Introduction
Digital safety is a shared responsibility. By remaining vigilant, adopting best practices, and staying informed, staff, faculty, and students can substantially reduce cyber risks and contribute to a safer, more secure higher education environment. Remember—cybersecurity is not only about technology; it’s about people, awareness, and proactive action.
Secure Best Practices
1. Be Wary of Suspicious Communications
- Never click on links or download attachments from unexpected or suspicious emails, texts, or messages.
- Check sender email addresses carefully, looking for subtle misspellings or strange domains.
- If you receive an unusual request (such as for funds or sensitive information), verify it by contacting the sender via a known method.
- Report phishing attempts via the "Report" button on the top tool bar of your email
2. Use Strong, Unique Passwords
- Choose passwords that are long, complex, and not easily guessed.
- Use a different password for each account, especially for your institutional accounts.
- Consider using a password manager to securely store and generate passwords.
3. Enable Multi-Factor Authentication (MFA)
- MFA adds an extra layer of security by requiring a second form of verification beyond your password.
- Enable MFA on all accounts that offer it, particularly for university email, learning management systems, and cloud storage.
- Use authentication apps or hardware tokens when available, as these are more secure than SMS-based verification.
4. Keep Devices and Software Up-to-Date
- Regularly update your operating system, applications, and antivirus software.
- Enable automatic updates where possible to patch vulnerabilities quickly.
5. Secure Personal and Institutional Devices
- Lock your devices with passwords, PINs, or biometric authentication (such as fingerprint or facial recognition).
- Never leave laptops, phones, or tablets unattended in public places.
- Use encryption for sensitive data, especially on mobile devices and external drives.
- Log out of accounts and lock your screen when stepping away from your device.
6. Use Secure Networks
- Prefer using secured Wi-Fi networks (those that require a password) over public, unsecured networks.
- When off-campus, consider using a Virtual Private Network (VPN) to encrypt your internet connection.
- Never access sensitive information on public computers or shared devices.
7. Protect Sensitive Data
- Be careful when handling personal or institutional data—only access, share, or store what’s absolutely necessary. (Use data sensitivity labels for granular control)
- Understand and follow your institution’s data protection policies.
- Use secure file transfer methods and shared drives approved by ISU.
- Shred physical documents that contain confidential information when no longer needed.
8. Back Up Important Data
- Regularly back up files to secure, university-approved cloud services or external drives.
- Verify your backups are working and can be restored when needed.
- Keep backups physically separate from your primary devices.
9. Stay Informed and Trained
- Take advantage of cybersecurity awareness training.
- Stay updated on recent threats and common scams targeting higher education.
- Familiarize yourself with ISU security policies and incident reporting procedures.
10. Practice Responsible Social Media Use
- Be mindful of the personal and institutional information you share publicly.
- Adjust privacy settings on all social media platforms to control who can see your posts.
- Beware of social engineering tactics that leverage information found on your social media profiles.
Additional Tips for Specific Groups
For Staff and Faculty
- Be cautious when handling student or research data; only share with authorized individuals.
- When working remotely, use institutionally approved devices and secure connections. (VPN)
- Be vigilant about scams targeting payroll, HR, or procurement information.
- Regularly review and update permissions for collaborative documents and shared drives.
- Consult your IT or information security team before installing new software or connecting new devices to institutional networks.
For Students
- Be vigilant about scholarship, housing, and job-related scams that target students.
- Protect your university credentials, as these can give access to academic records and financial aid information.
- Practice safe online collaboration—never share login details for group work or projects.
- If you suspect your account has been compromised, change your password and inform your IT help desk immediately. PH: 812-237-2910
- Familiarize yourself with campus resources for cybersecurity support and incident response.
Reporting Cybersecurity Incidents
Despite best efforts, cybersecurity incidents can still happen. It is important to know how to respond:
- If you suspect or know your account has been compromised, or you have malware on your ISU managed device, contact ISU OIT Help desk 812-237-2910