided charging dock or cable, these may be unsafe. Always use your own charger cable and power adaptor.
• Keep your devices with you at all times – in a secured pocket, purse, or backpack. Use secure facilities (i.e., a car trunk, or hotel safe (not a room safe)) to store them if you can’t carry them with you.
• Stay protected while connected - Stop auto-connecting, and make sure to use secure wi-fi connections (especially for sites and applications that require credentials).
• Play hard to get - Don't make it easy for the bad guys by posting too much on social media. This lets thieves know your location and that you are out of town.

Give the July Travel Security Quiz a try to see if you are ready for the holidays.

More resources for safe and secure travels:

• Cyber security while travelling (Government of Canada)
• Cybersecurity Tips for a Safer Vacation

June 2022 Secure I.T. Highlights

PHISH HAPPENS. Don’t take the Bait!

Phishing attacks are one of the most common online scams around. Taking the bait can lead to loss of funds (both personal and VIU), and breaches of personal, health, or financial information. And if that wasn't bad enough, phishing is now one of the primary entry points for ransomware.

• Don’t get reeled in, get cyber safe.
• Be vigilant about staying cyber secure.
• Be aware that phishing has various forms, including:
• spear phishing (phishing that targets specific individuals or groups),
• vishing (voice phishing conducted over the phone), and
• smishing (phishing that occurs via text or instant messaging).
• Watch for phishing red flags like:
• Urgent or threatening language
• Unexpected delivery notices or receipts
• Strange links or attachments
• Keep a weather eye on phishing bait that:
• Tries to scare you or put you in a panic with threats:
• “Your most recent payment was REJECTED.” or “We will pursue LEGAL ACTION if you do not respond.”
• Promises money or a reward – too good to be true:
• “Special LIMITED-TIME Offer!” or “YOU have won a FREE VACATION!” 
• Appeals to your kindness:
• “Hey, I’m stuck in Mexico and I’ve lost my passport and wallet.” or “Please help this holiday season.”
• Asks you to verify or update your information, then pretend to be a trusted organization:
• “Please update you Microsoft account information.” or “Please take a second to verify your Paypal account.”
• Appeals to your curiosity by trying to trick you, like leaving an USB in a parking lot that infects your computer once you plug it in.

Don’t take the Bait!

Ready to test your skills - try the June Phishing Quiz!

May 2022 Secure I.T. Highlights

Be a cyber security superhero!

It’s May and the movie theatre isn’t the only place to see superheroes in action. Become a Cyber Security Superhero and stop the villains with these tips:

• Stay vigilant when using email and don't fall for phishing scams!
• Does it seem too good to be true? It probably is.
• Protect yourself and those around you with long passwords!
• Make each password unique. If the bad guys find out one password you don't want them getting into all your accounts.
• Power-up your security by using multi-factor authentication to log in!
• Many websites and services offer this option, and it protects you even if your password gets breached.
• Defend against attackers by updating your devices regularly!
• By updating regularly, you eliminate vulnerabilities in your devices and protect yourself from threats.

Ready for a bigger challenge - try the NEW Cyber Security Superhero quiz!

April 2022 Secure I.T. Highlights

(With thanks to Lord Tennyson)

In the spring a young person's fancy lightly turns to thoughts of…SPRING CLEANING.

There’s junk all over your home… You’re staring at a bunch of things you’re not sure you’ll ever use again...and that’s just on your smartphone! It’s time to shake off the late winter blues and reinvigorate your tech. That's right, spring is the perfect time to:

• Have a backup plan for your data
• Give yourself a digital makeover
• Dump those unused programs and apps. It is also a great time to check your app permissions.
• Declutter your digital data
• Freshen up that old password

Looking for more, give the NEW Spring Cleaning quiz a try.

March is Fraud Prevention Month

Fraud - the more it changes, the more it stays the same.

Phishing, the Gift Card Scam, spoofing an email address, a text pretending to be your boss - call it what you will but this type of scam cost Canadians $54 Million last year.  The good news is that the majority of frauds can be prevented by identifying the methods used by fraudsters.

How can I protect against Fraud?

• STOP, THINK, then ACT.
• Be Politely Paranoid
• If you didn't initiate contact, you don't know who you're communicating with
• Don’t be afraid to ask for credentials or confirm claims BEFORE you agree to anything
• Watch for email warning signs, like
  • Urgent or threatening language
  • Unexpected delivery notices or receipts
  • Strange links or attachments

Real examples of fake emails

Try out the NEW Fraud Prevention quiz!

The war in Ukraine is also being waged online, phishing from Russia jumped 8-fold on Feb 27th.  
Protect yourself from this new wave of phishing attacks.

February 2022 Secure I.T. Highlights

Fall in Love with Cyber Security! 

 Love is in the air this February! Show your friends and family you care by falling in love with cyber security and adopting these practices:

• Make sure it is true (love). Don't fall for phishing scams, especially those that manipulate your emotions. 
• Create some mystery. Limit the personal information you share on apps and social media.
• Practice safe…online shopping. Watch out for fake shopping sites.
  Watch “5 Cyber Security Tips for Online Shopping” video.

February 8th is Safer Internet Day
Making the Internet safe for everybody takes everybody.

February 14th is National Clean Out Your Computer Day
Take some time out of your day to do some basic housekeeping on your computer.

January 2022 Secure I.T. Highlights

Simple Cyber Security Resolutions for 2022

As we move into a new year, it is important to make sure that your cyber security knowledge is sharp and up to date. Please take a moment to look at the following to ensure that you have a cyber secure 2022.

• Say yes to secure connections. Use a Virtual Private Network (VPN).
• Say no to weak passwords. Create and use strong and secure passwords.
• Say woah before clicking. Pause and Think before clicking on ANY link or attachment from an email, IM, text, chat, etc.
• New for 2022 - Challenge yourself with the Cyber Security Resolutions quiz!

January 28th is Data Privacy Day - Manage your online privacy by taking a few small actions.

December 2021 Secure I.T. Highlights

You are your first line of defense to keep your data safe at work and at home. Before entering any personal information, or clicking on a link, be confident it is from a legitimate source. Take a moment to look at these tips and tricks:

• Phishing: Don't get reeled in
• Become a confident online shopper
• 5 Cyber Security Tips for Online Shopping (3 min video)
• New Gift Card Scam Awareness quiz!

Past Cyber Security Awareness Month Highlights

Check out the fun activities planned for this year's Cyber Security Awareness Month!

Take the opportunity to revisit the links from previous Cyber Security Awareness Months.

Did you know that there's a VIULearn course that has been setup for Secure I.T. Training? Take the Secure I.T. Security Awareness and Training that's available on VIULearn using your VIU Employee Account Credentials. 

Why take the training:

#1 You’ll learn how to protect yourself and your family.

Also...

• Information security contributes to a safe learning environment.
• Information security is a core element of good digital citizenship.
• Information security is a shared responsibility.

There are four Courses.

• Secure I.T. 100 – Information Security Essentials for VIU *NEW*
• Secure I.T. 101 – Security Awareness Foundations
• Secure I.T. 102 – Security Awareness  for Flexible Work
• Secure I.T. 201 – Advanced Security Awareness

When you successfully complete all four courses you will be a Cyber Security Superstar!

GOALS of the training:

• To inspire you to engage with and control your information security at work, at home, and on the road.
• To show that anyone can be an information security leader.

Secure I.T. is now on Twitter - 

Check out the BC Government's Information Security Awareness site for all sorts of information, videos, updates, and the occasional contest.

Get Cyber Safe is a national public awareness campaign created to inform Canadians about cyber security and the simple steps they can take to protect themselves online.

Do you have Media Smarts? Canada's Centre for Digital and Media Literacy offers many resources including free digital skills workshops to help people learn more about using technology in their everyday lives.

So - You want to be a Cyberhero? With access to the Terranova Cyber Security Hub, you’ll have access to a variety of valuable content, including important kits on Ransomware, Phishing, infographics for parents and seniors and even a detailed breakdown of COVID-19 related threats.

Have one of your account passwords been exposed in a breach? Check out Have I Been Pwned? Is the new password you selected as secure as you think? Check Pnwed Passwords.

Answer a few simple questions to get personalized online safety recommendations from the  CR Security Planner. 
It's confidential - no personal information is stored and they don't access any of your online accounts.

The Canadian Banking Association (CBA) has great resources on Cyber Security and how to protect yourself from Fraud. For more information, check out CBA's Cyber Security Toolkit.