Based on recommendations from Google, additional defensive measures will be fully functioning by the afternoon of July 12 to protect our mail from phishing (trying to get a response from a user) and spoofing (pretending to be a legitimate member of the community) attempts. Attacks evolve over time as hackers figure out new ways to compromise systems or gain users’ trust, so this is an ongoing battle.
You may periodically see increases in communication regarding security while there are known threats or attacks on our systems. Please do give these messages your full attention, since your vigilance helps protect your data and the college’s. We post on LTS Service Alerts (please consider subscribing!) which in turn appear on the LTS home page, in Faculty-Staff Announcements, and the MyWellesley log-in page and Home tab.
Please note that LTS will NEVER ask you to send your domain password to us in an email or through a shared document. You should also not trust any system, such as a Google form, that is other than our college systems, that asks you for a password. Remember that once your domain password has been shared with someone else, the damage that can be caused by this can be huge. If you use that same password for other internet systems (such as your bank accounts or retirement accounts), it can be even worse.
State laws governing personal information require that we have a Written Information Security Program (WISP) that mandates security training for individuals who have access to personal data. We take these issues very seriously and will continue to do everything possible to keep college information secure. However, individual responsibility for protecting the data is equally important and we are here to help.
To: Faculty, staff, students
From: Veronica Brandstrader, LTS, x2171
More info: Computing Help Desk, x3333 (faculty, staff), x7777 (students)