Information Technology

First of all, if you do not have a password on your computer, we recommend that you encrypt it immediately. Your computer password should not be simple and easily remembered. Choose a password that is as difficult as possible and contains different characters, and do not share this password with anyone. Also, you should not use the same password for a long time. Update your password at the intervals you specify. In order not to forget to change your password, you can set an alarm on your phone or take the necessary notes in your calendar. This process, which will only take a few minutes, will help you stay safe. Do not forget to change your e-mail password, social media passwords and the passwords you use for internet banking transactions at regular intervals.

One of the most common mistakes is that users use the same password for all their online accounts. Although it can be difficult to remember a different password for each site, once criminals manage to intercept your password, they can access all your accounts, including banking and shopping sites. The smartest thing to do in this case is to use a password vault that stores all your passwords (1password, lastpass, keychain, etc.). So the only thing you need to remember is the password to this safe. Of course, the password for this safe must also be strong. A strong password is at least 8 characters and should contain a combination of special characters, numbers, and uppercase and lowercase letters. Multi-factor authentication, which requires additional verification through mobile phone applications such as SMS, Google Authenticator, etc. for each login process, as the applications you use allow it.

â € ‹â €‹ â € ‹â €‹ â € ‹â €‹ â € ‹With the process of working at home, work computers began to be used at home. It may seem easy to use your work computer for personal work while your work computer is open in front of you, but this may put your business information at risk. Be very careful when using your work computer in case your computer is copied. Never click on sites you have not visited before and do not trust. Be sure to protect your important files with an encryption system.

Remember that the reason for updates to applications is to make the current application better and safer. You can think of each update as a patch for vulnerabilities discovered in the application. Hackers also scan for system vulnerabilities when they want to attack your system. If your application is in its most up-to-date state, this will reduce your chances of being hacked. Check your computers, mobile phones, tablets, etc. regularly. Install security patches for your operating system and installed software, and regularly update your antivirus software. Keep it updated by internet.

Cybercriminals personalize attacks to increase the likelihood of clicking on the sent link. The easiest way to obtain personal information is through social media accounts. The easiest way to prevent this is to limit who sees your page. Users who want a public social media profile need to carefully choose who they friend. If someone you don't know adds you, either reject them or check their account information to see if they have friends.

In business life, unexpected accidents can always happen and some files may be lost. To prevent this, we recommend that you make file backup a habit. This way, you will have an organized work archive and can easily access information when you need it. Additionally, if your computer is attacked and your files are deleted, you will not suffer a huge data loss. OzU recommends the use of Google Drive and/or Office 365 Microsoft OneDrive, which it provides free of charge to its users.

Although free Wi-Fi connections in public places are generally secure connections, they do not indicate that they are not vulnerable to attacks. Cybercriminals can post malicious links as a public hotspot, especially at crowded events and venues. When a user connects to this access point, all their data can be stolen. Many smartphones automatically connect to open Wi-Fi hotspots or connect via Bluetooth access. To prevent a possible attack, Wi-Fi and Bluetooth settings must be turned off to automatic connection. Additionally, installing VPN software allows you to establish secure and encrypted connections with existing access points.

Everyone has downloaded the file attached to an e-mail message from someone they do not know, or clicked on the advertising links sent to their e-mail or on websites. These links often consist of complex URLs full of grammatical errors. The best solution to this problem is to install effective anti-spam, anti-malware, antivirus, firewall, etc. security software that can detect spam and phishing and verify connections. Most new generation antivirus software and operating systems offer this opportunity. OzU offers its users the Kaspersky application free of charge. For installation support, you can contact the IT user support unit via SC.

Phishing attacks are one of the most commonly used methods of personal information theft. With these attacks, users' personal information such as TR ID Number, Mobile Phone, Credit Card, etc. can be captured. 

We strongly advise our users not to pay attention to suspicious messages coming from email accounts whose authenticity they are not sure of, and not to respond to requests such as "click on the link below", and to first make the following checks and immediately report the situation to the IT Unit.

• Is the email coming from a recognized legitimate e-commerce site, your institution, financial institution, email provider, internet service provider?
• Never click on URL links in suspicious emails, especially shortened ones (bit.ly, ow.ly, tinyurl.com, is.gd, goo.gl, tiny.cc, cli.gs, etc.).
• Be sure to check whether the web page you are directed to via the link is safe! Check whether the address in the address section at the top of your Internet browser is "https://". The letter "s" at the end of "https://" indicates that this page is secure and processed using various encryption methods. The closed lock sign in the address bar of your Internet browser indicates that you are operating on a secure and encrypted page.
• If you were directed to a website via a link in an email, does the URL at the top of the browser match the URL of the legitimate company you think you are visiting? 
• Are you being asked to provide personal information? Do not provide personal information to suspicious or unfamiliar websites.
• Before filling out a form online, even on secure sites, check whether the site has a privacy agreement stating whether it shares this information with third parties.

Cyber ​​attacks first target users working over insecure networks. We recommend using a VPN application to protect yourself from these attacks. OzU provides VPN solution for its users. You should use ÖzÜ VPN to access corporate applications. Connecting to OzU VPN will provide high protection against cyber attacks. Thanks to VPN, your computer will connect to the internet through a different IP. Thanks to the secure network, you can secure all your business information and passwords. You can access installation and help guides on MyOzU.

With single sign-on (SSO), you can access all authorized systems using a single username and password. This convenience makes the security of your account even more important. As a member of Özyeğin University:

Security measures provided by the institution:

• Multi-factor authentication (MFA) is mandatory with the Microsoft Authenticator app.
• Remote workers gain secure access using a VPN connection.

Security measures you should take as a user:

• Make sure that the operating systems and antivirus programs of the devices you log in to are up to date.
• Use a strong password and do not share your password with others.
• Log out when not in use.
• Avoid logging in to shared or public devices.

Mobile devices contain a wealth of sensitive data, including emails, files, photos, and personal information. Therefore, using them without security measures can lead to data breaches and unauthorized access.

• Use strong and unique passwords or biometric authentication on devices where available.
• Update your operating system and applications regularly.
• Do not install applications from unknown sources.
• Do not connect to public Wi-Fi networks.
• Activate the remote wipe feature in case you lose your device. If your corporate devices become unusable, lost, or stolen, you must report them (by filing a police report) through the Solution Center.