Security

Where to start?

This is such a big topic. Everything IT does has a security component. Everything you do on your computer has a security component. Is your laptop encrypted in case it gets stolen? Do you have backups of data in case of CryptoLocker? Is your computer secure enough to prevent hackers coming in from the outside? Is it secure enough to prevent a script you accidentally open from hacking you from the inside? Do you leave your office door open with your laptop in plain site? Do you like to click on every link in every email?

The Very Basics

Never give your password to anyone. Anyone. We don't want to know it. IT Express doesn't want to know it. Anyone who asks you for your password is either evil or doing it wrong. My password is "No".

Never let anyone else work on your department owned computer until you've contacted Metro IT. Especially people from 1-800 web pop-ups. My IP address is "No".

Know where your data is. Did you just put student records in your email? Did you store your Social Security Number on Box.com? Depending on the data type, you can't just store it anywhere per all sorts of university, state, and federal policies. The thing is you *can* store it anywhere, but you have to know where you're breaking policies so you don't.

Keep your system and software up to date. Most of that is automated by Metro IT but whether it's here or at home, if your system doesn't have a particular security patch, then it's a target for a particular hack.

Campus Knowledgebase on Security

Phishing Emails

"Phishing" refers to someone bad fishing for your password. You'll receive a not-too-clever email from someone you may or may not know asking you to CLICK HERE which leads you to a very believable rendition of the UC Davis login screen. Short version: Don't click on email links unless you are 100% certain they are valid.

Long version: Phishing KB Article