Overview
With cybersecurity threats growing in number and sophistication, it’s more important than ever to be aware of the many steps you can take to keep your online activity secure when using YSU resources. Below you will find information about the different ways you can take action and follow YSU’s IT security ‘best practices’ to take care of your personal information and keep your personal devices secure.
Multi-Factor Authentication (MFA)
All students, faculty, and staff will be required to enroll in MFA to protect all YSU accounts and data. This is a perfect first step to keep your YSU account secure. Multi-Factor Authentication (MFA) creates an additional level of security and protection of your YSU account by requiring a second form of verification during sign-in. You will be prompted during the sign in process to verify your identity by entering a code that you receive via text or email. This is to ensure that no person can log in posing as you even if they have knowledge of your password.
Important Note: You will not need to use MFA while on campus and on the YSU network.
PHishing attempts and ransomware
New attempts are made each day to steal your private information and passwords. To combat this, it’s often best to take everything you receive in email, phone, and text with a grain of salt. If it seems too good to be true, its often too good to be true.
To report phishing attempts, you can use the ‘Report Phish’ button to report any phishing attempts directly within your Outlook client. The PhishAlarm® phishing button empowers users to report phishing emails and other suspicious messages with one mouse click, and PhishAlarm® Analyzer helps our YSU response teams identify the most pressing threats with Proofpoint threat intelligence.
Here are detailed instructions on how to use this function.
To avoid ransomware attacks, it is best to not open any unknown links or attachments that you receive in email or any other online communication. Ransomware can be hidden in Word documents and other executable files, so be careful opening anything from a non-trusted sender on YSU devices.
Credit: StaySafeOnline.org on YouTube
Password best practices
While it would be nice if we could all use short and sweet passwords to access our YSU accounts, it has now become necessary to make them more complex due to new threats from outside the university.
At YSU, we recommend a long, complex, and memorable password to secure your account. When setting your password, please ensure that it does not contain any personally identifiable information.
Please remember that YSU faculty or staff will never ask you for your password so keep it safe and store it in a secure place like a trusted password manager. NEVER share your YSU credentials with anyone.
For more on what some common bad password practices are and how to safely store and create your passwords, check out the video below:
Credit: StaySafeOnline.org on YouTube
YSU device security best practices
Attempt to Restart Your Device Each Day – This will keep your device updated with the latest security patches to avoid vulnerabilities that could be exploited on your device.
Ensure your Anti-Virus is Working Properly – If you suspect that your YSU devices’ Anti-Virus is not working properly, please use the “Report Abuse” function on this page.
Be Vigilant – Be careful with what sites you visit and report any suspicious activity you see within email, phone, and text using the “Report Abuse” function on this page or the “Report Phish” button within your Outlook email.
keeping a secure internet connection
When working from home or from any remote location, please ensure you are using a trusted Wi-Fi network. Using public Wi-Fi can leave your information vulnerable to attacks and compromise from outside threat actors. It is best practice to not access sensitive information on public Wi-Fi networks.
Be sure to keep your home Wi-Fi secure with a complex access password and utilize basic security protections available on your home router like encryption and more.