Print
Print:
Summary
Body
Related Articles
Related Services / Offerings
Security Best Practices
Summary
This article contains a list of IT security best practices pertaining to passwords, workstations, email, the Internet, mobile devices, telephones, removable storage, social media, and WiFi.
Body
Passwords
Never
use your Central Piedmont username or password on a non-Central Piedmont website or application.
Do not
share your password with
anyone
(including the IT Service Desk, your instructors, employees, supervisors, administrative assistants, etc.).
Never
use your Central Piedmont credentials on a machine you don't trust (e.g., a rented computer, a public computer, or even at a friend's house).
Use long, unique passwords for every account.
Change your password
if you think someone else might know it.
Supplement your password with additional security through
multi-factor authentication
. Central Piedmont offers multi-factor authentication with
Duo
and
Microsoft Authenticator
.
Use a password manager like Bitwarden to help you create and manage strong, unique passwords for each of your accounts.
Always
log out when you are finished using a system or service.
Workstations
While your workstation will automatically lock itself after 15 minutes of inactivity, you are strongly encouraged to
lock it manually
whenever you leave your desk. You can lock a Windows workstation by holding down the Windows key and pressing the letter 'L.' When using the
Central Piedmont Cloud
, the "Disconnect" option is equivalent to locking the virtual workstation.
Always log off of your workstation at the end of the day. Doing so will protect you from losing unsaved work and will also make it easier for us to provide critical patches and updates to your computer.
Work with ITS to install approved software
required to fulfill your role at the college.
Only use P2P, torrenting, and other file sharing methods for legitimate purposes.
Sharing copyrighted media is a violation of college policy
and could put you and the college at risk.
Email
Do not
open any email attachments or click on links in email messages from senders you do not know. Some of the linked websites can install malware on your computer without your knowledge.
Never
provide personally identifiable information (Social Security Number, birth date, password, credit card information) to anyone through email.
No legitimate entity will ask you for such information via email
.
Email is
not
an encrypted format. While in transit, emails may pass through networks and devices that are outside of our control. Assume that anything you write in an email is public — do not send anything over email that is not public information.
Always
verify the email address
of a message, not just the displayed name. It is common for malicious emails to spoof a display name of someone you know.
If you receive a suspicious email in your Central Piedmont inbox, please
report it using the phish alert button
.
Internet
Use a well-known, up-to-date browser. For the fastest and most reliable access to our sites and systems, Central Piedmont recommends using
Microsoft Edge
,
Google Chrome
, or
Mozilla Firefox
.
Consider disabling Javascript, Java plugins, ActiveX controls, and other media add-ons if you don't need or use them. These are increasingly used to deliver harmful content.
Be very careful when typing a URL into your browser. Commonly misspelled versions of some domains are often phishing sites set up to look like the real thing.
Consider using
HTTPS-Only mode
in your web browser to force sites that support HTTPS (encrypted connection) to use it by default.
Consider installing browser plug-ins to block ads and trackers. We recommend
uBlock Origin
and
Privacy Badger
for these purposes, respectively.
Mobile Devices
Never store sensitive information on a mobile device, as mobile devices can be easily lost or stolen.
Keep mobile devices with you at all times; do not leave them unattended. If that is not possible, keep them in a locked location.
Set your mobile device to lock after a timeout period and require a strong password or pin to unlock the device. Doing so will prevent malicious actors from accessing your data if your phone is lost or stolen.
Enable remote wiping capabilities. Doing so can allow you to remotely access and disable the device should it become lost or stolen.
Be careful about what apps you install. If allowed access, apps can share your contacts, emails, files, and text messages with third parties.
Make sure you keep your mobile device updated. Obsolete devices can be susceptible to attacks, which could result in data theft or even financial loss.
Set Bluetooth devices to “hidden mode” and disable Bluetooth when it is not in use. This will prevent unwanted users from connecting to your device.
Telephones
Do not trust caller ID. If you receive a call appearing or claiming to be from your bank, the IRS, or other institution,
do not provide any information
. Request a name, extension, or reference number, hang up, and call them back at the number listed on a known trusted document, such as a bank statement, the back of your credit card, an official government website, etc. Legitimate institutions should be accommodating to these security measures. If you are met with resistance or feel pressured, you may be dealing with a scam artist.
Never give out your password over the phone
.
In a large educational institution, you probably haven't met everyone. Before giving information to a caller you do not recognize, verify they are who they say they are (e.g., by calling their office number or the office of a co-worker that you do know).
Removable Storage
Beware of unrecognized USB sticks and CDs that you find lying around. They may have been planted for the sole purpose of infecting any machine they are inserted into.
Do not transport confidential or personal information on CDs, laptops, USB keys, portable hard drives, etc., unless necessary. If you do use these tools, only use them in a way that is encrypted and secure (contact ITS for advice and assistance with this).
Social Media
Restrict who can view your profile and information.
Avoid publishing your personal information (e.g. Social Security number, date of birth, address, telephone number, class/work schedule, or location).
Be wary of answering online surveys that people post on your wall, comments, etc. Although they appear innocent, they can provide an attacker with useful information about you. This information can then be used for things like answering your secret questions to gain access to accounts or reset passwords.
Remember that anyone can see what you post on the Internet. Always think about what you post and what people post about you.
Don’t click on suspicious links or download files in messages, chat windows, or status updates. This can infect your computer with malware and spread to your contacts.
Report spam, phishing, and access violations to the social network provider.
WiFi
Be mindful of what you access on public WiFi networks. Unless you use encrypted services such as HTTPS websites or use a VPN to "tunnel" your traffic through an encrypted connection, attackers can hijack your session and view your data.
Always enable personal firewalls, run up-to-date anti-virus software, and install system updates before connecting to public WiFi networks and hotspots. This can protect your system from malware and vulnerabilities.
Never leave a personal WiFi router open without requiring a long password. You should also avoid using WEP or WPA encryption, as these have known weaknesses. You should use at least WPA2 encryption to secure your network.
As an extra layer of access control, you can enable MAC address filtering on your wireless router. MAC filtering allows only the devices you specify to access your wireless network.
Avoid sharing your WiFi password. Most routers allow setting up a guest network with a different password.
Additional Resources
Microsoft:
Security Help & Learning
Apple:
Report a Security or Privacy Vulnerability
Google:
Safety Center
SANS Internet Storm Center
provides information on threats, trends, and overall Internet health. The handler-on-duty daily diary provides excellent tips and other information.
Details
Details
Article ID:
6865
Created
Mon 6/20/22 5:36 PM
Modified
Tue 6/25/24 10:10 AM
Related Articles
Related Articles (2)
Reporting Phishing, Spam, or Other Suspicious / Unwanted Emails
Resetting Your Password via the Account Management Portal (AMP)
This article contains instructions for faculty, staff, and students to reset their passwords via the online Central Piedmont Account Management Portal ("AMP").
Related Services / Offerings
Related Services / Offerings (1)
Cybersecurity Incidents and Threats
Cybersecurity incidents and threats which have affected or could potentially affect the college should be reported here.