Skip to main content

Week 4: Secure IT at Work


Stay safe online at Cornell.

Do your part. #BeCyberSmart. Avoid suspicious links and email attachments, and use Cornell IT services to help protect your personal information, connected devices, and university data. Remember to report any incidents to the IT Security Office.

When in doubt, throw it out. Stop and think before you open email attachments or click on web links. If a link or attachment looks suspicious, even if you know the source, confirm before clicking! Links in email and online posts are often how cybercriminals trick you into giving up your data. If something seems questionable, it’s best to delete it. Always think twice before you click.

Here are two resources you can use when you receive an email that claims to be from Cornell.

Be sure to back up your data. Data stored on your devices can be lost, accidentally deleted, or maliciously attacked. Protect your important files, data, and research by making electronic copies and storing them safely. Have multiple backup plans in place to fully secure your work as appropriate for the sensitivity of the data (e.g., cloud storage, encrypted flash drive, external hard drive). Cornell's Certified Desktop service for faculty and staff comes with anti-malware to stop most ransomware attacks, plus backup and recovery software. It's recommended that students arrange for their own backups, either to an external hard drive, a cloud-based service, or both.

Guard your devices. In order to prevent physical theft or loss and unauthorized access, never leave your laptop or mobile device unattended in a public place, and lock your devices when not in use.

Secure your accounts with strong passwords. This goal is easier to meet when you use techniques like passphrases and services like Cornell's LastPass secure password management, including LastPass Families. Never share your usernames or passwords with anyone. When available, turn on or expand the use of multi-factor authentication like Two-Step Login for an added layer of security beyond the password.

Report anything suspicious. If you experience anything unusual with your computer or device that you suspect may be due to a compromise, disconnect from the network immediately, change your password right away, and contact the IT Service Desk for help.

Previous:
Week 1: If You Connect It, Protect It
Week 2: Fight the Phish
Week 3: Secure Your Home

About this Article

Last updated: 

Thursday, October 28, 2021 - 11:33pm

Was this page helpful?

Your feedback helps improve the site.

Comments?