1. Protect Social Security Number and credit card data
USC has ended the use of the SSN as the key identifier, although it is still used in certain business and HR systems. If you must deal with this data, avoid saving computer files that include SSN or credit card information. If you must hold data, use secured servers; if it is on paper, store in a secure location. Otherwise, shred the documents.
2. Use strong passwords
Avoid passwords based on dictionary words or names. Change passwords for sensitive accounts often. Use a minimum 8-character password with upper and lower case letters, plus numbers and special characters.
3. Be cautious of pop-up windows, banner ads, or redirects
Web browser and web plug-ins are vulnerable to attack. Watch out for phishing sites that attempt to get confidential information by mimicking official sites.
4. Stay away from high-risk web sites
Don't visit unknown or suspicious web sites.
5. Never give personal information over the phone to anyone who calls you
Demand a name and call back number from unknown inquirers.
6. When working from home, use the USC campus VPN connection
Virtual private networks (VPN) encrypt information that passes through the Internet.
7. Don't enable auto-login passwords for any web account on your laptop/tablet/smartphone
If a device is stolen, email and web accounts may be compromised.
8. Protect your Credit Card numbers
When at a check out counter, don't let the person standing behind you see your card. When ordering on-line, your web browser should display an https://secure site URL.
9. Do not open suspicious Emails or respond to requests for account information.
Phishing schemes attempt to gain your user ID and password by posing as an IT admin or other official. USC will not ask for this information, especially as it pertains to your email “about to expire,” or “hitting your quota limit.”
10. Don't write passwords on sticky notes attached to your computer
Anyone with access to your office space can see this information.
11. Secure laptops/tablets in a file cabinet or desk drawer when not in use
A thief can steal a laptop from an open office in 10 seconds.
12. Be careful when sending email with attachments
Inspect attachments for any confidential information just before sending. Incoming attachments should not be opened, unless you know the source.
1. Install Operating System Updates
Keep operating system patches up to date with auto-updates. It is recommended to run updates at night, so leave system on, with auto password protect turned on so the system will lock down when you walk away.
2. Install Application Updates
Always keep programs up-to-date, such as browsers, Flash, Java, etc.
3. Install and update Virus Protection
USC has a Symantec Endpoint Protection (SEP) site license agreement for servers and workstations. It includes scanners and anti-spyware functions for university-owned Mac and PC computers. It is available via VIP (vip.sc.edu).
4. Lock down your home wireless access point
Use WPA II or better encryption and change the default SSID and default administrator password. Contact the store or manufacturer for assistance.
5. Don't disable Microsoft Windows Firewall
If firewalls are disabled, your computer is more vulnerable to attack.
6. Access files safely
Avoid saving sensitive files to an external flash or hard drive to work at home. Move your data to a secure server and login to the campus network remotely using VPN.
7. Treat your smartphone as a computer
Anything accessible to a computer is also accessible via smartphones, so treat them the same with regard to security. Always set a password to login to your phone and have it auto log out after a few minutes to protect your accounts, contacts, and personal data. Turn Bluetooth off if you do not use it.