General Information

Security

Information Security Office

The office of the Information Security Officer at Ithaca College provides administration and guidance to the Ithaca College community by protecting the confidentiality, integrity, and availability of college information and computing resources.  The Information Security Office works closely with the network services staff and system administrators to ensure security to our networks, systems, and the data residing on them.

Please feel free to consult with us for guidance and direction about information security issues.

Subject: Heartbleed Internet vulnerability – What steps do I need take to protect myself?

 

Dear Ithaca College students, faculty, and staff:

You may have heard news accounts about a widespread Internet vulnerability – dubbed “Heartbleed” – in a piece of software known as OpenSSL. This software provides secure communications underlying a large number of web sites globally, including popular social media, shopping, email, and entertainment sites. Heartbleed allows a malicious person to capture information such as passwords, financial information, SSNs, and email. Security teams worldwide have been working to address Heartbleed since it was first announced.

As communicated in Intercom, ITS has been working to address the Heartbleed open SSL vulnerability as reported on the popular press and has already patched our major systems that may have been vulnerable. ITS continues to research and analyze this issue and its impact on the systems and services that the campus community uses.

Many of the web sites and Internet services you use in your personal life will likely have been affected by the HeartBleed vulnerability. You will want to change your password for these services, but only after you know their systems have been upgraded to protect against Heartbleed; when in doubt, contact a company’s customer service line. Be aware of phishing scams asking you for your password, SSN, bank account number, or other sensitive information. Information on steps you can take to protect yourself against Heartbleed can be found at http://educause.edu/heartbleed.

If you have questions about Heartbleed, please contact the ITS Information Security Office at infosec@ithaca.edu.

Sincerely,

Kris Monroe, Information Security Officer