Cybersecurity in SEAS

Like many organizations, the UB School of Engineering and Applied Sciences takes computer security seriously. 

It is important that UB data is secure and accessible to only the relevant individuals. We collaborate with the UBIT Information Security Office to keep informed on the latest threats and issues, and report suspicious activity to them for analysis and remediation.

If you have any questions or concerns regarding computer and data security, please contact Dave Yearke or Jason Lasker. An email message to senshelp@buffalo.edu will work best to cover the bases.

There are three major classification categories for UB data. We ask that you familiarize yourself with them by reading the descriptions found on this web page.

If you will be working with Category 1 (PII) data, it is required that you take the “Handling Data Safely” course (in fact, it’s a good idea to take this course when working with most kinds of UB data).

Here are some general notes concerning UB data storage:

  • Only approved cloud storage providers can be used for UB data. UBbox and UB's Microsoft SharePoint storage are approved. Dropbox, Google Drive, iCloud, and others are not. Please check with us before considering use of a cloud service.
  • Computers installed by SENS are approved for storing Category 2 and 3 data.
  • Category 1, or PII, data can only be stored in Secure Box, a special version of UBbox. Such data cannot be stored on local hard drives or other cloud services. 

A major security concern is the use of email to compromise user accounts. We regularly get hoax emails, known as “phishing attempts,” which attempt to lure users into sending their passwords or similar information to bad actors. If you receive an email message and suspect it is a phishing attempt or a similar hoax, but are unsure, please ask us and we will assist.

Here is a good resource for identifying phishing attempts: https://www.buffalo.edu/ubit/service-guides/safe-computing/managing/recognizing-a-phishing-attempt.html

In general, please report suspicious email messages that appear to come from UB people or entities. You do not need to report other types of Spam, phishing, or hoax messages, as there is probably not much we can do about them and we are mostly concerned with those that appear official. We have very good email filters that quickly adapt to other kinds of suspicious or annoying email messages.