Skip to main content

Cornell University

Secure IT at Work

2024 Update: PhishAlarm, a new faster way to report suspicious email to the IT Security Office, is now available on all Gmail web and Outlook web, desktop, and mobile interfaces.

This article applies to: National Cybersecurity Awareness Month

Stay safe online at Cornell.

Do your part. #BeCyberSmart. Avoid suspicious links and email attachments, and use Cornell IT services to help protect your personal information, connected devices, and university data. Remember to report any incidents to the IT Security Office.

When in doubt, throw it out. Stop and think before you open email attachments or click on web links. If a link or attachment looks suspicious, send it to the IT Security Office using PhishAlarm. Links in email and online posts are often how cybercriminals trick you into giving up your data. If something seems questionable, it’s best to delete it. Always think twice before you click. 

Here are two resources you can use when you receive an email that claims to be from Cornell.

Be sure to back up your data. Data stored on your devices can be lost, accidentally deleted, or maliciously attacked. Protect your important files, data, and research by making electronic copies and storing them safely. Have multiple backup plans in place to fully secure your work as appropriate for the sensitivity of the data (e.g., cloud storage, encrypted flash drive, external hard drive). Cornell's Certified Desktop service for faculty and staff comes with anti-malware to stop most ransomware attacks, plus backup and recovery software. It's recommended that students arrange for their own backups, either to an external hard drive, a cloud-based service, or both.

Guard your devices. In order to prevent physical theft or loss and unauthorized access, never leave your laptop or mobile device unattended in a public place, and lock your devices when not in use.

Secure your accounts with strong passwords. This goal is easier to meet when you use techniques like passphrases and services like Cornell's LastPass secure password management, including LastPass Families. Never share your usernames or passwords with anyone. When available, turn on or expand the use of multi-factor authentication like Two-Step Login for an added layer of security beyond the password.

Report anything suspicious. If you experience anything unusual with your computer or device that you suspect may be due to a compromise, disconnect from the network immediately, change your password right away, and contact the IT Service Desk for help.

Comments?

To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.