These top tips provide the most fundamental and effective methods for protecting your devices from outside threats.
Store Files on University-Approved Cloud File Storage Service
Microsoft Office OneDrive for Business is the University’s approved cloud file storage solution for securely storing and sharing files. Using other personal or free versions of public cloud file storage services (e.g. Box.com, DropBox, GoogleDrive, personal OneDrive accounts, etc.) do not meet University compliance requirements for security regarding employee owned electronic computing device and storage media, privacy, information classification, and records retention of University data. Furthermore, there are many security risks when University data are stored in non-approved public cloud storage services. The main risks include:
- The University can no longer guarantee the quality of access controls protecting the data. Few cloud providers guarantee they will not access the information stored within their service, leading to concerns over confidentiality and privacy rights.
- Public cloud service providers generally limit their liability for negligence, resulting in little or no recourse should the provider misuse, lose or damage data stored in the cloud.
- Possible loss, theft, and corruption of data or exposure of data to unauthorized users which can result in legal, financial liability, and reputational harm to the University.
- Possible exposure of the individual’s personal information when stored together with University data. If University data are subject to a subpoena, litigation hold request, or other legal actions, you will be required to provide all data, including your personal data which may result in your personal data becoming unavailable for access. If the subpoena is issued directly to the public cloud service provider, your data could be released without your knowledge and consent.
- Non-compliance with FERPA, HIPAA, FISMA, and U.S. Federal export control regulations.
All Faculty, Staff, and Students have a responsibility to protect the confidentiality, privacy, and security of University data. Doing so, minimizes your personal liability for any potential data breach, policy, or legal violation that may result from using non-approved cloud file storage solutions for University business. Microsoft OneDrive for Business offers the following benefits:
- Access to files from anywhere and anytime via CSULB SSO, syncing to your computer, or installing the OneDrive Android or iOS app on your mobile devices
- 5 TB of storage and up to 100 GB file sizes
- Real-time collaboration with students and colleagues
Patch and Update
Set up your computer for automatic software and operating system updates. Unpatched devices are more likely to fall victim to viruses and other exploits.
Install Anti-Virus Software
Keep the bad guys away by installing protective software. Please note campus owned devices are already preinstalled with protective software. If you have a CSULB owned device, please contact your campus technical coordinator for details. For personally owned devices, such software should be set to scan your files and update your virus definitions on a routine basis. Anti-virus software is required on any device that connects to campus network resources. These recommendations can be installed on personal devices:
Use Strong Passwords and Change Them Often
Choose strong passwords with a combination of letters, numbers, and special characters to create a mental image or an acronym that is easy for you to remember. Create a different password for each important account; and change passwords regularly to keep them fresh and less susceptible to thieves.
Use Built-in Password/Lock Screens
Not using these features make it too easy for would-be thieves to access your private information on your mobile devices.
Backup Your Stuff!
You should backup your personal or critical files on a regular basis. This means copying your files over to a protect box posted system that you can access when those files are needed, such as a password protected flash drive, external hard drive, or online storage solution.
Control Access to Your Devices
Don't leave your devices unattended and logged on in an unsecured area, particularly in public places.
Safely Use Email and the Internet
Ignore mysterious emails and attachments and links within emails that come from people you don't know. Be very careful about untrustworthy (often free) downloads from freeware or shareware sites.
Be very careful and aware when downloading any files from the Internet. Adware, malware and viruses can sometimes be embedded in files, such as in software applications, music, video and other files, particularly if they're free. As a general rule, only download items from the internet if they are from a trusted source, and be very diligent going through the download process, as this may often involve granting permission to include add-ons that you may not want. Read everything, particularly if they have checkboxes.
Protect Sensitive Data
Reduce your risk of identity theft by removing sensitive data files saved on your computer, and if you need to keep sensitive data on your computer, use encryption tools built into your operating system. It is also recommended to remove sensitive data when recycling or repurposing your computer.
Use Parental Control Features on Personal Devices
Most devices have features that allow you to create separate user profiles, such as for younger children, where you can adjust settings such as time limits, restrict certain types of websites, and allow or restrict certain programs from running.