Last Thursday students received multiple emails encouraging them to take a “Computer Security 101 Exam.” Completing this exam results in the student being placed into a raffle with the chance to win one of two iPad minis, one of two Beat Solo HD Headphones or a Kindle Paperwhite. All you have to do is get a score of 90 percent or higher by taking the test as many times as you need.
The exam, developed by the Information and Infrastructure Assurance (IIA) group on Ann Arbor’s campus, takes the form of a 10 question multiple choice quiz lasting around 5-10 minutes.
Each question asks the student about internet safety ranging from the importance of information security to protecting the data on your smartphone. It is packed with valuable reminders as well as information that might not be familiar to the typical user.
After answering each question the student is told the correct answer and then given a one or two sentence explanation below. It is easy to see that this quiz is meant to be informative more than anything else.
While some may question the significance of such an exam, others may remember the confusion a few years ago when “official” looking emails were sent urging staff and student-workers to change their umich log-in passwords. The ITS website describes it as a “new twist on criminal ‘phishing’ attacks.” The danger of this specific attack turned out to be a threat to direct deposit paychecks targeted by the criminals.
To combat vulnerability to situations like these, Ann Arbor and Dearborn campuses work together to develop effective computing information campaigns that raise awareness of security measures.
“Protecting against Social Engineering attacks requires an informed base of users,”said Robert Goffeney, Director of IT Strategy and Operations. “Students, faculty and staff who have the knowledge they need to avoid falling prey to deceptive emails, websites and people. This exam is a part of our strategy to keep everyone on campus informed.”
While many students may have ignored the email, others have plunged into the quiz. The ITS team is very happy with the response rate. Goffeney reported that by 12:40 on April 2, after only being active five days, the quiz had been taken by 606 students which he said is “very good for this kind of thing.” Ann Arbor ran the same quiz and received a lower rate of responses than Dearborn students.
With the exam active until April 12, plenty more students are expected to participate for a chance to win one of the prizes.
While some of us will stubbornly use a variation of the same password for every account we manage, it’s good to be reminded of the dangers of doing so every once in a while. Expect to get this reminder again soon. Goffeney explains that a team within the ITS department “meets regularly to review potential threats to the university’s data and infrastructure.”
“We’re always looking for ways to get the word out to people on campus about safe computing,” Goffeney said.
In paragraph 8 of this story, we reported that there was a higher response to the exam in Dearborn than on the Ann Arbor campus. That is not true. There was a participation rate of 15% in Ann Arbor. The rate of participation in Dearborn is currently 8%. [/ezcol_1third_end]