UCL Computer Security Newsletter - Sep/Oct 2010

The purpose of this newsletter is to keep all security reps and other interested parties informed about what is happening around UCL regarding computer security. Further information from the Computer Security Team is always available at http://www.ucl.ac.uk/isd/common/cst.

1. Misuse of Internet

One government department has recently been found to have had 45 instances of staff misuse of Internet over the past 2 years. I would like to take this opportunity to remind you (and ask you to remind your users) of the UCL Information Security Policy at http://www.ucl.ac.uk/isd/common/cst/swg/policy

In particular, note the definition of "Reasonable Personal Use" in the regulations.

If you need any yellow stickers about privacy (to put on all machines), please let us know how many and they will be put in the internal post to you.

2. Spam/phishing

We continue to see many spam messages and many phishing attempts. We have some training available which you may wish to circulate to your users:

http://www.ucl.ac.uk/cert/spam-phishing.mov

http://www.ucl.ac.uk/cert/antiphishing/

3. Contact

Please remember to contact us using cert(at) normal ucl address, rather than our individual email addresses.

4. General

Please note all correspondence from the UCL Computer Security Team is digitally signed either with personal PGP keys or the CERT team key (public keys available fromhttp://www.ucl.ac.uk/isd/common/cst/contacts).

NB - There may be a hiatus or a bit of trial and error in this when we move to Live@UCL as we have not determined exactly how we can best provide this. Our email migration date is the evening of Wednesday 27th October.

This newsletter and previous ones are available at http://www.ucl.ac.uk/isd/common/cst/cst-newsletters (except currently the March 2007 one as that had sensitive information in it).

We welcome feedback on the content and organisation of documents on our web page.