Basic IT Security Practices
Follow K-State's guidelines to safeguard your computer,
email, data, identity, and finances.
Never give your eID password to anyone. K-State employees will never ask for your eID password for any legitimate reason.
Your eID password should be used only with Kansas State University systems. Using it for another website or service will lower the
security of your password on both systems. Use a strong password on all accounts like banking sites, social networking sites, commerce sites, etc…
Set a strong user account password on your computer. Follow K-State's
when creating your eID password.
Securing your Computer
Use a standard user account for daily use, rather than an account with administrative privileges. This will help limit the damage done by
Disable Autoplay on the computer. This helps prevent viruses from being spread via thumb drives and discs.
To prevent someone from accessing your computer when you leave it unattended, you should have a password protected screensaver
that is on a short timer. It is also a good idea to lock your computer (windows key + "L") before you leave it unattended for
any amount of time.
Require a password on wakeup. This helps prevent someone from getting on your computer when it has gone into sleep mode and they wake it up.
Do not leave your mobile computing devices (laptops, phones, etc...) unattended in public areas.
Back up critical files in a secure location. No system is completely immune from a malicious attack or from a hardware or software
failure that could unexpectedly and suddenly destroy files. Always ensure that your most important data is backed up just in case.
For example, copy files to an external USB hard drive.
Enable automatic updating for all software, including but not limited to:
- Operating System (Windows, Mac OS X, Linux)
- Internet Explorer, Firefox, Chrome, Safari
- Office Software (Microsoft Office, Open Office, etc)
- Acrobat Reader, Adobe Flash
- Email clients
This will help assure that your computer has the patches to prevent the newest exploits.
Use K-State's VPN service when on an unsecured
wireless network, such as at a hotel, airport, or coffee shop. This encrypts your data so it cannot be
intercepted by others using the same unprotected wireless network.
Never leave your laptop or mobile device unattended.
Mobile devices such as smartphones and tablets are subject to many of the same security issues as traditional computers.
For more information check out this past presentation on
mobile device security.
Install antivirus. K-State provides Trend Micro free to all faculty staff and students
for use at work and at home. This is required for all computers connecting to the
Install an antispyware software tool.
(installed by default in Windows 7) is a free tool provided by Microsoft.
Spybot Search and Destroy is another useful free
tool for use on your home and personal computers. Note: This product cannot be used on university-owned
- Never respond to a phishing scam. Phishing
scams are emails that attempt to trick you into surrendering your username and password, or other sensitive
personal information. These emails take many forms--some ask you to reply to the email and include your
username and password, others may ask you to follow a link that leads to a webpage where you are asked to
fill out your credentials. Kansas State University IT staff will never ask for your eID password.
- For more information on phishing, click
- To take an online quiz to test your phishing email spotting skills click here.
- Never open unexpected or otherwise suspicious attachment. Malware is often sent as an attachments from
compromised email accounts. Antivirus software will not protect your computer completely because new forms of
malware are developed constantly. Be cautious with every email message that contains an attachment, especially
if you weren’t expecting it. Verify the source by contacting the sender to confirm that they sent the attachment.
You should also scan the attachment with antivirus software.