Don't Lose Your Data: Stay Safe Online

Man on laptop

Published September 2013

By Robert Polezak

Information security at UB is a high stakes game. The best way to ensure that both your personal information and UB’s data stays secure is to monitor your computer and make changes to your browsing behavior.

“ our number one problem when it comes to causing a compromised account.”
Jeff Murphy, Interim Information Security Officer
University at Buffalo

According to the UB Information Security Office, UB’s online infrastructure is quite secure from a technical aspect. Several layers of firewall and security software helps keep UB’s network safe from outside attack. Technology only goes so far, however, as compromises can still occur when a person clicks an unknown link in an email.

“Don’t click on links that you’re not absolutely sure about, especially something that comes through email,” said Jeff Murphy, UB’s Interim Information Security Officer. “Phishing, or defrauding an online account holder of personal or financial information by posing as a legitimate entity, is our number one problem when it comes to causing a compromised account.”

Phishing scams don’t just target UB students. It’s important for everyone at UB to remember that no one at UB will ever ask for your password.

If you are a member of our faculty or staff you also want to keep a close eye on your university computer’s behavior. If it is acting strangely, bring it to your local IT support's attention, especially if you’re handling sensitive data such as Social Security Numbers and credit cards or other regulated data.  

A single virus could simply be a sign of more underlying problems. According to UB Information Security Analyst Cathy Ullman, “Often, someone will notice anomalous activity because of only one virus. However, just because you see one doesn’t mean there aren’t four that you don’t know about.”

Cathy continued, “Part of my job is to investigate and get the full picture. What triggers us to review a machine might be an annoying virus sending out spam emails or causing pop-ups, when in fact it’s created a backdoor for software looking for credit card numbers or Social Security Numbers. It’s very important to report a compromised machine or account as soon as possible.”

By ignoring a compromise, you’re not only risking your information, but opening UB to a potentially costly security breach.  Industry estimates point to an expected cost of $180 per record potentially compromised. Considering most computers and employees rarely work on just one record, these fines could add up to well over $100,000.  

If you work with regulated data and you believe your UB-owned computer is compromised, report it to your local IT support. They will work with the Information Security Office to make a copy of the hard drive. Your local IT support will then fix the issue and get the computer back to you. In the meantime, the Information Security Office will analyze the drive to find the nature of the virus, whether it’s simply one causing frequent pop-up advertisements, or one that could potentially be sending regulated data to hackers.   

Questions about Internet  and information security and compromises can be directed to the Information Security Office at