Best Practices for Securing Campus Electronic Information

Cyber security is a collective responsibility, and by following these security best practices, the entire UCSB community will benefit from decreased cyber risk.

1. Install anti-virus and anti-malware software. Please make sure you have anti-virus and anti-malware software installed on your personal computer. C&C has acquired site-licenses for these software products and they are available to the campus community through your department IT.

2. Avoid phishing scams – NEVER provide your password to anyone via e-mail or via any other mechanism. No legitimate organization will ever ask for your password via e-mail. Please, never provide your UCSB password to anyone, especially in response to an e-mail request. As you know, AYSO is a software program that holds all of an employee’s personal information (e.g. SSN, employee benefits elections, pay stubs, W2, bank routing information, etc.), if you provide your password to anyone, they can now access AYSO on your behalf and have access to all your personal information.

3. Only visit trustworthy websites.  Watch for websites that try to imitate campus resources. Increasingly, Internet scammers are attempting to “trick” campus users into using fraudulent web pages that resemble UCSB web sites (often sent as links in Phishing e-mails). Please check web addresses closely and ONLY visit sites that you are absolutely sure are legitimate. Closely examine the “from” address on all e-mails and the web addresses of sites you visit to determine authenticity.

4. Never store Social Security Numbers or other protected personal data on University-owned computers. There are both federal and state laws that govern how and under what circumstances Social Security Numbers (and other protected data like credit card numbers) may be stored on University owned computers. The best practice is to NEVER store Social Security Numbers on a laptop or personal computer. Please note that Social Security Numbers should never be included within e-mail messages nor should Social Security Numbers ever be stored on a cloud service (e.g. Box.com, Google Drive, etc.).

5. Ensure your computer does not have software that may be used for illegal file sharing. The sharing of copyrighted music, software, and movies is against federal law and should never occur on UCSB’s network. It is possible for computers to become infected with software that enables illegal file sharing.

6. Utilize UCSB Secure or eduroam, UCSB's two preferred secure wireless networks for faculty, staff and students. UCSB Secure and eduroam are encrypted and optimized for a fast and smart login. For more information https://noc.ucsb.edu/wireless/.

7. Use a unique password for your UCSBnetID. The password used in conjunction with a UCSBnetID should never be used elsewhere on the Internet, and a UCSBnetID should never be used as a username on a non-UCSB site.