Summary
As higher education institutions increasingly rely on digital technology for teaching, research, and administration, the importance of cybersecurity cannot be overstated. Cyber threats such as phishing attacks, data breaches, ransomware, and social engineering have become common, targeting universities, colleges, and those who work and study within them. Staff, faculty, and students are collectively responsible for safeguarding personal and institutional data. This knowledge base article outline
Body
Introduction
As higher education institutions increasingly rely on digital technology for teaching, research, and administration, the importance of cybersecurity cannot be overstated. Cyber threats such as phishing attacks, data breaches, ransomware, and social engineering have become common, targeting universities, colleges, and those who work and study within them. Staff, faculty, and students are collectively responsible for safeguarding personal and institutional data. This knowledge base article outlines essential strategies and actionable steps to help everyone in higher education remain cybersafe.
Description of common threats:
- Phishing attacks: Deceptive emails or messages designed to steal credentials or deliver malware.
- Ransomware: Malicious software that encrypts data and demands payment for its return.
- Data breaches: Unauthorized access leading to the theft of sensitive information.
- Social engineering: Manipulative tactics where attackers trick users into divulging confidential information.
- Malware: Malicious software including viruses, worms, and spyware that can compromise systems.
- Account compromise: Unauthorized access to university accounts, often leading to further attacks.
1. Think Before You Click
Be Wary of Suspicious Communications
- Never click on links or download attachments from unexpected or suspicious emails, texts, or messages.
- Check sender email addresses carefully, looking for subtle misspellings or strange domains.
- If you receive an unusual request (such as for funds or sensitive information), verify it by contacting the sender via a known method.
- Report phishing attempts via the "Report" button at the top of your email toolbar
2. Enable Multi-Factor Authentication (MFA)
Be wary of receiving MFA approvals in which you have not requested. Know your session time-outs and when you might expect to have to re authenticate.
- MFA adds an extra layer of security by requiring a second form of verification beyond your password.
- Enable MFA on all accounts that offer it, particularly for university email, learning management systems, and cloud storage.
- Use authentication apps or hardware tokens when available, as these are more secure than SMS-based verification.
3. Secure your Devices and Applications
Make sure your computers, mobile devices, programs, are running the latest version of the installed software. Cyber attackers are constantly looking for new vulnerabilities in the software your devices use. When they discover vulnerabilities, they use special programs to exploit them and hack into the devices you are using. Meanwhile, the companies that created the software for these devices are hard at work fixing the vulnerabilities by releasing updates.
- Keep devices with you or stored in a secure location when not in use.
- Lock your computer when you walk away to prevent unauthorized use. (Family and friends should not use your ISU issued devices)
- Connect to a secure network or use the ISU Virtual Private Network (VPN).
- Use ISU supported applications for university business.
- Home Security -Keep smart devices/ apps updated, change default password during initial setup. Examples:
- Internet-connected TVs
- baby monitors
- security cameras
- home routers
- gaming consoles and even your car
- Stay current by enabling automatic updating whenever possible.
4. Backup your Information
No matter how careful you are, you still may be hacked. If that is the case, often the only way to restore all of your personal information is to recover it from your backup.
- Make a regular backup of any important information and verify that you can restore your data from them.
- Most operating systems and mobile devices support automatic backups, either to external drives or to the cloud.
- Storing your ISU resources and information on a network drive (L:Drive) or in OneDrive ensures your data is backed up.
- USB drives are not to be used for Student Data, or any Restricted or Highly Restricted Data.
The Data stored on your ISU computer local hard drive is not backed up by OIT and is not recommended for storing important information.
See related articles for more information