 Security

As higher education institutions increasingly rely on digital technology for teaching, research, and administration, the importance of cybersecurity cannot be overstated. Cyber threats such as phishing attacks, data breaches, ransomware, and social engineering have become common, targeting universities, colleges, and those who work and study within them. Staff, faculty, and students are collectively responsible for safeguarding personal and institutional data. This knowledge base article outline

Digital safety is a shared responsibility. By remaining vigilant, adopting best practices, and staying informed, staff, faculty, and students can substantially reduce cyber risks and contribute to a safer, more secure higher education environment. Remember—cybersecurity is not only about technology; it’s about people, awareness, and proactive action.

This article will provide the operational requirements for handling data according to Indiana State Universities policy for data security and management as defined in the University Handbook section 932.

AI is a new tool for generating content that must be used responsibly in terms of data security, its limitations, and the intellectual property of its outputs.

This article outlines the descriptions, permissions, and associated functionalities related to ISU data sensitivity labels, including Public Data, University Internal Data, Restricted Data, and Highly Restricted Data. By adhering to these guidelines, the university aims to enhance data security and management, ensuring that sensitive information is appropriately protected and accessible only to authorized individuals.

The university is mandated by federal, state and/or local law, or university policy to enforce privacy and security safeguards for regulated data. This area of the Knowledgebase will help guide you through a general overview of regulated data-types at ISU. Please speak to your immediate supervisor for more information related to your role and responsibilities to meet regulatory compliance requirements when generating, storing, using, sharing, and managing regulated data.

Use the "Report Message" feature in Outlook to report suspicious emails.

ISU Employees must comply with all University policies while working in either an on-campus or alternative/remote environment, including those that pertain to information and device security.

Microsoft Intune keeps managed devices secure and up to date while securing ISU’S’s data. Data protection includes event monitoring of sensitive ISU data on and securing workstations and devices from attackers and other compromised systems.

Intune supports managed devices that run Android, iOS/iPad, MacOS, and Windows 10/11.

Indiana State University subscribes to a cloud based security service that continuously monitors cyber-space for DNS (domain name system), infrastructure, and IP networks used in current and former cyber-attacks. Part of this protection includes scoring websites for potential risks. Scoring includes reputational values which considers the age of the site. New domains may be blocked for a 24 hour period following registration.

This article provides tips to stay safe online during the holidays. The target audience is students, faculty, and staff.

This article provides information on preventing, identifying, and/or responding to a malware attack.

URL shorteners, like bit.ly and goo.gl, are frequently used to make it easier to display and enter a web address. However, these services make it difficult to determine what the actual address of the site is and where your browser will take you before you click on a shortened link. Bad actors persistently use these services to disguise malicious URLs, often for phishing or to initiative a download link for malware or ransomware.

The Standard for ISU Email Security for Mobile Devices defines the centrally enforced security device policies required for use of ISU email on personal and ISU-owned mobile devices by ISU faculty, staff, and affiliates. These device policies are required in order for ISU to comply with both the Family Educational Rights and Privacy Act (FERPA) and Indiana Code (IC) 4-1-10.

This standard describes the benefits and key features of the ISAD domain, how to connect a system to the ISUAD domain, and the requirements for a domain exemption.

This article describes ransomware and advises employees on what to do if they think they have been infected by this type of malware.

Office 365 Message Encryption allows ISU email users to send secure protected emails with individuals outside of the University. This can be important to ensure messages securely reach the intended recipient, especially if sensitive data is included.

The standard screen saver lockout is set to 15 minutes. This security lockout feature should automatically initiate after the computer remains idle from user interaction after the standard, predefined time period. The user must then re-enter their password to gain access to the computer.

This article describes frequently asked question about Endpoint Encryption Software. The target audience students, faculty and staff .