{"id":1274,"date":"2026-01-23T08:00:59","date_gmt":"2026-01-23T13:00:59","guid":{"rendered":"https:\/\/www.montclair.edu\/phish-files\/?p=1274"},"modified":"2026-01-20T15:52:55","modified_gmt":"2026-01-20T20:52:55","slug":"data-privacy-its-not-just-an-it-thing","status":"publish","type":"post","link":"https:\/\/www.montclair.edu\/phish-files\/2026\/01\/23\/data-privacy-its-not-just-an-it-thing\/","title":{"rendered":"Data Privacy: It\u2019s Not Just an IT Thing"},"content":{"rendered":"<p data-start=\"842\" data-end=\"1209\">Data Privacy Week is a reminder that protecting personal and university data isn\u2019t just IT\u2019s responsibility\u2014it\u2019s something we all do every day. Universities handle sensitive information like student records, financial aid, research data, and HR info. Small actions, like clicking a link or approving a login prompt, can put that information\u2014and your peers\u2019\u2014at risk.<\/p>\n<p data-start=\"1211\" data-end=\"1328\">Below, we break down <strong data-start=\"1232\" data-end=\"1271\">practical ways to protect your data<\/strong>, explain why they matter, and give you actionable steps.<\/p>\n<hr data-start=\"1330\" data-end=\"1333\" \/>\n<h2 data-start=\"1335\" data-end=\"1378\"><strong data-start=\"1339\" data-end=\"1376\">Passwords and Account Security<\/strong><\/h2>\n<p data-start=\"1379\" data-end=\"1536\">Strong passwords and proper account security are your first line of defense. Even a single reused password can allow attackers to access multiple accounts.<\/p>\n<p data-start=\"1538\" data-end=\"1740\"><strong data-start=\"1538\" data-end=\"1557\">Why it matters:<\/strong><br data-start=\"1557\" data-end=\"1560\" \/>Reusing passwords or approving an unverified Duo prompt can let attackers access email, cloud storage, and personal accounts\u2014sometimes without you realizing it until it\u2019s too late.<\/p>\n<p data-start=\"1742\" data-end=\"1751\"><strong data-start=\"1742\" data-end=\"1749\">Do:<\/strong><\/p>\n<ul data-start=\"1752\" data-end=\"2115\">\n<li data-start=\"1752\" data-end=\"1892\">\n<p data-start=\"1754\" data-end=\"1892\">Use <strong data-start=\"1758\" data-end=\"1786\">strong, unique passwords<\/strong> for all campus and personal accounts. Consider a password manager if you have trouble remembering them.<\/p>\n<\/li>\n<li data-start=\"1893\" data-end=\"2049\">\n<p data-start=\"1895\" data-end=\"2049\">Enable <strong data-start=\"1902\" data-end=\"1923\">Duo Verified Push<\/strong> instead of phone or SMS. Verified Push requires you to confirm a number on your screen, which prevents MFA fatigue attacks.<\/p>\n<\/li>\n<li data-start=\"2050\" data-end=\"2115\">\n<p data-start=\"2052\" data-end=\"2115\">Lock devices when unattended and log out of shared computers.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"2117\" data-end=\"2129\"><strong data-start=\"2117\" data-end=\"2127\">Don\u2019t:<\/strong><\/p>\n<ul data-start=\"2130\" data-end=\"2279\">\n<li data-start=\"2130\" data-end=\"2175\">\n<p data-start=\"2132\" data-end=\"2175\"><strong>Reuse passwords<\/strong> across multiple accounts.<\/p>\n<\/li>\n<li data-start=\"2176\" data-end=\"2220\">\n<p data-start=\"2178\" data-end=\"2220\">Approve Duo prompts <strong>you didn\u2019t initiate<\/strong>.<\/p>\n<\/li>\n<li data-start=\"2221\" data-end=\"2279\">\n<p data-start=\"2223\" data-end=\"2279\"><strong>Share passwords<\/strong> with anyone\u2014even a friend or coworker.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"2281\" data-end=\"2486\"><strong data-start=\"2281\" data-end=\"2293\">Example:<\/strong><br data-start=\"2293\" data-end=\"2296\" \/>Last semester, a Montclair community member accidentally approved a phone-based Duo request that came from an attacker trying to log into their email. Switching to Verified Push could have prevented it.<\/p>\n<hr data-start=\"2488\" data-end=\"2491\" \/>\n<h2 data-start=\"2493\" data-end=\"2537\"><strong data-start=\"2497\" data-end=\"2535\">Phishing and Social Engineering<\/strong><\/h2>\n<p data-start=\"2538\" data-end=\"2670\">Attackers often manipulate people rather than systems. Emails, text messages, and fake notifications can look official and urgent.<\/p>\n<p data-start=\"2672\" data-end=\"2913\"><strong data-start=\"2672\" data-end=\"2691\">Why it matters:<\/strong><br data-start=\"2691\" data-end=\"2694\" \/>A single click on a phishing link can compromise your account, exposing sensitive student, research, or HR data. These attacks are often targeted using information pulled from social media or publicly available sources.<\/p>\n<p data-start=\"2915\" data-end=\"2924\"><strong data-start=\"2915\" data-end=\"2922\">Do:<\/strong><\/p>\n<ul data-start=\"2925\" data-end=\"3248\">\n<li data-start=\"2925\" data-end=\"3025\">\n<p data-start=\"2927\" data-end=\"3025\">Pause before clicking links or downloading attachments. Hover over links to verify destinations.<\/p>\n<\/li>\n<li data-start=\"3026\" data-end=\"3142\">\n<p data-start=\"3028\" data-end=\"3142\">Use the <strong data-start=\"3036\" data-end=\"3064\">Phish Alert Button (PAB)<\/strong> to report suspicious emails\u2014it sends them directly to Information Security.<\/p>\n<\/li>\n<li data-start=\"3143\" data-end=\"3248\">\n<p data-start=\"3145\" data-end=\"3248\">Verify unexpected requests via a trusted method, like a known phone number or official campus portal.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"3250\" data-end=\"3262\"><strong data-start=\"3250\" data-end=\"3260\">Don\u2019t:<\/strong><\/p>\n<ul data-start=\"3263\" data-end=\"3433\">\n<li data-start=\"3263\" data-end=\"3325\">\n<p data-start=\"3265\" data-end=\"3325\">Reply to messages asking for personal info or credentials.<\/p>\n<\/li>\n<li data-start=\"3326\" data-end=\"3362\">\n<p data-start=\"3328\" data-end=\"3362\">Approve logins you didn\u2019t start.<\/p>\n<\/li>\n<li data-start=\"3363\" data-end=\"3433\">\n<p data-start=\"3365\" data-end=\"3433\">Assume a familiar name or department guarantees a message is safe.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"3435\" data-end=\"3463\"><strong data-start=\"3435\" data-end=\"3461\">Examples to watch for:<\/strong><\/p>\n<ul data-start=\"3464\" data-end=\"3647\">\n<li data-start=\"3464\" data-end=\"3528\">\n<p data-start=\"3466\" data-end=\"3528\">Fake DocuSign or eSignature requests with generic greetings.<\/p>\n<\/li>\n<li data-start=\"3529\" data-end=\"3581\">\n<p data-start=\"3531\" data-end=\"3581\">Account expiration warnings that create urgency.<\/p>\n<\/li>\n<li data-start=\"3582\" data-end=\"3647\">\n<p data-start=\"3584\" data-end=\"3647\">HR or payroll messages that ask you to confirm personal info.<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"3649\" data-end=\"3652\" \/>\n<h2 data-start=\"3654\" data-end=\"3695\"><strong data-start=\"3658\" data-end=\"3693\">Social Media and Oversharing<\/strong><\/h2>\n<p data-start=\"3696\" data-end=\"3775\">Information shared publicly online can help attackers craft convincing scams.<\/p>\n<p data-start=\"3777\" data-end=\"3960\"><strong data-start=\"3777\" data-end=\"3796\">Why it matters:<\/strong><br data-start=\"3796\" data-end=\"3799\" \/>Attackers gather data from profiles, posts, or event calendars to impersonate people or organizations. Oversharing can make phishing attacks appear legitimate.<\/p>\n<p data-start=\"3962\" data-end=\"3971\"><strong data-start=\"3962\" data-end=\"3969\">Do:<\/strong><\/p>\n<ul data-start=\"3972\" data-end=\"4185\">\n<li data-start=\"3972\" data-end=\"4039\">\n<p data-start=\"3974\" data-end=\"4039\">Regularly review privacy settings on all social media accounts.<\/p>\n<\/li>\n<li data-start=\"4040\" data-end=\"4103\">\n<p data-start=\"4042\" data-end=\"4103\">Limit sharing schedules, roles, or location details online.<\/p>\n<\/li>\n<li data-start=\"4104\" data-end=\"4185\">\n<p data-start=\"4106\" data-end=\"4185\">Pause and think before posting personal information about yourself or others.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"4187\" data-end=\"4199\"><strong data-start=\"4187\" data-end=\"4197\">Don\u2019t:<\/strong><\/p>\n<ul data-start=\"4200\" data-end=\"4376\">\n<li data-start=\"4200\" data-end=\"4291\">\n<p data-start=\"4202\" data-end=\"4291\">Post sensitive details that could help attackers guess passwords or security questions.<\/p>\n<\/li>\n<li data-start=\"4292\" data-end=\"4376\">\n<p data-start=\"4294\" data-end=\"4376\">Accept connection requests from unknown people who ask for personal information.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"4378\" data-end=\"4530\"><strong data-start=\"4378\" data-end=\"4386\">Tip:<\/strong><br data-start=\"4386\" data-end=\"4389\" \/>Even seemingly harmless posts, like class schedules or club leadership info, can be used by scammers to make phishing emails more convincing.<\/p>\n<hr data-start=\"4532\" data-end=\"4535\" \/>\n<h2 data-start=\"4537\" data-end=\"4573\"><strong data-start=\"4541\" data-end=\"4571\">Everyday Digital Habits<\/strong><\/h2>\n<p data-start=\"4574\" data-end=\"4648\">Small, routine actions can add up to big risks if not managed carefully.<\/p>\n<p data-start=\"4650\" data-end=\"4818\"><strong data-start=\"4650\" data-end=\"4669\">Why it matters:<\/strong><br data-start=\"4669\" data-end=\"4672\" \/>Lost devices, outdated software, or accidental oversharing can create vulnerabilities that attackers exploit\u2014often without the victim realizing.<\/p>\n<p data-start=\"4820\" data-end=\"4829\"><strong data-start=\"4820\" data-end=\"4827\">Do:<\/strong><\/p>\n<ul data-start=\"4830\" data-end=\"5004\">\n<li data-start=\"4830\" data-end=\"4878\">\n<p data-start=\"4832\" data-end=\"4878\">Keep devices, browsers, and apps up to date.<\/p>\n<\/li>\n<li data-start=\"4879\" data-end=\"4936\">\n<p data-start=\"4881\" data-end=\"4936\">Review app permissions and revoke unnecessary access.<\/p>\n<\/li>\n<li data-start=\"4937\" data-end=\"5004\">\n<p data-start=\"4939\" data-end=\"5004\">Double-check before sharing sensitive info or clicking \u201cAllow.\u201d<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"5006\" data-end=\"5018\"><strong data-start=\"5006\" data-end=\"5016\">Don\u2019t:<\/strong><\/p>\n<ul data-start=\"5019\" data-end=\"5128\">\n<li data-start=\"5019\" data-end=\"5073\">\n<p data-start=\"5021\" data-end=\"5073\">Forward sensitive info via email unless necessary.<\/p>\n<\/li>\n<li data-start=\"5074\" data-end=\"5128\">\n<p data-start=\"5076\" data-end=\"5128\">Ignore repeated or unexpected login notifications.<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"5130\" data-end=\"5133\" \/>\n<h2 data-start=\"5135\" data-end=\"5172\"><strong data-start=\"5139\" data-end=\"5170\">Stay Informed and Engage<\/strong><\/h2>\n<p data-start=\"5173\" data-end=\"5236\">Data privacy isn\u2019t a one-week event\u2014it\u2019s an ongoing practice.<\/p>\n<p data-start=\"5238\" data-end=\"5247\"><strong data-start=\"5238\" data-end=\"5245\">Do:<\/strong><\/p>\n<ul data-start=\"5248\" data-end=\"5431\">\n<li data-start=\"5248\" data-end=\"5306\">\n<p data-start=\"5250\" data-end=\"5306\">Follow the <strong data-start=\"5261\" data-end=\"5276\">Phish Files<\/strong> for real examples and tips.<\/p>\n<\/li>\n<li data-start=\"5307\" data-end=\"5360\">\n<p data-start=\"5309\" data-end=\"5360\">Follow <strong data-start=\"5316\" data-end=\"5332\">IT Instagram<\/strong> for alerts and reminders.<\/p>\n<\/li>\n<li data-start=\"5361\" data-end=\"5431\">\n<p data-start=\"5363\" data-end=\"5431\">Report suspicious activity using the <strong data-start=\"5400\" data-end=\"5428\">Phish Alert Button (PAB)<\/strong>.<\/p>\n<\/li>\n<\/ul>\n<p data-start=\"5433\" data-end=\"5445\"><strong data-start=\"5433\" data-end=\"5443\">Don\u2019t:<\/strong><\/p>\n<ul data-start=\"5446\" data-end=\"5538\">\n<li data-start=\"5446\" data-end=\"5490\">\n<p data-start=\"5448\" data-end=\"5490\">Assume protecting data is only IT\u2019s job.<\/p>\n<\/li>\n<li data-start=\"5491\" data-end=\"5538\">\n<p data-start=\"5493\" data-end=\"5538\">Delay taking action on suspicious messages.<\/p>\n<\/li>\n<\/ul>\n<hr data-start=\"5540\" data-end=\"5543\" \/>\n<p data-start=\"5545\" data-end=\"5779\"><strong data-start=\"5545\" data-end=\"5561\">Bottom Line:<\/strong><br data-start=\"5561\" data-end=\"5564\" \/>Data privacy is a shared responsibility. Small, thoughtful actions\u2014like using Verified Push, reporting suspicious emails, and practicing password hygiene\u2014protect not only your data but the entire campus community.<\/p>\n<h2 data-start=\"553\" data-end=\"653\">Want to Know More?<\/h2>\n<p>National Cybersecurity Alliance | <a href=\"https:\/\/www.staysafeonline.org\/data-privacy-week\">Data Privacy Week<\/a><\/p>\n<p>National Cybersecurity Alliance | <a href=\"https:\/\/www.staysafeonline.org\/events\/data-privacy-week-2026-webinars\">Data Privacy Week Webinars<\/a><\/p>\n<p>NordVPN | <a href=\"https:\/\/nationalprivacytest.org\/\">National Privacy Test<\/a><\/p>\n<p>White &amp; Case | <a href=\"https:\/\/www.whitecase.com\/insight-alert\/new-jersey-enacts-comprehensive-data-privacy-law\">New Jersey Enacts Comprehensive Data Privacy Law<\/a><\/p>\n<p>NJ Consumer Affairs | <a href=\"https:\/\/www.njconsumeraffairs.gov\/ocp\/Pages\/NJ-Data-Privacy-Law-FAQ.aspx\">New Jersey Data Privacy Law FAQs<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Data Privacy Week is a reminder that protecting personal and university data isn\u2019t just IT\u2019s responsibility\u2014it\u2019s something we all do every day. Universities handle sensitive information like student records, financial aid, research data, and HR info. Small actions, like clicking a link or approving a login prompt, can put that information\u2014and your peers\u2019\u2014at risk. Below, [&hellip;]<\/p>\n","protected":false},"author":349,"featured_media":1290,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5],"tags":[],"class_list":["post-1274","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1274","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/users\/349"}],"replies":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/comments?post=1274"}],"version-history":[{"count":7,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1274\/revisions"}],"predecessor-version":[{"id":1292,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1274\/revisions\/1292"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media\/1290"}],"wp:attachment":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media?parent=1274"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/categories?post=1274"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/tags?post=1274"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}