Cybersecurity at UP

Information Services is committed to securing our campus technology infrastructure and protecting our data assets. Cybersecurity is a shared responsibility. We need all community members to be aware of the important role they play in keeping our campus computing environment secure. Here is how you can do your part:

• Stay well informed about common cybersecurity risks
• Follow published cybersecurity tips & best practices
• Adhere to campus security policies
• Report cybersecurity incidents

Why Annual Cybersecurity Training for Faculty and Staff?

For additional helpful information on cybersecurity please see the NCSAM Toolkit and Tip Sheets from NICCS.

Reporting Security Incidents

We depend on our campus members when it comes to timely identification of and response to security threats and incidents. Please be aware of your computing environment and error on the side of caution in reporting any suspected cybersecurity issues. Report all malicious and phishing emails or phone calls to abuse@up.edu . If you notice your computer behaving or performing differently than usual and suspect a virus or malware, please don’t hesitate to contact our help desk for assistance. If you suspect that you are the victim of identity theft and it may relate to your UP account or records please report it immediately (help@up.edu, 503.943.7000). To report device theft on our campus or online bullying or threats please contact Campus Safety (503.943.7161).

Top Ten Tips from the National Cybersecurity Alliance

1. When in doubt, throw it out. Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or, if appropriate, mark it as junk. Report any suspect email to abuse@up.edu.
2. Think before you act. Be wary of communications that implores you to act immediately, offers something that sounds too good to be true or asks for personal information.
3. Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
4. Make your password a sentence. A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!
5. Unique account, unique password.  Having separate passwords for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passwords.
6. Lock down your login. Your usernames and passwords are not enough to protect key accounts like email, banking and social media. Fortify your online accounts by enabling the strongest authentication tools available such as two-factor authentication and security questions.
7. Keep a clean machine. Having the latest operating system, software, web browsers, anti-virus protection and apps are the best defenses against viruses, malware, and other online threats.
8. Secure your devices. Use strong passwords, passcodes or other features such as touch identification to lock your devices. Securing your device can help protect your information if your device is lost or stolen and keep prying eyes out.
9. Get savvy about WiFi hotspots. Public wireless networks and hotspots are not secure, which means that anyone could potentially see what you are doing on your laptop or smartphone while you are connected to them. Limit what you do on public WiFi. Avoiding banking and signing in to sensitive data accounts.
10. Personal information is like money – value it, protect it. Information about you, such as the games you like to play, what you search for online and where you shop and live, has value ‒ just like money. Be thoughtful about who gets that information and how it’s collected through apps and websites. Use security and privacy settings on websites and apps to manage what is shared about you and who sees it.