Security
Content (53)
As the deadline for filing your taxes approaches, scammers are hard at work phishing for your personal information and impersonating the IRS. Tax scams can take many forms. It's important to be knowledgeable so you can protect your personal information.
On Sunday, February 18, 2024, Cornell will introduce a secure but more straightforward method for users to recover access to locked Cornell NetID accounts.
Starting May 28, 2024, Cornell will begin enforcing strong encryption for Cornell NetID passwords. Some Cornell accounts that are not yet configured for strong encryption for password protection need to be updated before the change takes place.
Protecting Cornell data, including that of faculty, staff, and students, is a shared responsibility. While extensive technical safeguards reduce our risk considerably, the university's best defense continues to be a well-informed community that knows how to recognize and guard against cybersecurity…
The Family Educational Rights and Privacy Act (FERPA) is a 1974 federal law protecting the privacy of student educational records. FERPA safeguards student privacy by limiting who may access student records, specifying for what purpose they may access those records, and detailing what rules…
Starting Sunday, November 26, 2023, Cornell users will see a minor change when they log into Cornell IT services using the CUWebLogin webpage.
By default, the Remember My Username checkbox will be checked and the current browser instance will auto-fill the user’s Cornell NetID in the Username (…
Duo, Cornell’s vendor for providing Two-Step Login, has introduced a feature called Muted Push, designed to help prevent “mobile push harassment” attacks.
Beginning this summer, CIT will launch an initiative to significantly improve email security at Cornell by implementing Domain-based Message Authentication, Reporting, and Conformance ("DMARC") at Cornell.
Cornell users who send bulk emails (such as, but not limited to, e-newsletters or…
Secure Connect uses Beyond Identity to provide passkey login at Cornell. Instead of using your NetID and password to access a web-based service, with Secure Connect you will use your biometrics to unlock a passkey stored on your device. It's another way to reduce the chances that someone can steal…
On Tuesday, July 18, 2023, Cornell will extend the requirement for Two-Step Login (Duo) authentication to all university web applications that require Cornell NetID login.
While university staff have already been required to authenticate with Two-Step Login when connecting to all web applications…
Starting Sunday, March 12, 2023, Cornell's Manage Your Two-Step Login website will update to the new Duo Device Management Portal for managing enrolled devices.
Beginning Sunday, February 19, 2023, Office 365 accounts that have already been migrated to Microsoft Azure sign-in will also begin using the Duo Universal Prompt for Two-Step Login authentication.
Be cautious about any unsolicited offers you receive for internships or jobs. Cornell students are continuing to receive a large of number of fraudulent (phishing) emails with these scam offers, and some students have fallen victim. The fake messages may be well-written, reference familiar…
As a custodian of institutional information, you are responsible for the Cornell data sent, stored, or shared on the information technology (IT) software, services, and devices -- whether personally owned or university-owned -- that you use. This responsibility includes choosing appropriate…
How can Cornell help you protect your computer in the face of mounting online threats? With Certified Desktop, CIT works with your department’s IT staff to make your computer safer.
CrowdStrike is a key component of the Certified Desktop suite of security services.
All month long we'll be sharing articles, tips, and tools that help everyone to secure our world. There are four simple steps that you can take to make a big difference.
If you are purchasing new software, review this page and submit your request through the Technology Risk Assessment Form.
Network and system administrators can request information security assessments of their networks, systems, programs, and labs through the IT Security Office (ITSO).