Information Security Basics
Clayton State’s Information Security collaborates with faculty, staff and students to keep campus computing systems running smoothly and important data protected and secure.
Information Security secures data and infrastructure protecting confidentiality, availability and integrity.
Security & Awareness Training: Training and awareness are the cornerstones of information security. All CSU faculty and staff are required to take annual information security awareness training.
Campus information security infrastructure: Clayton State information security infrastructure consists of tools and equipment which protect data, systems and networks. CSU campus infrastructure is designed to be as unobtrusive as possible while still maintaining a high degree of protection against malware, hackers, and data breaches.
There are many information security threats that we need to be aware of and protect against in order to ensure our sensitive information remains secure. False alarms can cause more problems than the real event, so educate yourself on what is - and, just as importantly, what isn't - a threat to computer security.
Identity management is an important aspect of information technology security. Employee logins are requested by Human Resources at the time of hire and are terminated when Human Resources notifies ITS the person is no longer employed. Accounts will not be created without Human Resources requesting them.
All users, whether internal, external, or temporary, and their activity on all IT systems should have User Ids that:
- are uniquely identifiable
- are enabled through appropriate authentication mechanisms
- are assigned access rights to all systems and data in line with defined and documented business needs and job requirements
- are only requested by user management, approved by system owners, and implemented by the appropriate local security administrator.
Threat landscape. Malware, viruses and bots can come from any direction. Staying on top of alerts, strong passwords, and keeping your operating system and antivirus software current on updates will go a long way to help.
Email is provided as a tool to assist and facilitate state business, communications with students, faculty, and its representatives to conduct official Clayton State University business. Email is one of the most important information technologies. Email is the number one conduit malicious entities use to compromise accounts and systems.
Phishing scams. Attempts by hackers and noncriminals to steal personal information or hijack computing resources for nefarious purposes by deception. Spam is also used by criminals to steal assets. Spam is so cheap to send that spammers only need a few sales to make a profit; some reports now put the percentage of email that's spam at 95% and rising. The only way to stop spam is for everyone in the world to not respond.
Viruses and malware. Malware includes viruses, worms, trojan horses, spyware, adware, scareware, rootkits, exploits, and any other piece of software designed to disrupt, destroy or steal valuable information.
P2P file-sharing & copyright violations. Learn how to avoid the pitfalls and potential sanctions associated with unauthorized file-sharing.
Protecting Yourself and Others
When you start college, you’re taking on new responsibilities, making your own decisions, and becoming part of the campus community. There is an important role that you can play in your college's cybersecurity efforts that combines these elements of responsibility, decision-making, and community.
When you’re in college, your computer and mobile devices are primary tools in your educational and social life. Students use the Internet for homework, research, social networking, online shopping and other activities. The Internet is an amazing tool, but must be used safely and securely. When you log on to the campus network (or any network), what you do online could impact not only your computer, but other students and the network as well. By combining up-to-date security tools with good judgment, you and your college community are much less likely to encounter a security violation, loss of data, or system problems. The first step is STOP. THINK. CONNECT. Keep a Clean Machine
- Keep security software current: Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.
- Automate software updates: Many software programs will automatically connect and update to defend against known risks. Turn on automatic updates if that’s an available option.
- Protect all devices that connect to the internet: Along with computers, smartphones, gaming systems and other web-enabled devices also need protection from viruses and malware.
- Plug & scan: “USBs” and other external devices can be infected by viruses and malware. Use your security software to scan them.
Protect Your Personal Information
- Lock down your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passwords are not enough to protect key accounts like email, banking and social media.
- Make your password a sentence: A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!
- Unique account, unique password: Having separate passwords for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passwords.
- Write it down and keep it safe: Everyone can forget a password. Keep a list that’s stored in a safe, secure place away from your computer. You can alternatively use a service like a password manager to keep track of your passwords.
- Own your online presence: When available, set the privacy and security settings on websites to your comfort level for information sharing. It’s ok to limit who you share information with.
Connect With Care
- When in doubt, throw it out: Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email.
- Get savvy about Wi-Fi hotspots: Limit the type of business you conduct and adjust the security settings on your device to limit who can access your machine.
- Protect your $$: When banking and shopping, check to be sure the sites is security enabled. Look for web addresses with “https://” or “shttp://”, which means the site takes extra measures to help secure your information. “Http://” is not secure.
Be Web Wise
- Stay current. Keep pace with new ways to stay safe online: Check trusted websites for the latest information, and share with friends, family, and colleagues and encourage them to be web wise.
- Think before you act: Be wary of communications that implores you to act immediately, offers something that sounds too good to be true, or asks for personal information.
- Back it up: Protect your valuable work, music, photos, and other digital information by making an electronic copy and storing it safely.
Be a Good Online Citizen
- Safer for me more secure for all: What you do online has the potential to affect everyone – at home, at work and around the world. Practicing good online habits benefits the global digital community.
- Post only about others as you have them post about you.
- Help the authorities fight cyber crime: Report stolen finances or identities and other cybercrime to the Internet Crime Complaint Center and to your local law enforcement, Information security office and campus police as appropriate.
The single most important way to protect yourself and others against cybercrime is simple - keep your passwords secret. Never share your passwords with anyone! No one at CSU, will ever ask for your password, not even the HUB.
Annual Credit Report Monitoring . You are entitled to a free copy of your credit report from each of the three national consumer credit reporting agencies on request once a year. It is an important step in helping to prevent identity theft.
Annual Credit Report Monitoring
You can help to protect yourself against identity theft by reviewing your credit report at least once a year. The Fair Credit Reporting Act (FCRA) requires that each of the three national consumer credit reporting companies — Equifax, Experian, and TransUnion — provide you with a copy of your credit report on request once every 12 months at no charge.
The Federal Trade Commission (FTC) enforces the FCRA, which promotes the secure maintenance of accurate information by the consumer credit reporting companies.
By regularly checking your credit report, you can
- Guard against identity theft.Even if you don't use your credit cards, you still have a credit record. Any anomalies in your credit report could mean that an identity thief is using your personally-identifiable information, such as social security number, banking information, job information, etc, to obtain credit in your name. If you don't check your report, you'll never know.
- Make sure your credit file information is current and up-to-date before you apply for any loans.
The three consumer reporting companies have set up a central website, toll-free telephone number, and mailing address through which you can order your free annual report. Go to annualcreditreport.com, call 1-877-322-8228, or download the Annual Credit Report Request Form and mailing it to:
Annual Credit Report Request Service P.O. Box 105281 Atlanta, GA 30348-5281
Note that the only website authorized to fill orders for the free annual credit report you are entitled to under law is annualcreditreport.com. Other sites will similar names may charge a fee and/or not provide reports from all three agencies.
5 ways to avoid being hacked. A cautionary video and news story gives quick tips on how to avoid being hacked.
Protecting confidential information. "Protected information" is an umbrella term used at CSU to describe information linked to an individual person's identity, such as their Social Security number, driver's license data, and credit card or bank account information (sometimes called Personally-Identifiable Information, or PII) which can be used to facilitate identity theft.
Keep your system up-to-date. Today's security threats are heavily focused on exploiting vulnerabilities in common operating systems and applications, so one of the most important ways you can keep your information safe is to ensure that your OS, browser, and other widely-used applications such as Adobe's Acrobat Reader are kept up to date.