CIO'S MESSAGE - October 20, 2021

Cybersecurity Awareness Month – 5 Tips for Secure File Handling

 

Image
A file folder with a chain and padlock on it


Dear Colleagues,

There is so much to consider about proper file storage and sharing when Level 1 or Level 2 data is involved. This is particularly true in these times of remote teaching, learning, and working, when we're relying more than ever on a hybrid model of campus-managed resources and cloud-based services to store and share information.  This can leave you - and the University - open to information security breaches.  The following tips are recommended to help manage and protect your data when sharing with internal and external contacts.

  1. Use University-approved Microsoft Office 365 solutions, such as for Level 1 and Level 2 data, for file sharing and storage, which have such benefits as:
    • Contractually guaranteed privacy and information security of University data and compliance with FERPA, HIPAA, and our campus policies
    • Granular and controlled access​
  2. Keep your personal computer, devices, and files separate from work-related communications and University data, because a public records request may make the content of your personal email accounts or devices subject to disclosure:
    • Avoid using personal email accounts or computer devices to send work-related messages.
    • Avoid using University email accounts or electronic devices to communicate personal matters.
  3. Back up your data regularly.  When your data is backed up frequently, such as with campus-provided network file shares, you don't have to worry about ransomware and paying a cybercriminal for access to your files.  Routine backups protect you from all sources of data loss (cyber attacks, theft, and everyday events such as a power surge).
  4. Dispose of records properly.  Observe Records Retention and Disposition Standard and Records Retention and Disposition Schedules.
  5. Check for duplicate data and simplify.  Only keep what you need and use, and clean up your email and files regularly.  Don’t be a data hoarder.  The more data you keep, the greater it is your responsibility to protect it.

No matter if you are working on campus or at home, your small actions make a big difference in keeping yourself and the Beach Community secure.  #BeCyberSmart.  Do Your Part.

Special Webinar Invitation

Register for Fight the Phish! scheduled for October 26th at 11:00 AM.

Description:  Hosted by CSU Channel Islands, the webinar will explore the latest phishing scams and techniques. Learn how to identify attacks, why attackers are targeting higher education, and what you can do to protect your devices and data.

If you have any questions or concerns with information security, please contact ISO@csulb.edu. As always, you can report suspicious emails by forwarding them to alert@csulb.edu.

Cuc Du

Information Security Officer