Noel Erskine, Technology Coordinator Norris Schools

Welcome to my technology blog.
Follow me on Twitter, @noelerskine
Noel's Home Page

Security - Don't share what some these folks are sharing! Something to drive home with our teachers.

Wednesday, March 29, 2017

Here is a recent email that I sent out to staff, but wanted to share since many of us use Google Apps in our private lives as well.   These security concerns came to light a few days ago. This article says they removed the search feature... but four days later... it's still there.

Security - We do try to keep you informed! 

Sorry - This is a long blurb... but very interesting.... 

We have really been trying to educate you on not opening attachments and falling for fake emails that send you to sites where they harvest your info. Asking you to log into Gmail when you are not actually on a legitimate Goole site, etc...  (Called phishing emails or attacks.) 

Today... I just want to point out... Make sure you know about sharing settings on documents. I know we have been using Google Docs for almost years now... but we still need to revisit security practices regularly.   Only share publically if you want that to be public. Sounds simple... but many do not.  Microsoft is playing catch up with Google with online documents and sharing.  Many of their users apparently do not know about sharing settings. 

Not sure why Microsoft does this... but you can go to their website and search for documents users have made public. (I am glad Google does not do this!)   Interesting to see how people have messed up.  

I removed the links to these documents since I am posting this publicly, but if you search for many interesting terms, you may find them and many others that people should never be sending out: 
Guessing this person does not really want to share the entire client list for their company...  or this person asking for their pardon ...  or this company's Sales history .....This guys Ambulance bill was pretty high ... or this person's phone application in India.  WOW! Some people and their companies are asking to be scammed. 

Why do I point this out?   Make sure you only share things with the audience you want to have access.  I have a lot of my tech training docs shared publicly... but I never share any network documents with information about our local network, devices, passwords, etc....

Google is very safe..... (and for that matter Microsoft probably is too) but we can accidently share things with the people or groups that we do want to have access.  Normally security comes down to the end user.   So always be cautious with emails and your share settings on docs. 

If a folder is shared with person X, Y and Z ... when you create a file in that folder... that fiels is then shared with person X, Y and Z. 

Not sure how to share or check a file - This doc should help. 

(This blurb is not triggered by any issues here at Norris, but a recent security article that pointed out the Microsoft Doc user problems mentioned above.)

Don't be Phished


Post a Comment