Information Technology Services
Security Tips
We all play a role in cybersecurity, whether it’s protecting our families from identity theft, protecting our workplaces from cyber attacks, or protecting our communities from online predators. Here are some tips for staying safe when using technology:
Physical security of devices
Don't leave your computer in an unsecured area, or unattended and logged on, especially in public places - including coffee shops and the public library. The physical security of your machine is just as important as its technical security. If you lose an MSU Denver-owned device, please contact the ITS Helpdesk immediately at 303-352-7548 or support.msudenver.edu.
Secure disposal of devices
When recycling or disposing of an old workstation, mobile phone, or external drive, it is important to ensure that no critical data remains on the hard drive or phone. Thieves will look in storage and trash removal areas to find anything that might be worth selling. Remove data in a manner that makes it impossible for anyone to retrieve it after disposal. If you need any MSU Denver-owned equipment disposed of securely, please contact the ITS Helpdesk at 303-352-7548 or support.msudenver.edu.
Manage your passwords
Keep your passwords up-to-date, and change them often. Never use a short or weak password. Consider using a password manager if you have a lot of passwords, or if you have trouble remembering them. See our "Choosing a Strong Password" section on this webpage for more details.
Never share your login information
Never share your login details, for any system or application, with anyone. ITS will never ask for your password.
Know the dangers of using public charging stations
It is a good to keep all of your devices charged to make sure you can access your digital life anytime, and more places like MSU Denver are offering free public mobile device charging stations. However, just like free unsecured WiFi networks, there are dangers with public chargers, because modern hacking trends are getting more advanced and are employed in various places like ATMs and now public charging stations. Anyone can hide a small chip that will infect devices as it charges them. The best way to protect yourself is to always use your own USB charger or use USB cables that block data transfers. These 'charge only' USB cables look exactly like any other USB cable except they prevent your device from going into 'data transfer' mode when connected to a computer, thus preventing data theft / viruses when charging from an unknown USB socket.
Use the MSUDenver WiFi network whenever possible
Using the MSUDenver WiFi network is more secure than using free unsecured WiFi networks that do not require passwords. This is because your data is encrypted when it's transferred over the MSUDenver WiFi signal. Visit our MSU Denver WiFi page to learn how to connect to this network with various devices.
Why It's Important |
Conmen have been tricking people out of their money for thousands of years, and impersonating someone else is nothing new. E-mail, websites, and chat programs just make it easier to trick people out of their money. Identity theft is the fastest growing crime in America. |
Phishing Examples |
DO NOT RESPOND to these messages! These messages are fake. They are being sent by hackers trying to trick you into giving them your password so they can take over your e-mail or steal your identity and drain your bank account! This technique is called "phishing." They are phishing (fishing) for victims. See the example below. Dear Outlook Account User, If you receive one of these messages, or any message that asks you to provide private or confidential information (password, SSN, DOB, etc.), you should simply delete the message.
IMPORTANT: If you have already provided your password in response to one of these messages, please contact the ITS Helpdesk immediately at 303-352-7548 or support.msudenver.edu. |
What You Can Do About It |
There are thousands of different scam techniques. You should always be on your guard and you MUST always be very protective of your confidential information. Online conmen use e-mail, websites, and chat programs to trick people into providing them with private and confidential information (such as credit card information, date of birth, etc.). They can use this information to make unauthorized charges to your credit cards, or use your identity to take out loans in your name. Such "phishing" scams often come as an official looking e-mail that appears to have come from your bank, credit card company, online storefronts like Amazon or eBay, online payment systems like PayPal, etc. The e-mail usually says there is something wrong with your account or that they need to verify your information. These messages have been forged and are fraudulent. These organizations will never contact you by e-mail to verify your information, or to inform you of a problem with your account. You should just delete these messages; never reply to them and never follow their instructions. If you need to contact your bank or credit card company, call the phone number that is printed on your monthly statement. If you need to contact an online storefront or other online service, don't use any phone numbers or links provided from the malicious e-mail; visit their website, either with the direct address or via a web search, and use the contact information provided there. |
See Also |
Why It's Important |
When a computer connects to a network, it will listen for any connection using ports. A port is a special integer that acts like a door to your device. A connection needs two things, the computer IP address and the port number. When a connection is received by a computer, the connection will be made to a program that is listening on a specific port number like 1234. If the computer has a program that is listening on port 1234, the computer will accept that connection without questioning it. So when a computer has no firewall enabled, anyone can connect to your computer and access data if there's programs serving such data. The program may have a login, but it may have a security hole that allows any connection to be made. A firewall is software or special hardware. A firewall protects your computer by disabling ports that are not in used. A firewall can also be set so that only programs on your computer, that you have authorized, are able to talk to the internet. This is the basic function of firewalls. They can do more to help secure computers, but this is just a quick overview of firewalls. |
What You Can Do About It |
Most suppliers of anti-virus programs also supply personal firewall programs. MSU Denver uses Kaspersky end-point security as an antivirus and a firewall. We also use hardware based firewalls for our network. |
See Also |
CERT Coordination Center Home Network Security |
Why It's Important |
Every computer should have a good quality anti-virus program installed and running on it. Windows computers are not the only computers that get infected by computer worms and viruses. Even Mac and UNIX computers can be infected by viruses, worms and trojan horse programs. One of the most important things you can do to help keep you and your computer safe while online is to run a good quality anti-virus program. Computer worms and viruses continue to cause a great deal of damage to computer systems; many of them are created to steal confidential information off of infected computers. |
What You Can Do About It |
You can buy a good quality anti-virus program at any well stocked computer store. Look for one that also has a personal firewall built into it. Be sure to keep your anti-virus program up to date. Most suppliers of anti-virus software provide an automatic update service to help keep your anti-virus software updated. All computers provided by the Division of Information Technology have Kaspersky Security 10 software installed and running on them. It is configured to automatically check for updates daily. All e-mail that passes through the University's e-mail service is also scanned for viruses by the Email server. Additionally, Kaspersky Anti-Virus product licenses are available to MSU Denver faculty and staff for personal computers (PC or Mac). Use the following link to download the software: |
See Also |
|
Dealing With Junk Email |
Everyone who uses email eventually has to deal with unwanted email or junk email (oftentimes called spam). Email isn't the only target of spam. Spam is sent to fax machines, text pagers, via instant messaging, and posted on websites. But spam email is the most common form of spamming. Spammers send junk email because it is effective at tricking people to do things and run malware on their systems. Spam is used by various people that commit financial fraud, identity theft, and to spread malicious programs. |
What You Can Do About It |
Use a second email address from a free email service when signing up on websites, answering online surveys, or posting to news groups or blogs. You can abandon the second account when it becomes deluged with spam. Many Internet providers give you the option to create an "email alias" for such a purpose. Currently, it's not possible to eliminate all junk email. Spam email is going to stay with us for some time to come. There are a few simple precautions you can take to help protect your email address and your computer from spam.
|
Why It's Important |
There have been several high-profile computer security incidents that did not involve hackers or viruses - they were caused by burglars stealing the computer. In one case, the burglars didn't steal the computer, they stole the hard drive out of the computer! In all of the cases, the computers had extremely confidential data saved on the hard drive. |
What You Can Do About It |
Be careful about what private or confidential data you save on your computer hard drive (or USB drive). Before saving confidential information on your computer, ask yourself what the consequences would be if your computer was stolen or the data was copied off of your computer by a Trojan horse program? Is your computer the safest place for the data? Should the data be encrypted? Routinely backup important data and store it in a secure place away from the computer. Periodically review the files you have saved on your computer and use a secure erase utility to remove old files, particularly if they contain sensitive information. University policy prohibits saving SSN or credit card data on any portable computing device or portable storage media. Because many laptop computers are used when traveling and get connected to many different networks, it is very important for laptop computers to be kept up-to-date with the latest security patches, run a good up to date anti-virus scanning program, and have a personal firewall. Laptops that are owned by the University can be brought to the IT help desk in AD475 for maintenance. Take all of the necessary precautions to keep your computer from being stolen. Never leave a laptop computer or PDA unattended - not even for one minute. When not in use, be sure that your laptops, PDA's, USB drives and CD's are secured and out of sight. Portable computing devices should be configured to require some kind of "boot up" password before the device can be booted up. It should also require a "logon" Username/password (or biometric authentication) before the desktop and data can be accessed. Sensitive or confidential data should be encrypted. Windows laptop computers deployed to individuals by Information Technology Services has been encrypted with whole drive encryption. Other security devices may prove useful; however the quality of these devices varies greatly, so shop and compare. |
See Also |
Why It's Important |
Passwords are one of our first lines of defense for us when we use the Internet. Unfortunately, oftentimes the passwords we choose are also our weakest defense. To make it easier for us, we often choose a password that is too easy to remember. These easy to remember passwords are usually easy for others to guess or break. |
What You Can Do About It |
Never give your password to anyone else and, never let anyone else use your computer account. Consider changing your password at least once a semester. There are tricks you can use to come up with a strong password that is still easy to remember. For example, think of a favorite line from a movie or poem then, pick the first letter from each word, and capitalize every other letter. You could also combine two short words together and capitalize one word but not the other. Be sure to include some digits (numbers) and other special characters in your password. Consider using a password manager to help manage all of your passwords and create secure passwords for you. You only have to remember one master password to unlock all of your passwords. However, please note that not all managers are created equal. The best passwords managers are the ones that work locally. Password Managers
|
Further Assistance
If you have additional questions, concerns, or need immediate assistance - Please contact the MSU Denver Helpdesk.
- Home
- Helpdesk
- Back to Information Technology
- KnowledgeBase
- Account Types
- Password Reset
- Office 365
- WiFi
- Blackboard Learn
- Telecommunications
- Banner
- Student Success Collaborative
- Remote Access (GlobalProtect)
- Security
- System Updates & Patches
- Qualtrics Research Suite
- Asset Management Program
- Web Time Entry
- Free Resources
- Virtual Lab
- Email Distribution Services
- Digital Signage
- Scanning Options
- Instructional Computing
- Student Technology Roadmap
- Employee Technology Road Map
- Forms
- Submit a Service Ticket
- ITS Service Status
- Email & Collaboration
- Accounts & ID Management
- Teaching & Learning
- Hardware Services
- Desktop Software
- Wireless & Internet Access
- Security & Data Protection
- Help & Consulting
- Audiovisual & Telecommunication
- Printing & Document Management
- Business Applications
- ITS for Students
- ITS for Faculty and Staff
- Helpdesk Central
- Office of the CIO
- ITS Communications
- Service Catalog A - Z