Phone Menu Options When You Call TechHelp
212-217-HELP (4357)
STUDENT, ALUMNI OR APPLICANT: PRESS 1
Then select one of the options
Press 1 For cable TV or jack repair.
Press 2 To speak to an IT Support Technician.
Press 3 To hear these options again.
STAFF OR FACULTY: PRESS 2
Then select one of the options
Press 1 For telephone, voicemail, cable TV or wiring installation requests
Press 2 For technical assistance in a lab or classroom
Press 3 To speak to an IT Support Technician.
Press 4 To hear these options again.
TECH TIP
You can bypass the menu by pressing both digits for the option you want.
For example…
If you are a Student that needs help with your Login for MyFIT – you can Press 1 then 2 to be connected to an IT Support Technician.
If you are Faculty that needs help in a computer lab – you can Press 2 then 2 to be connected to Academic Computing.
What is Ransomware?
Ransomware is computer malware that encrypts the files on your PC, making them (and often your whole computer) unusable. It may also encrypt files on network drives that you have access to, like your N: drive. You regain access to the files by paying a ransom to receive a decryption key. In 2016, Ransomware was estimated to be a $1 Billion business.
How does my computer get ransomware?
Commonly, your computer can be infected with ransomware when you click on a link that allows the program to load. Usually, it’s in a targeted phishing email, but sometimes attackers can secretly load malware onto web pages or even advertisements on legitimate webpages.
How do I know if my computer is infected?
You will see a pop-up screen instructing you to go to a webpage or, more likely, to call a phone number. Yes, the bad guys have call centers. You may also get “file not found” messages for files that you know exist, or you may see files with their names or file types (.docx, .xlsx, etc.) changed.
What do I do if my FIT computer gets infected?
- Do NOT contact the attacker or pay the ransom. You will be giving your credit card information to criminals.
- Take as many notes and screenshots as you can within 3 minutes to help you remember what happened.
- Remove your computer from the network; unplug the ethernet cable and turn off WiFi. Do not shut it off.
- Contact TechHelp
How do I prevent ransomware?
While you can’t prevent this threat entirely because cybercriminals continually think up new schemes, there are some things you can do to significantly reduce the risk and impact of being infected.
- Follow all the tips on the IT for FIT Cybersafe page and don’t click on links or emails that are from strange people or that don’t make sense.
- Don’t store FIT work on your computer’s local drive. Use the N: drive, Google Drive, or a departmental share. The N: drive is backed up, and if the files become encrypted, IT can get them back. If your local drive becomes encrypted, the files are irretrievable.
- On your personal computer, regularly back up your files to a USB drive that you only attach to the computer when you’re taking a backup, or use a cloud-based backup service.
- We keep your anti-virus software current.
- We are limiting the number of individuals with administrative rights. Ransomware often is unable to load if the user is not signed in as an administrator.
Following a few simple guidelines can help make FIT Cybersafe.
Click on each section below to expand.
It is important to properly sign out of your computer when you are finished for the day. This is particularly important on shared devices to maintain security and make things easier for the next user. Additionally, the Division of Information Technology regularly deploys updates and system patches to fix security vulnerabilities and improve overall computer performance. Computers will automatically reboot even if the user forgot to sign out resulting in the loss of any unsaved work.
Signing out is a simple but essential step to ensure you don’t lose data and your computer remains secure.
Tech Tips
- Always save your work before signing out to prevent data loss.
- Logging out instead of just locking your computer adds an extra layer of security, especially in shared or public environments.
It is common practice to take certain steps to protect your computer before installing new software; however, those security steps are often neglected when installing browser extensions, add-ons, social media and mobile apps. These programs may request permission to access your data; if they’re compromised by cyber attackers or if you install a malicious or illegal version your data may be at risk. It is important to take the necessary precautions to protect yourself and fully understand what access you are granting before you install.
First and foremost it is highly recommended to have up-to-date virus protection software installed on your computer and devices.
Additional best practices include:
Install from official stores
Whenever possible only install from official stores and identified developers. For example, for Android go to the Google Play, iOS the iTunes – App Store, Chrome the Chrome Webstore.
Know what you are downloading
Verify the name and developer of the app. Similar to phishing, scammers try to create extensions, add-ons, and apps that appear legitimate in order to trick people into downloading and sharing information. Official stores do their best to weed out the fraudulent versions but it is important to search the developer, check reviews, the number of downloads and look for spelling errors to spot potential fakes.
Carefully read the permissions
Understanding why an app may request certain permissions is essential to protecting your data and devices from rogue programs. It is reasonable that an app like Google maps would want permission to know your location in order to provide full functionality; however, this permission may be unreasonable for a flashlight app. You can change the permissions that apps can access in settings on your device at any time. Additionally, on many devices, you can customize permissions to only run when the app is in use. Keep in mind changing permission access may cause apps to lose some functionality.
You should also use the same functionality logic outlined for mobile apps when reviewing permissions for browser extensions, apps, and add-ons. Extensions like Pocket, Pinterest or Bitly need to be able to save or change the URL or images on any of the websites you visit, in order to function they require permission to “Read and change all your data on the websites you visit”. The phrasing for some permissions can sound scary but consider the functionality and if it seems that an extension is asking for unreasonable permissions then you might not want to install it.
Review instructions for your device on how to revisit app permissions.
Two good sources of information are how to Control your app permissions on Android 6.0 and up and how to use restrictions on your Apple device.
Sign in with Google or Facebook features
Many extensions, websites, add-ons and apps allow you the option to sign in with your Google or Facebook account. This feature helps with the problem of trying to remember multiple username and passwords but it also may put your data at risk if you don’t follow all the previously mentioned practices. You should only use this option on trusted websites. Before using these sign in options we recommend reviewing the policies of Google and Facebook.
Questions? Comments? Email [email protected] or call 212 217.HELP (4357).
G Suite for Education offers a multitude of security features including allowing you to monitor how your account is being accessed through the Activity Information panel. This is one of the easiest ways for you to ensure that your account isn’t being accessed without your permission. “The Activity Information Panel” allows you to check what browser, device, and locations where your account has been signed into from.
How to Check your Activity Information
Go to Settings
- Click on Settings (Cog Icon)
- Select See all settings
Scroll to the Bottom and then Click on “Details”
What you can do from the Activity Information Panel?
– Check the IP address at the bottom of the window “This computer is using IP address” to know if the Recent activity was from your computer.
– If you have signed into another computer recently or you aren’t sure about another session. Click “Sign out all other sessions”
– Set your Alert preference, we recommend having it set to “Show an alert for unusual activity.”
– Revoke access for any Applications you previously authorized. Click on “Show details” then on “Manage Account Access” the Account Permissions page will open. Now you can select the application – then click “Revoke”.
Don’t forget to change your password if you see any activity that is not you.
What is eduroam?
eduroam (education roaming), is an encrypted, world-wide roaming access service developed for the international research and education community. FIT is proud to be a member and provide eduroam service.
Where can I use eduroam?
eduroam allows FIT students, faculty, and staff to connect to the Internet at participating institutions in the United States and abroad. Equally, visitors from participating institutions in the eduroam network can connect to the eduroam wireless network at FIT.
Is my password being shared with other eduroam insitutions?
Your user credentials (username and password) are kept secure because eduroam does not share them with the site you’re visiting. Instead, they are forwarded to your home institution, where they can be verified and validated.
Find out about eduroam security at https://www.eduroam.org/eduroam-security/.
I am a member of the FIT community; how do I connect to eduroam?
When visiting a participating eduroam location, check the eduroam website for the eduroam SSID (most will be eduroam). Turn on your WiFi and select the institution’s eduroam SSID, enter your FIT email address when prompted for a username and FIT password for the password.
I am visiting FIT from another Eduroam campus; how to connect to eduroam at FIT?
As a visitor to FIT from a participating eduroam institution, turn on your WiFi then select the SSID eduroam and enter your email address and password you use at your institution.
For additional assistance, contact FIT’s TechHelp.
Have you ever wondered if your account information or password has ever been exposed in a data breach?
Have I Been PWNED? (HIBP) is a free resource developed by a Microsoft researcher for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or “pwned” in a data breach. If you enter your email address or password into HIBP, it confidentially checks to see if your credentials appear in public data stores used by hackers and other cybercriminals.
To check if your email account or password was revealed in a data breach visit the webpages below:
Email account: https://haveibeenpwned.com/
Password: https://haveibeenpwned.com/Passwords
What does pwned mean?
Pwned is a slang term derived from the verb own, meaning to appropriate or to conquer to gain ownership.
How do I know the site isn’t just harvesting searched email addresses?
The site is a free service used throughout the security industry for people to determine if their email address or password has been put onto public or dark web credential bulletin boards as a result of a breach. If you used a particular email address and password on a site that has been breached, it’s likely that the address or password will show up on HaveIBeenPwned.
As with any website, if you’re concerned about the intent or security, don’t use it.
What do I do if HaveIBeenPwned finds a match?
If your email address shows as a match, consider the email account: if it’s [email protected], or [email protected], there are lots of ways people can find or guess those addresses. If the address is less obvious, consider changing it.
If your password shows up as a match, change it. Note that if you used a weak password like “Password123”, the match might be related to you or millions of other people. Still, you should change it, either because it’s been Pwned or because it’s too obvious. Each site has different password requirements, but two major guidelines are that longer passwords are better than short ones, and don’t include elements like your birthday that are easily guessable or available on social media.
FITGUEST:
There are two types of usages for our guest network: daily or long-term. Usage of FITGuest only allows for limited WiFi service, this does not include access to any other of FIT programs or services.
Daily Pass:
Events or guests requiring WiFi access for the day will be supplied with a temporary username and password that is supplied by the Facilities-Rentals Office. If possible, please indicate in advance when booking spaces or events if WiFi access will be required.
Longer-Term Pass:
Consultants or group access to WiFi may be required for a longer period of time than granted by the daily pass. If this is the case, please request your FIT host or sponsor open a ticket at techhelp.fitnyc.edu and select the following options:
- Network Drives and Svcs / Infrastructure Svcs
- FITAIR & fitguest WiFi
- Request Access to FITGUEST
Accessing FITGuest:
To access FITGuest, select “fitguest” from your computer/device’s WiFi drop-down list and enter the supplied username and password. Your FITAIR username and password will NOT work on the “fitguest” network.
For more information on how to access the internet or the devices allowed on our network, please visit our Internet service page.