Content (1135)
If your NetID password is stolen and your NetID is used to send email spam, there can be a number of warning signs:
Cornell is phasing out the use of security questions in favor of setting a recovery email address to reset forgotten or lost Cornell NetID passwords. Please visit Set a NetID Recovery Email for more details.If you:
1. Report the incident to the IT Security Office.
Don’t hesitate. Any possible or confirmed theft of a NetID password needs to be reported immediately to the IT Security Office via security-services@cornell.edu. You should also notify your department’s technical support staff.
Keeping your personal information, Cornell sign-in credentials, and important data safe means protecting your passwords. Anyone with active online accounts encounters dozens of passwords used to access Cornell resources, personal online banking, e-commerce sites, and other websites. Below you will…
You are tricked into giving away your NetID password
These days we are overwhelmed by fraudulent email messages and websites that try to steal personal information. These are often referred to as “phishes.” A common trick is to suggest that one of your accounts will be shut down unless you reply…
About Changing Your NetID Password
When changing your NetID password, keep in mind:
Whenever possible, we recommend not storing confidential data on your computer. If you have a need to store confidential information on your computer temporarily, consult with your technical support team. You must:
Not sure what high-risk data is? See Data types (High Risk, Moderate Risk, Low Risk).
Report incidents immediately.Send an email to itsecurity@cornell.edu.If you require urgent assistance, please contact the IT Service Desk.
If you haven't already reported the incident, do so now. Work with technical support to contain the system (as outlined below) while you gather and provide incident details to the IT Security Office.
Do not
Scan the system with antivi
When you work with printed material containing high-risk data, handle it responsibly:
Cornell policy requires your department to escrow passwords (securely store a copy) for all encrypted data.Why password escrow is necessary:If you encrypt university data, you should not be the only person who knows the password needed to unlock it.If something should happen to you, or if you lose…
All devices holding confidential data (computers, smart phones, thumb drives, tablets, etc.) must be kept secure.You must ENCRYPT if:
Data DisposalOld information is risky information! Watch out for and regularly dispose of unneeded information:Social Security numbers used as general identifiers (this was often the case in the past)Data you think you've disposed of, lurking in backupsFiles from previous users on shared computers…
Cornell is like a small city. People work, study, live, and play here. We have our own transportation, dining, administration, residence halls, and offices. As a result, there is a wide variety of university data, which you may access or use for your work or in your day-to-day life at Cornell. Some…
Even if you practice perfect data hygiene and keep your computers clean of confidential data, viruses can still steal data while you are using it. You must also practice safe web browsing and keep your computer software up to date to minimize the chances of viruses being downloaded to your…
Many public computers have software installed to automatically clear browser cookies, cache, and history. Look for the Deep Freeze icon (polar bear) in the System Tray or Task Bar.
When sensitive data isn't managed appropriately, it poses many risks to Cornell. By law, possible loss to certain types of data requires Cornell to report to government agencies and notify potentially affected individuals.
Responding to data losses (even possible losses) can easily consume…
Open CrashPlan.Click Restore Files, then select the desired device archive from the list that appears.
Open CrashPlan.Click Restore Files, then select the desired device archive from the list that appears.