Share Files Securely
Share Files Securely
Valuable Privacy & Security Information During COVID-19 Restrictions
It can be difficult to keep track of all the timely reminders available to help you maneuver through your change in work circumstances due to the Coronavirus outbreak, all while maintaining proper privacy and security protocols to protect yourself, and the data that you handle.
On this page you will find a consolidation of privacy resources and security reminders and tips for staff, faculty, researchers and students. Please make ample use of these resources as the need arises, and bookmark them to your browser for quick future reference.
Some of the sections below also include downloadable material that may be useful to share during team meetings and publish on internal websites.
Protect personal information while working from home
Privacy Reminders for Staff, Faculty & Researchers
During the COVID-19 pandemic, please review these important reminders to protect personal information while working from home.
Simple steps to take include:
1. Log off or shut down your laptop or home computer when you are not using it
2. If you will be working with personal information from home or remotely, take care to make sure you are the only person able to access the records.
3. Set the automatic logoff on your devices to run after a short period of idleness.
4. Do not share a laptop used for working with personal information with other individuals, including family members and friends.
5. Make sure you understand and follow UBC’s Securing Computing and Mobile Storage Devices policy. This includes the newly mandated minimum cybersecurity controls.
Amendments to Restrictions (FIPPA Bill 35 & Ministerial Order M085)
UBC is subject to the Freedom of Information and Protection of Privacy Act (FIPPA), part of which states that faculty and staff cannot store personal information outside of Canada without written consent. As such, the use of many popular cloud services and applications that possibly collect, store, transmit, or access personal information outside of Canada has been limited for staff and faculty.
Recent changes in legislature (BILL 35) have amended the requirements of the Privacy Act to allow for processing and storage of personal information outside of Canada, within specific criteria.
Also, in March 2020 Ministerial Order M085 was implemented, temporarily allowing disclosure of personal information outside of Canada, within specific criteria in response to the COVID-19 crisis.
What does this mean for UBC?
1. Increased opportunity for technology adoption.
2. Responsible process for planning and adopting and using new technologies.
3. The need to complete Privacy Impact Assessment is still in place.
4. Consider opportunities that meet the needs in your function.
Contact Privacy Matters @ UBC for more information.
The Impact of COVID-19 on Cybersecurity
Sadly, cybercriminals are taking advantage of the COVID-19 pandemic as a thematic lure for their malicious activities. They know that presently many are anxious about the future and less likely to act prudently when presented with emails, SMS messages, or advertisements involving COVID-19 that would otherwise seem suspicious.
Criminals have developed enticing COVID-19-related content to trick potential victims into clicking on malicious links and attachments. Lures are commonly found in phishing email campaigns attempting to distribute information-stealing malware or ransomware on personal computers and mobile devices.
What to watch for
COVID-19 lures are increasingly used by criminals to advertise counterfeit medical supplies, elicit fraudulent donations, and support other fraudulent schemes.
These lures often attempt to imitate the branding of legitimate organizations in order to build trust in the victim. Cybercriminals are aware that the names and logos of international organizations or national health agencies are appearing more frequently in the news and on social media, but that most individuals are unfamiliar with their websites and communication activities.
The COVID-19 pandemic has caused many staff, faculty and researchers to adapt to a remote working environment. As a result, many are accessing sensitive data through myVPN and cloud-based applications for the first time. To compound the vulnerability, many are using their personal devices and home Wi-Fi networks that are poorly secured in comparison to UBC’s on-campus network.
Much of the criminals focus is centered on staff and faculty that have appointments in units of strategic interest such as HR and finance, recruitment and development.
Even as on-site working restrictions are slowly being relaxed, provincial security professionals are anticipating an increase over the coming year in COVID-19 related cyber threat activity as more traditional espionage activities remain hampered by travel restrictions and physical distancing.
In order to stay connected to students and fellow colleagues, many are introducing video-conferencing platforms such as Zoom and Skype for Business into their workday and criminals are looking to exploit this change in routine. Thankfully the UBC Cybersecurity team and UBC IT have worked together to publish practical advice for using recommended audio conferencing, virtual meetings and instant messaging tools.
In the immediate future, it is almost certain that cybercriminals will continue to target individuals into divulging financial data or downloading malicious software. This will very likely be done by impersonating government correspondence or websites, similar to CRA-themed messaging during tax season. As physical distancing restrictions begin to soften across the province, cybercriminals will likely begin crafting phishing messages that revolve around vaccine development and production.
The Canadian Centre for Cyber Security has warned that “the Canadian health sector will almost certainly continue to be targeted by ransomware campaigns of varying sophistication in the immediate future.” UBC researchers must be on alert for possible nefarious messaging intended to hinder the development and production of important medical research.
Teleworking Best Practices - Do's & Don'ts Guide
Take Action Against COVID-19 Scams
Top 5 Ways for Students to Keep Cybersafe
With UBC’s transition to online learning and classes, it is important to keep yourself and your information cybersecure. Here’s the top 5 things you can do to keep cybersafe:
1. Protect your password(s)
Passwords are an important part of our digital lives and with online learning, your credentials are now more important than ever. Have you ever considered the implications of what would happen if your password was stolen? Learn how to protect your passwords.
2. Protect your devices
Keep your operating system and software up to date. Weaknesses in systems and software that are not up to date are vulnerable. Always use malware protection (antivirus) and consider “next gen” products, as they offer more advanced security and take advantage of machine learning to protect you. Many are free or very inexpensive.
3. Back up your data
Computer hard drives can crash, computers and smartphones can be lost or stolen, soup can be spilled on laptops, and software viruses or malware can delete your files. Be sure to back-up your data on a regular basis. Be sure to test the backups every few months to check that you can recover your data.
4. Protect your personal information
There are a number of ways you can protect your personal information and others. View this quick guide to learn more.
5. Don’t get phished: recognizing phishing and spear-phishing dangers
People who want to steal your information can be clever. Learn how to protect yourself against phishing and spear-phishing messages. Received a suspicious email or link? Don't open the message or click the link. For your personal email, learn how to report a Phish and then delete it. For UBC email, forward the message to email@example.com.