PGP is a product that encrypts your data to keep it safe from unauthorized access. The University is now supporting two components of PGP: Whole Disk Encryption and NetShare. Installation of the PGP Desktop application is required to use either component. For information about purchasing licenses, please see our PGP Information page.
NOTE: Do not install PGP Desktop on MacOS 10.7.3. There are unresolved issues with the software on this version of OSX.
|Installer||PGP Desktop for MacOSX Installer|
|How To||Install PGP Desktop for MacOSX (Video)*|
|Quick Start||PGP Desktop 10.2 for MacOSX Quick Start Guide*|
|User Guide||PGP Desktop 10.2 for MacOSX User's Guide*|
|Installer||PGP Desktop for Windows 32-bit Installer|
|PGP Desktop for Windows 64-bit Installer|
|How To||Installing the Client Software and User Enrollment|
|Installing the Client Software from AD Joined Systems|
|Install PGP Desktop for Windows (Video)*|
|Quick Start||PGP Desktop 10.2 for Windows Quick Start Guides*|
|User Guide||PGP Desktop 10.2 for Windows User's Guides*|
|Links to Many Other Installation/Upgrade/User's/Admin Guides*|
Using PGP Whole Disk Encryption (WDE), your entire disk is encrypted. After encryption, you will enter a passphrase when you start you computer. Not all computers need to be encrypted. If you have questions about your computer and the data stored on it, contact your departmental support technician, or contact the OIT Service Desk at 3-1222.
|How To||Setting Up Whole Disk Encryption (Windows)|
|User Guide||PGP Whole Disk User Guides*|
|PGP Whole Disk Command Line User Guide*|
|Product Information||PGP Whole Disk Encryption at Symantec*|
|Current Issues||Unable to boot after installing MacOSX 10.7.3 on encrypted disk*|
|PGP Whole Disk Encryption for MacOSX Recovery Disk Images*|
PGP NetShare is a Windows only feature that allows you to create a secure file store either on your local computer or a network share. All files saved into this folder are automatically encrypted. If you have questions about setting up or using this feature, contact your departmental support technician or the OIT Service Desk at 3-1222.
|How To||Setting up a NetShare Folder|
|Adding or Removing Users/Groups from a NetShare Folder|
|User Guide||PGP NetShare Command Line User Guide*|
|Product Information||PGP NetShare at Symantec*|
|How To||Creating a Self Decrypting Passphrase Protected File|
*These links navigate to outside sources.
Phishing is when an attacker attempts to fool you into clicking on a malicious link or opening an attachment in an email. Be suspicious of any email or online message that creates a sense of urgency, has bad spelling or addresses you as "Dear Customer."
Original release date: October 14, 2016 | Last revised: October 17, 2016
Internet of Things (IoT)an emerging network of devices (e.g., printers, routers, video cameras, smart TVs) that connect to one another via the Internet, often automatically sending and receiving data
Recently, IoT devices have been used to create large-scale botnetsnetworks of devices infected with self-propagating malwarethat can execute crippling distributed denial-of-service (DDoS) attacks. IoT devices are particularly susceptible to malware, so protecting these devices and connected hardware is critical to protect systems and networks.
On September 20, 2016, Brian Krebs security blog (krebsonsecurity.com) was targeted by a massive DDoS attack, one of the largest on record, exceeding 620 gigabits per second (Gbps). An IoT botnet powered by Mirai malware created the DDoS attack. The Mirai malware continuously scans the Internet for vulnerable IoT devices, which are then infected and used in botnet attacks. The Mirai bot uses a short list of 62 common default usernames and passwords to scan for vulnerable devices. Because many IoT devices are unsecured or weakly secured, this short dictionary allows the bot to access hundreds of thousands of devices. The purported Mirai author claimed that over 380,000 IoT devices were enslaved by the Mirai malware in the attack on Krebs website.
In late September, a separate Mirai attack on French webhost OVH broke the record for largest recorded DDoS attack. That DDoS was at least 1.1 terabits per second (Tbps), and may have been as large as 1.5 Tbps.
The IoT devices affected in the latest Mirai incidents were primarily home routers, network-enabled cameras, and digital video recorders. Mirai malware source code was published online at the end of September, opening the door to more widespread use of the code to create other DDoS attacks.
In early October, Krebs on Security reported on a separate malware family responsible for other IoT botnet attacks. This other malware, whose source code is not yet public, is named Bashlite. This malware also infects systems through default usernames and passwords. Level 3 Communications, a security firm, indicated that the Bashlite botnet may have about one million enslaved IoT devices.
With the release of the Mirai source code on the Internet, there are increased risks of more botnets being generated. Both Mirai and Bashlite can exploit the numerous IoT devices that still use default passwords and are easily compromised. Such botnet attacks could severely disrupt an organizations communications or cause significant financial harm.
Software that is not designed to be secure contains vulnerabilities that can be exploited. Software-connected devices collect data and credentials that could then be sent to an adversarys collection point in a back-end application.
Cybersecurity professionals should harden networks against the possibility of a DDoS attack. For more information on DDoS attacks, please refer to US-CERT Security Publication DDoS Quick Guide and the US-CERT Alert on UDP-Based Amplification Attacks.
In order to remove the Mirai malware from an infected IoT device, users and administrators should take the following actions:
In order to prevent a malware infection on an IoT device, users and administrators should take following precautions: