Content (1168)
Keeping your personal information, Cornell sign-in credentials, and important data safe means protecting your passwords. Anyone with active online accounts encounters dozens of passwords used to access Cornell resources, personal online banking, e-commerce sites, and other websites. Below you will…
You are tricked into giving away your NetID password
These days we are overwhelmed by fraudulent email messages and websites that try to steal personal information. These are often referred to as “phishes.” A common trick is to suggest that one of your accounts will be shut down unless you reply…
For tips on creating or choosing a new passphrase, visit Create a Strong Passphrase for your Device, NetID, and Other Cornell Services.Change your NetID PasswordTo change your password:
The standard confidential data scan scenario is one person scanning one computer that contains one hard disk. In that case, the search and remediation process is straightforward, with few challenges or pitfalls. Unfortunately, the majority of computing environments on campus do not fit that…
Some jobs are far more likely to access and store confidential data than others. Knowing which ones can help you prioritize data cleanup.Important: Regardless of their role, people who have ever done any of the following probably have confidential data on their computer.
Whenever possible, we recommend not storing confidential data on your computer. If you have a need to store confidential information on your computer temporarily, consult with your technical support team. You must:
Not sure what high-risk data is? See Data types (High Risk, Moderate Risk, Low Risk).
In certain settings, e-mail software can store some or all electronic mail in files on your computer. This speeds access to e-mail, reduces the workload on mail servers, and allows you limited work even if you don’t have a network connection. Saved electronic mail also presents some unique…
After running a data discovery tool such as Identity Finder, the next step in the data discovery and clean up process is to decide how to handle each positive hit. Following is an explanation of common scenarios and the remediation options available in Identity Finder to handle each one.
If you haven't already reported the incident, do so now.
Whenever possible, we recommend using Cornell's FREE R5 service to safely destroy media.
Report incidents immediately.Send an email to itsecurity@cornell.edu.If you require urgent assistance, please contact the IT Service Desk.
If you haven't already reported the incident, do so now. Work with technical support to contain the system (as outlined below) while you gather and provide incident details to the IT Security Office.
Do not
Scan the system with antivi
To better safeguard the university's IT and data resources, the IT Security Office strongly recommends that all Cornell departments and units implement the following practices.
When you work with printed material containing high-risk data, handle it responsibly:
IT-Security-LWhat is it? A closed, members-only e-list. Subscribers also get access to the Security SIG Confluence space.Who can join? Regular Cornell staff in IT roles who have an interest in campus security.How to join? Send a request to security-services@cornell.edu.…
Cornell policy requires your department to escrow passwords (securely store a copy) for all encrypted data.Why password escrow is necessary:If you encrypt university data, you should not be the only person who knows the password needed to unlock it.If something should happen to you, or if you lose…
All devices holding confidential data (computers, smart phones, thumb drives, tablets, etc.) must be kept secure.You must ENCRYPT if:
Data DisposalOld information is risky information! Watch out for and regularly dispose of unneeded information:Social Security numbers used as general identifiers (this was often the case in the past)Data you think you've disposed of, lurking in backupsFiles from previous users on shared computers…
Cornell is like a small city. People work, study, live, and play here. We have our own transportation, dining, administration, residence halls, and offices. As a result, there is a wide variety of university data, which you may access or use for your work or in your day-to-day life at Cornell. Some…