Take steps to protect your UP Mail (See UP Mail tab in CRS, DilNet tab).
1. DO mute your microphone when you are not speaking to eliminate background noise and prevent disruptions during your meetings, conferences, or classes.
2. DO be aware of everything that is in view of your camera. Make sure to remove anything that is a possible disruption to the other participants viewing your video.
3. DO make sure that you are in a quiet place conducive for meetings.
4. DO dress up properly for the meeting.
5. DO check your device screen before activating the Share Screen function.
6. DO require a passcode when setting or scheduling your meeting through Zoom.
7. DO make sure that you send your Zoom meeting details (i.e. link, Meeting ID, Passcode) to those who are your invitees only.
8. DO remember that for your authentication settings, you can select the option “UP Mail Accounts Only” to make your Zoom meeting or webinar more secure (this applies if you are the one who will create/host the meeting). This will limit your attendees only to those who are members of the UP community.
1. DO NOT have a distracting background when using your video.
2. DO NOT leave your microphone on when you are not speaking. Always mute your microphone when it is not your turn to speak.
3. DO NOT place your fan directly facing your desktop/laptop’s microphone. This causes unwanted whirring sounds and your voice might not be heard when you speak (or your voice becomes muffled).
4. DO NOT crosstalk. Use the Zoom feature for raising a hand (or show your physical hand in front of your camera) and speak only when recognized by the meeting host or facilitator.
5. DO NOT post your Zoom meeting details (i.e. link, Meeting ID, Passcode) on social media to prevent unscrupulous individuals from intruding your online meeting. Allowing unwanted attendees may open up your session to “Zoom Bombing”.
—Source: Dos and DOn'ts copied verbatim from email from UP ITDC, 7 June 2021
Know the kinds of risks and dangers you face online. Please view these set of slides—posted during the International Cybersecurity Awareness Day—courtesy of the Office of the Vice Chancellor for Student Affairs.
Take these steps to protect yourself from various online hazards. The slides are courtesy of the Office of the Vice Chancellor for Student Affairs. To learn more about online safety and get more resources, visit the OVCSA's Digicare page.
The UP ITDC also identifies types of security risks in a March 8, 2022 email: "Please be wary of phishing websites, emails, social media posts, and other online avenues masquerading as being associated with the University. Possible methods of attack that may be initiated against online users are the following:
Phishing is a cyber attack that obtains an individual’s sensitive data with the culprit posing as a legitimate and trustworthy institution or entity in an electronic communication. This is usually done through unsolicited email and messages on Facebook (especially fake accounts), and other social media.
Whaling is similar to phishing, but the culprit poses as an influential member or senior management in an organization in an attempt to use their authority, to lure other important members of that organization into providing sensitive personal information or company data. Culprits also usually do this through unsolicited email, and messages through Facebook and other social media.
Vishing is also similar to phishing but is done through voice technology.
Smishing is a phishing attack through SMS or text messages.
Spear Phishing is a cyber attack personalized to target a specific individual, with the culprit masquerading as someone the victim is familiar with, such as a friend or a family member. This is also done by sending unsolicited emails and messages through email and social media, like phishing.
Man in the Middle is a form of attack where the culprit acts as a relay or proxy in a communication between parties. The culprit can eavesdrop, impersonate one of the involved parties, or alter the communication, all while everything still seems normal to the users.
Man in the Browser is a similar approach to Man in the Middle, but instead there is a Trojan Horse (a type of malware) that manipulates web pages while still appearing as normal, thus possibly gaining access to the users’ transactions in said web page.
Be reminded that the University will never ask for your username, password, or any other access credentials.
As much as possible, please set all Google Drive/Docs files—especially those containing sensitive information (See Privacy Tab)— you share to "Restricted" access: sharing them only to those who need to see/edited them. Also, please turn off the abilities of "Editors" to edit sharing permissions. Then once the event is done or the document has already served its purpose, please unshare it immediately. The general idea is that the fewer the people who have access, the less security risks there will be.