Buzz through the latest in cybersecurity at Yale. We’ve got practical advice on avoiding scams and safeguarding your accounts, an opportunity to become a cybersecurity awareness ambassador, news about our upcoming spring cyber challenge, and more!
Become a Cybersecurity Awareness Ambassador
We’re looking for enthusiastic volunteers across campus to help spread the buzz about cyber safety! No technical knowledge required—just an interest in cybersecurity, staying safe in a digital world, and empowering the Yale community.
As a cybersecurity awareness ambassador, you’ll serve as a trusted liaison between the Information Security Office and your colleagues. Ambassadors help share important updates, promote events and activities, and tailor messages so they really resonate with your team or department.
Policy 1604 Clarification for Research Data
If you work with large research datasets that include personal information (but not high risk data like Social Security numbers or patient information), those datasets are considered Moderate Risk data.
This is now explicitly stated as an example in Yale’s Data Classification Policy.
This means that systems used to process, store, or transmit these data sets must comply with Yale’s Minimum Security Standards (MSS) for Moderate Risk data.
If you have questions, we’re here to help. Contact the Information Security Office at information.security@yale.edu.
Did You Miss the February Cybersecurity Awareness Tip?
Bad actors are always finding new ways to sneak into your inbox — including a new insidious tactic that leverages real document-sharing emails.
Here’s how it works: You receive a legitimate email from Google or Microsoft indicating someone has shared a document with you. The “someone” could be either internal or external to Yale. The account is legitimate and the email is real, but the shared document is malicious.
The documents can look convincing and are designed these to steal your information with links that prompt you to enter your Yale credentials.
Beware Benefit-Related Smishing Texts
Scammers are targeting Yale employees with text messages designed to trick us into clicking links or entering our credentials. Recent messages have included attempts to fool us into taking action by claiming to be about pay, compensation, or benefits.
Remember: Yale does not send compensation or benefits information via text.
Simple steps to help recognize and avoid malicious messages:
- Always pause and consider who and where the message is coming from
- Confirm through a separate trusted channel before taking any action
- Stay alert for suspicious or unexpected communications or requests
Being vigilant and thinking before you click can help keep your personal and Yale accounts safe from cybercriminals.
Join the Spring Cyber Challenge:
Protect It Because It’s All Connected — Yale and Home
You don’t have a “work identity” and a “personal identity.”
You have one identity and it connects everything.
From your Yale login to your personal email, banking, shopping, and social media accounts, your credentials are the keys to your digital life. When one account is compromised, it doesn’t stay isolated. Attackers count on the connections (like reused passwords, shared recovery emails, and familiar habits) to move from one account to another.
That’s why our spring campaign is focused on a simple truth:
Like a row of dominoes — when one account falls, others can follow.
Join us April 20 through April 24 to build your cyber muscles, test your instincts, and learn how to better protect your identity one habit at a time.
Get the buzz (and ready to play!) by signing up to receive alerts.