Cybersecurity
Safe Computing at CCA:
CCA places a great deal of importance on your safety, including your cybersafety.
Ten things you can do to protect yourselves:
- Lock it down - Safety begins with securing your physical devices. Never leave them unsecured, including in the trunk of your car. This is as much about securing the information on the device as it is about the loss and cost of campus equipment.
- Use a password - It may seem like a no brainer, but you might be surprised by how many people don’t lock their smartphones and tablets which often have similar access to private information as our computers.
- Use two factor authentication (2FA) - Prevent access to your accounts using stolen or phished credentials by using the CCA provided Duo two factor authentication.
- Logout - Students often leave lab workstations while still logged in to their facebook, email, and even bank accounts. Staff often step away from their machines for a moment leaving their own and possibly others' private data exposed. Easily lock your screen when stepping away.
- Upgrade to a passphrase - Try using multiple words and spaces instead of a single word. Passphrases are much more difficult for criminals to guess. Include capitalization, numbers and punctuation to make them even harder on the bad guys. (e.g., that was easy 2 4 get!)
- Vary your passphrases - Using a different passphrase for each service limits the impact of a phished/guessed passphrase. If you have multiple accounts this may be challenging, consider using one of a variety of password managers. (e.g., Lastpass, KeePass, 1Password)
- Use Anti-Virus Software - Take advantage of free Sophos anti-virus software. If you are using Parallels or dual booting Mac and Windows, please remember to install it for both operating systems.
- Stay encrypted - Make sure your wifi communication is encrypted via VPN, HTTPS, or both, especially when using free/open/unknown wireless networks. (e.g., travel, hotel, airport)
- Be a good data steward - Personally Identifiable Information (PII), such as name, address, social security numbers, etc. of members of the CCA community should not reside unencrypted on your computer. Great care should be taken with respect to access and permissions when sharing or exchanging information via file servers, Workspace, or any cloud tools.
- Stay vigilant - Please don’t hesitate to send any suspicious communications (e.g., phishing) to the Help Desk (helpdesk@cca.edu +1 415-703-9560).
How we protect the CCA community
- Encrypt all sensitive data transmitted over the network, including user credentials, between backend systems and in user interfaces such as web applications using industry standard encryption. (e.g., ssl/tls)
- Regularly scan our systems for vulnerabilities
- Regularly and proactively patch and update our infrastructure to protect against a constant flow of newly discovered exploits
- Use powerful industry standard firewall and network inspection technologies to protect CCA systems (infrastructure & user devices) from a constant flow of scans by criminals looking for exploitable devices.
- Use and provide virus protection to all CCA community members with a campus-wide license for Sophos.
- Keep our community informed about various threats, strategies for recognizing deceptive communication, best practices for managing credentials, and accessing and storing sensitive data.
- Provide tools for encrypting sensitive data on user devices if local storage is absolutely necessary.
- Remotely wipe all data from managed devices in the event of loss or theft.
- If you believe you may have been the victim of a cybercrime, please contact the CCA Help Desk immediately at helpdesk@cca.edu, or call +1 415-703-9560
More Info:
- Stay Safe Online The National CyberSecurity Alliance builds strong public/private partnerships to create and implement broad reaching education and awareness efforts to empower users at home, work and school with the information they need to keep themselves, their organizations, their systems, and their sensitive information safe and secure online and encourage a culture of cybersecurity.
- Phishing Email Messages Helpful information about phishing and what to do about it.
- Stop. Think. Connect. is a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. Cybersecurity is a shared responsibility. We each have to do our part to keep the Internet safe. When we all take simple steps to be safer online, it makes using the Internet a more secure experience for everyone.
- Technology Services Policies CCA technology policies.