Protect Your Data and Devices
These tips provide fundamental and effective methods for protecting your data and devices from outside threats.
- Update Software & Operating System – Remediates Known Vulnerabilities & Bugs
- Go to the software and operating system vendors' site directly to run updates. Please note, campus-provided devices are programmed to receive routine monthly security updates, but it is up to each individual user to reboot to complete installations.
- Alternatively, updating directly from settings and the app store is ideal.
- Practice Strong Passwords & Enable MFA – Do Not Reuse Passwords & Add an additional layer of security
- More Complex = More Secure
- Password Managers can Help Manage Passwords & Complexity
- Multi-Factor authentication makes it harder for hackers to access your account even with your password.
- Use Antivirus Software – Detects & Protects from Malicious Content
- Antivirus software will constantly scan for potential threats, blocking and removing them from entering.
- Resources to assist in choosing the right antivirus for you: PC Mag & CNET.
- Please note campus owned devices are already preinstalled with protective software. If you have a CSULB owned device, please contact your campus technical coordinator for details.
- Beware of Free Public Wi-Fi Connections – Unsecure Network can be used to Exploit your Data
- Do not log into personal accounts like banking. Hackers can read unencrypted network traffic extracting sensitive information.
- Using a VPN can encrypt network traffic, keeping your identity and data hidden.
- Delete Sensitive Information – Eliminates potential data exposure
- Doing so will help protect sensitive information from being exposed if a hacker ever gets a hold of a device or account.
- Outlook and Gmail offer an encrypted email option, giving an expiration date for both parties from accessing the content.
- Enable Encryption – Only Authorized Users Can Access Data
- Encryption transforms data into unreadable code, adding an additional layer of security.
- Back Up Devices – In case of a security incident, you can erase and re-install data
- If you are a victim of a cyber-attack, the only guaranteed way to repair your computer is to erase and re-install the system based on previous backups.
- Please note, CSULB provided devices include automatic backup recovery services.
- Do Not Leave Device Unattended – Device physical security is just as important
- The physical security of your devices is just as important as their technical security.
- If you need to leave your laptop, phone, or tablet for any length of time - lock it up so no one else can use it.
- Report Suspicious Activity – alert@csulb.edu
- If you think you've experienced a security incident, report it immediately to CSULB IT Services.
- Report any attempted or successful unauthorized access, disclosure, or misuse, including hacking or theft.
Microsoft Office OneDrive for Business is the University’s approved cloud file storage solution for securely storing and sharing files. Using other personal or free versions of public cloud file storage services (e.g. Box.com, DropBox, GoogleDrive, personal OneDrive accounts, etc.) do not meet University compliance requirements for security regarding employee owned electronic computing device and storage media, privacy, information classification, and records retention of University data. Furthermore, there are many security risks when University data are stored in non-approved public cloud storage services. The main risks include:
- The University can no longer guarantee the quality of access controls protecting the data. Few cloud providers guarantee they will not access the information stored within their service, leading to concerns over confidentiality and privacy rights.
- Public cloud service providers generally limit their liability for negligence, resulting in little or no recourse should the provider misuse, lose or damage data stored in the cloud.
- Possible loss, theft, and corruption of data or exposure of data to unauthorized users which can result in legal, financial liability, and reputational harm to the University.
- Possible exposure of the individual’s personal information when stored together with University data. If University data are subject to a subpoena, litigation hold request, or other legal actions, you will be required to provide all data, including your personal data which may result in your personal data becoming unavailable for access. If the subpoena is issued directly to the public cloud service provider, your data could be released without your knowledge and consent.
- Non-compliance with FERPA, HIPAA, FISMA, and U.S. Federal export control regulations.
All Faculty, Staff, and Students have a responsibility to protect the confidentiality, privacy, and security of University data. Doing so, minimizes your personal liability for any potential data breach, policy, or legal violation that may result from using non-approved cloud file storage solutions for University business. Microsoft OneDrive for Business offers the following benefits:
- Access to files from anywhere and anytime via CSULB SSO, syncing to your computer, or installing the OneDrive Android or iOS app on your mobile devices
- 5 TB of storage and up to 100 GB file sizes
- Real-time collaboration with students and colleagues