Skip to main content

Cornell University

IT@Cornell

Security

Content (37)

IT Security Special Interest Group (SIG) Agenda for July
Cornell security liaisons, technical support providers, and those interested in learning more about security-related topics are invited to join the monthly IT Security SIG meeting. July’s Agenda includes:
IT Security Special Interest Group (SIG) Agenda for June
Cornell security liaisons, technical support providers, and those interested in learning more about security-related topics are invited to join the monthly IT Security SIG meeting. June's Agenda includes:
Simulated Phishing Messages Help Train Cornell Community to Identify Suspicious Messages
Simulations are used to train astronauts and health care workers, so why not faculty and staff faced with stressful decisions? New phishing simulations to be run quarterly by the Cornell IT Security Office have been designed to help faculty, staff, researchers, and other employees more easily…
Duo Restore Can Help Move Two-Step Login to a New Smartphone or Restore Lost Settings
Beware the New LastPass Phishing Scam
As reported by PCMag, a new scam is targeting LastPass account-holders. Scammers are making calls and texts, pretending to be LastPass employees. They are using sophisticated techniques to mimic LastPass branding, which can make their phishing attempts difficult to identify. Protect your…
Protect Yourself from Tax Fraud
As the deadline for filing your taxes approaches, scammers are hard at work phishing for your personal information and impersonating the IRS. Tax scams can take many forms. It's important to be knowledgeable so you can protect your personal information.
Recovery Email Address Will Help Users Safely Reset Passwords
On Sunday, February 18, 2024, Cornell will introduce a secure but more straightforward method for users to recover access to locked Cornell NetID accounts.
Reminder: Transition to Strong NetID Encryption Requires Some Account Holders to Update Passwords
Starting May 28, 2024, Cornell will begin enforcing strong encryption for Cornell NetID passwords. Some Cornell accounts that are not yet configured for strong encryption for password protection need to be updated before the change takes place.
Security Training and Compliance
Protecting Cornell data, including that of faculty, staff, and students, is a shared responsibility. While extensive technical safeguards reduce our risk considerably, the university's best defense continues to be a well-informed community that knows how to recognize and guard against cybersecurity…
Family Educational Rights and Privacy Act (FERPA) and Information Technologies
The Family Educational Rights and Privacy Act (FERPA) is a 1974 federal law protecting the privacy of student educational records. FERPA safeguards student privacy by limiting who may access student records, specifying for what purpose they may access those records, and detailing what rules…
Upcoming Minor Change to CUWebLogin (Shibboleth) Login Process, Starting November 26, 2023
Starting Sunday, November 26, 2023, Cornell users will see a minor change when they log into Cornell IT services using the CUWebLogin webpage. By default, the Remember My Username checkbox will be checked and the current browser instance will auto-fill the user’s Cornell NetID in the Username (…
Two-Step Login (Duo) Introduces Muted Push Feature
Duo, Cornell’s vendor for providing Two-Step Login, has introduced a feature called Muted Push, designed to help prevent “mobile push harassment” attacks.
Technology Risk Assessment
CIT to Begin DMARC-based Email Security Initiative
Beginning this summer, CIT will launch an initiative to significantly improve email security at Cornell by implementing Domain-based Message Authentication, Reporting, and Conformance ("DMARC") at Cornell. Cornell users who send bulk emails (such as, but not limited to, e-newsletters or…
Secure Connect
Secure Connect uses Beyond Identity to provide passkey login at Cornell. Instead of using your NetID and password to access a web-based service, with Secure Connect you will use your biometrics to unlock a passkey stored on your device. It's another way to reduce the chances that someone can steal…
Two-Step Login Protection to Extend to All Cornell Web Services Starting July 18, 2023
On Tuesday, July 18, 2023, Cornell will extend the requirement for Two-Step Login (Duo) authentication to all university web applications that require Cornell NetID login. While university staff have already been required to authenticate with Two-Step Login when connecting to all web applications…
Introducing the Improved Two-Step Login Duo Device Management Portal
Starting Sunday, March 12, 2023, Cornell's Manage Your Two-Step Login website will update to the new Duo Device Management Portal for managing enrolled devices.
Update: Office 365 Two-Step Login Also Moving to Duo Universal Prompt
Beginning Sunday, February 19, 2023, Office 365 accounts that have already been migrated to Microsoft Azure sign-in will also begin using the Duo Universal Prompt for Two-Step Login authentication.
Authentication
Regulated Data
As a custodian of institutional information, you are responsible for the Cornell data sent, stored, or shared on the information technology (IT) software, services, and devices -- whether personally owned or university-owned -- that you use. This responsibility includes choosing appropriate…

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.

OSZAR »