Information Security provides vision and direction for developing and supporting IT security initiatives at Carleton. The group provides leadership in the development and operation of structures, programs and policies that address the needs of Carleton’s information assets and how they are protected.

Key areas of accountability are:

  • Ensuring that appropriate and reasonable safeguards are employed to detect and protect against potential threats to IT assets
  • Establishing and evolving an appropriate security posture that balances risks, investment and safeguarding of assets against the university’s ability to operate effectively and efficiently; and,
  • Evaluating, planning and delivery of the security aspects of the university’s network infrastructure

As part of an ongoing program to raise the level of security awareness at Carleton University, the Information Security Division provides security awareness reminders to the campus community on a regular basis.

Report Suspicious Activity

To notify the Information Security team of suspicious activity, contact the ITS Service Desk at its.service.desk@carleton.ca or call 613-520-3700.

Phishing

Phishing is the act of contacting people via email, telephone, or text message while impersonating an individual or organization with the intention of stealing private information and data to commit identify theft and financial theft.  If you receive a phishing email do not respond to it, move it to your junk folder (this will mark it as spam), and forward it to the ITS Service Desk.

Duo: Our Two-Factor Authentication Solution

Duo is a two-factor authentication solution aimed at protecting your account from illicit login attempts. Once Duo is enabled you will log into Carleton systems using something you know (your MyCarletonOne password) plus something you have (your mobile phone, work phone, home phone or tablet). Learn more about Duo.

VPN

The Virtual Private Network (VPN) client software is required for access to Carleton University resources that are restricted to on-campus use. The VPN client software provides a secure encrypted channel from your home to the campus.

Ransomware

Ransomware is a type of malware (malicious software designed to infiltrate your computer) that results in the encryption of computer files. Once the files are encrypted these attackers then demand a form of ransom from the computer owners in exchange for the decryption key. Read our guidelines on protecting your files from ransomware or other data loss.

Virus Protection

Each faculty and staff member can install Trend Micro antivirus on up to 5 personal devices (PC, Mac, Android or iOS) at no charge. This endpoint security software provides you with a broad range of threat protection – it safeguards your data from malware and ransomware, allows you to browse the web safely and provides protection from viruses.

Residence PC Protection

Proper protection against computer viruses is required so that you have an operational network to support your academic studies. Learn more about how to protect your computer here.

Latest Security Notices

Friday, September 13, 2019

Beware of Phishing Emails circulating on Campus – Appears to be from the University Library

Please beware of phishing emails circulating on campus which appears to be from the University Library. This campaign targets Faculty/Staff and Students in an attempt to steal credentials by trying to convince them that they need to authenticate in order to renew access to Library resources, or to prevent access or accounts from expiring.... More

Friday, September 6, 2019

Re-emerging Telephone Scam Targeting International students

International students in Canada are reporting that they have been targets of a re-emerging telephone scam whereby individuals claiming to be employees of Immigration, Refugees, and Citizenship Canada (IRCC) are asking them for personal information and/or money or risk deportation. In more sophisticated versions of the scam, the individual also... More

Thursday, September 5, 2019

Phishing Email circulating on campus with Subject of: Outlook system update

Be on the lookout, for a phishing email circulating on campus, that appears to come from IT Support. This is a phishing email: Source:  External Subject Line:  Outlook system update Suspicious link:  Yes                 If you have already responded to this message, please change your MyCarleton One... More

Thursday, August 29, 2019

Phishing Email Circulating on Campus – Appears to be from Carleton President

Be on the lookout, in your inbox, for a phishing email from an external address posing as our President and Vice-Chancellor. This is a phishing email: Source:  External Subject Line:  Required Annual Notices Attachment:  Yes                       If you have already responded to this... More

Wednesday, August 7, 2019

University of Ottawa and Carleton University IT Departments Join Forces to Combat Cyber Security Threats

The University of Ottawa and Carleton University have signed a memorandum to collaborate and coordinate on cyber security incident management. “We have a responsibility to protect our institutions information systems and data against constantly evolving cybersecurity threats.  By coordinating our efforts, we can work together to tackle our... More

Tuesday, August 6, 2019

Changes Coming to MyCarletonOne

Over the August 16th weekend we will be replacing the current system that powers MyCarletonOne with Oracle Identity Management (OIM). Once the new system is in place you can expect to see a new myone.carleton.ca login page and the next time you login to change your password, you will be required to select new security questions.... More

Thursday, August 1, 2019

5 Ways to Spot a Phishing Attempt

Email phishing scams can trick you into opening attachments or giving up personal information. They appear to be emails from organizations or companies you trust, but they're often the gateway to data breaches or identity theft. 5 Ways to Recognize a Phishing Attempt It asks you for your password or directs you to a web... More

Thursday, July 18, 2019

New 15 Minute Lock Screen Policy on CUNET Connected Systems

On Tuesday July 30, 2019 at 10:00 a.m., ITS will be implementing a new policy to lock computer screens after 15 minutes of inactivity.  This industry standard configuration will be applied to all faculty and staff Windows workstations and laptops that are connected to the CUNET domain. This change will address a security concern of... More

Tuesday, July 16, 2019

Beware of Phishing Emails circulating on campus – subject lines contain “Documents Pending” & “SUMMER PART-TIME JOBS OPPORTUNITY”!

Please beware of phishing emails circulating on campus with a subject line containing "Documents Pending" & "SUMMER PART-TIME JOBS OPPORTUNITY". These are phishing emails and should be deleted immediately. Do not click on the link within the body of the message and do not reply or respond to the message. If you have already... More

Friday, June 28, 2019

Beware of Phishing Email circulating on campus – subject contains “Part-time/Job opportunity”!

Please beware of phishing emails circulating on campus with a subject of "Part-time/Job opportunity" and appears to be from CMAIL accounts.   This is a phishing email and should be deleted immediately. Do not click on the link within the body of the message and do not reply or respond to the message. If you have... More

Tuesday, June 25, 2019

Beware of Phishing Email circulating on campus – Appears to be from our Carleton University President!

Beware of phishing emails circulating on campus that appear to be from the Carleton's President, and includes an attachment with a link to another website'.  This is a phishing email and should be deleted immediately. The attachment includes a link to a website which will collect your credentials, and/or personal information. Do not respond... More

Tuesday, June 18, 2019

Beware of Phishing Email circulating on campus – Appears to be from ITS Service Desk!

Please beware of phishing emails circulating on campus with subject of "Enrollment : {Salary Increment } Application" and appears to be from the ITS Service Desk.   This is a phishing email  and should be deleted immediately. Do not click on the link within the body of the message and do not reply or respond... More

Tuesday, May 28, 2019

Beware of Phishing Email circulating on campus – Appears to be from Carleton University Dean, Chair or Director!

Please beware of phishing emails circulating on campus with subject of "Are you Available" and "Good Morning" and appear to be from either the President, Dean, Chair, Director or other senior management at Carleton University.  These are phishing emails and should be deleted immediately. If you respond to these messages, you may be asked to... More

Thursday, April 25, 2019

External Email Tagging Being Implemented to Combat Phishing

At Carleton we often see phishing emails that appear to be from @carleton.ca addresses, when in fact they are fake accounts created with malicious intent. These emails often encourage the recipient to click on a link and provide sensitive information, like their username and password. To better protect Carleton staff, faculty, and students against... More

Tuesday, April 16, 2019

Beware of Phishing/scams – Offer to win a $1000 gift card or 5 year Netflix Subscription

Beware of phishing/scam emails circulating on campus with "offer to win a $1000 gift card, from various stores and services (Walmart, Amazon, Costco, or 5 year Netflix subscription) for completing a "survey".  This type of email is a scam and should be ignored and deleted immediately. Do not respond to the message, do not... More

Wednesday, April 10, 2019

Beware of phishing/scam emails circulating on campus – Subject: New Messages Notification

Beware of phishing emails circulating on campus with subject of: "New Messages Notification" and appears to be a voicemail email message. This is a phishing email and should be deleted immediately. Do not clink on the link or open the attachment within the body of the message, do not respond to the message, and... More

Tuesday, April 9, 2019

April IT Security Tip: Safe Online Banking

Banks use comprehensive safeguards to protect the integrity and security of your information and financial transactions. If you choose to bank online you need to do the same. Here are some tips to help you bank safely: Pick a strong password. Online Banking passwords must be unique and complex. It is highly recommended that... More

Friday, April 5, 2019

Over 600 Carleton Accounts Now Protected with Two-Factor Authentication

Carleton’s internet-accessible services are continuously subjected to illicit login attempts from people seeking to install malware and ransomware, searching for mailboxes from which to send spam, hunting for data for identity theft, or attempting to steal intellectual property. Duo two-factor authentication is a proven technique to prevent... More

Wednesday, March 13, 2019

Phishing Emails that appears to come from the RCMP on Anti-bullying!

Beware of phishing emails that appear to come from the "RCMP" on Anti-bullying, which asks for information on individuals or mentions a "Watch List".  These are phishing emails and should be deleted immediately. Do not click on the link within the body of the message, do not respond to the message, and do not... More

Tuesday, March 12, 2019

Beware of ‘Part-Time Job Offer’ Scams

Please beware of ongoing ‘Part-time Job Offer’ scams circulating online and through emails. These scams request that a student communicate using their Carleton email address.  If they respond, they are then contacted by potential “employers” offering a job.  The ‘scammer’ or ‘potential employer’ sends cheques for the student to... More

Thursday, February 21, 2019

Network Printing Changes Coming to Robertson Hall and CTTC

As of Monday February 25, staff and faculty in Robertson Hall and CTTC must connect to network printers via ITS print server and no longer by IP address. This change will mainly affect Mac and Unix users as most Windows users already connect to network printers via the print server. This change ensures only authorized users can connect... More

Monday, January 28, 2019

Managing your Privacy

Today, January 28, is Data Privacy Day.  It is an international effort to empower individuals and business to respect privacy, safeguard data and enable trust. Data about you can be used in a variety of ways, sometimes in ways you wouldn't expect or even approve.  That's why it's important to understand the value of... More

Tuesday, January 22, 2019

Tackling Phishing at Carleton

Phishing is an attempt of acquiring personal or sensitive information such as credit card information, passwords, etc. by sending an email that appears to be from a legitimate company. Many people are wise to the typical phishing email; it calls to immediate action, it asks for your password, it’s riddled with spelling and grammatical... More

Thursday, January 17, 2019

Upcoming IT Security Awareness Workshop

Keeping our systems and data safe from IT security threats is all of our responsibility. Join one of our Security Managers as he discusses security awareness and how to defend yourself against some major security threats. Intended Audience: Staff and Faculty When: Monday Jan 28 from 9-10 am Where: 617 Robertson Hall In this... More

Wednesday, January 9, 2019

Duo Two-Factor Authentication Contest – You Could Win $100 on your Campus Card

Duo is now available for all Carleton staff and faculty. Duo is a two-factor authentication solution aimed at protecting our accounts from illicit login attempts. Congratulations to Michael Radcliffe in Campus Safety Services for winning the December draw! He set up Duo on his MyCarletonOne account and won $100 on his Campus Card. We... More

Monday, January 7, 2019

Spotlight on IT: 2018 Year in Review

This special edition of Spotlight on IT focuses on some of the great work done in our IT department over the past year. We wanted to share what we have been up to in our efforts to support and grow IT at Carleton University. We have just released our 2018 Year in Review. This report... More

Friday, January 4, 2019

Beware of Phishing Email circulating on campus – Appears to be from Carleton University Senior Manager!

Beware of phishing emails circulating on campus with subject of "Rafik Goubran's invitation is waiting for your response".  This is a phishing email and should be deleted immediately. If you respond to these messages, you may be asked to purchase gift cards or bitcoins for the individual. Do not accept invitation, do not send gift... More

Thursday, January 3, 2019

Job Offer / Bitcoin Scam – Targeting Students

Beware of a "Job Offer" or "Bitcoin" scam circulating on campus.  The scam gets students to upload their resumes to a job site and then they are contacted by potential "employers" offering them a job.  All they need to do is deposit money into their bank account, withdraw the money, purchase bitcoin and then... More

Wednesday, December 5, 2018

OVPRI and ITS Collaborate to Support Researchers

The Office of the Vice-President (Research and International) (OVPRI) and Information Technology Services (ITS) are collaborating on a number of initiatives to enhance IT support for researchers. New Software Licensing Agreements Carleton has acquired new university-wide licenses for the IBM SPSS software and NVivo Plus. Both are now available... More

Wednesday, December 5, 2018

Staff and Faculty: Set Up Duo for your Chance to Win $100 on Your Campus Card

Starting this winter, ITS will begin rolling out Duo, our two-factor authentication solution, to the Carleton community. Two-factor authentication is an IT security solution that protects your account from illicit login attempts.  Once enabled, you will login to select Carleton systems using something you know (your MyCarletonOne password),... More

Monday, December 3, 2018

Shopping Online This Holiday Season? Be Careful of These Three Things

How is it December already?! Chances are you have some holiday shopping to do (or start), and if you’re like me you’ll turn to online shops.  It's fast, easy, convenient, and, in some cases, I can have my purchases wrapped and shipped directly to my loved ones. But before you open that browser, here... More

Monday, November 26, 2018

Beware of Phishing Email circulating on campus – Appears to be from Carleton University President!

Beware of phishing emails circulating on campus that appears to be from the Carleton's President or other senior managers, that often start with 'are you free' or 'are you available'.  This may be a phishing email and should be deleted immediately. If you respond to these messages, you may be asked to purchase gift... More

Monday, November 19, 2018

Phishing Emails Circulating on Campus: Subject of “Part-Time Personal Assistant Needed”

Beware of phishing emails circulating on campus with subject of: "Part-Time Personal Assistant Needed".  This is a phishing scam/email and it should be deleted immediately. Do not do not respond to the message, do not send a text message to the number listed in the email, and do not provide your name or email... More

Wednesday, November 14, 2018

Computer Purchases for Business Use

Are you in need of new tablet, desktop, or notebook for business purposes? Be sure to order an ITS recommended system from one of our preferred vendors. What is a Preferred Vendor? A preferred vendor has an established contract with Carleton University for a specific product list and contracted price. These contracts have been... More

Thursday, November 8, 2018

Inside ITS: Talking IT Security

This week Mary Kathryn sits down with Paul Ungoed, one of our Information Security Managers in ITS. In this chat Paul talks about what he does, the best thing you can do to protect yourself online, some ongoing and upcoming IT security workshops, and a new co-op position available. https://www.youtube.com/watch?v=o3SusXOXA7s... More

Share: Twitter, Facebook
Short URL: https://carleton.ca/its/?p=749