Information Security Dos and Don'ts

Social Engineering Safety 

With today's mobile technology, it is easier to access personal files and data from multiple sources, which has led to the rise of social engineering. 

What is social engineering? Social engineering is manipulating people to give up their confidential information. It is easier for criminals to rely on the trusting nature of people to divulge their confidential information, like passwords, bank information or computer access, than it is to hack software. Cyber criminals often use phone calls and emails scams to gain the information that they are looking for. 

Data Security Awareness

People are the weakest link in data security. By following these tips, you can arm yourself against social engineering attacks and keep Bradley University's and your personal information safe.

Computer Usage

DATA RISKDODON'T
  • University-owned data theft/loss
  • Computer/server security
  • Personal information theft
  • Malware infection
  • Keep proprietary and protected data on secure campus servers only
  • Log off your computer at the end of the day
  • Lock your computer when you are away from it (Window icon+ L, Macs put to sleep)
  • Keep your passwords in a password manager
  • Install anti-malware software and keep it updated
  • Regularly delete files from downloads folder & empty the trash/recycle bin
  • Don't turn off Windows/OS updates
  • Don't leave your computer or sensitive data unprotected
  • Don't tell people your passwords
  • Don't store passwords in clear text applications like notes
  • Don't install illegal software or install software from an untrusted source
  • Don't store University-owned data on cloud storage services like Dropbox
Resources

Mobile Usage

DATA RISKDODON'T
  • University-owned data theft/loss
  • Personal information theft
  • Password theft
  • Keep a passcode or PIN on all mobile devices
  • Keep the mobile OS updated
  • Turn on location apps to find the mobile device if lost or stolen
  • Report a lost or stolen device to the police and the HelpDesk
  • Have iCloud (iOS) or Google Device policy (Android) active to be able to remote lock/wipe your device remotely
  • Don't leave your mobile device unattended in public
  • Don't install illegal apps or install apps from an untrusted source
  • Don't "jailbreak" you mobile device
  • Don't access sensitive information on a "free" unsecure public network
  • Don't give out sensitive or personal information over the phone in public
Resources

Email Usage

DATA RISKDODON'T
  • University-owned data theft/loss
  • Computer/server security
  • Malware/Virus/Spam/Ransomware
  • Scan all attachments for malware
  • Contact the HelpDesk if you feel you have received a Phishing Email
  • Unplug your computer and contact the HelpDesk if you believe you have clicked on a Phishing link.
  • Delete suspicious emails from unknown sources
  • Change your password from a different computer if you believe you have clicked on a phishing link
  • Don't click on links in emails from unknown sources
  • Don't open enclosed files from unknown sources
  • Don't send social security numbers or credit card numbers via email
  • Don't use your Bradley email address for signing up for personal services
Resources

Web Browsing

DATA RISKDODON'T
  • University-owned data theft/loss
  • Personal information theft
  • Password theft
  • Malware/Spyware/Phishing/Ransomware
  • Keep web browsers updated
  • Make sure you are on a secure site by looking for the lock icon and/or the url starts with https:// before sending any information via the web
  • Run anti-virus software
  • Scan files before downloading
  • Turn on your browser’s popup blocker
  • Be careful what links you click on
  • Always log out of online accounts when you are done
  • Don't log into sites like banks or shop online while on public wifi
  • Don't click on popup windows
  • Don't give out personal information online
  • Don't fill out any surveys online that ask for your personal details or bank details
  • Don't save your credit/debit card information on websites and web browsers.
  • Don't install untrusted browser plugins
  • Don't pay to unlock files from ransomware
Resources

Phone Safety

DATA RISKDODON'T
  • University-owned data theft/loss
  • Personal information theft
  • Phishing
  • Only pay bills in person or on MyBU
  • Don't respond to phone calls asking about visa information
  • Don't make a payment over the phone from someone who called claiming to be from billing or the controller's office