Skip to the content

Kansas State University

Basic IT Security Practices

Follow K-State's guidelines to safeguard your computer, email, data, identity, and finances.


Passwords

  • Never give your eID password to anyone. K-State employees will never ask for your eID password for any legitimate reason.
  • Your eID password should be used only with Kansas State University systems. Using it for another website or service will lower the security of your password on both systems. Use a strong password on all accounts like banking sites, social networking sites, commerce sites, etc…
  • Set a strong user account password on your computer. Follow K-State's password guidelines when creating your eID password.

Securing your Computer

  • Use a standard user account for daily use, rather than an account with administrative privileges. This will help limit the damage done by malware infestations.
  • Disable Autoplay on the computer. This helps prevent viruses from being spread via thumb drives and discs.
  • To prevent someone from accessing your computer when you leave it unattended, you should have a password protected screensaver that is on a short timer. It is also a good idea to lock your computer (windows key + "L") before you leave it unattended for any amount of time.
  • Require a password on wakeup. This helps prevent someone from getting on your computer when it has gone into sleep mode and they wake it up.
  • Do not leave your mobile computing devices (laptops, phones, etc...) unattended in public areas.
  • Back up critical files in a secure location. No system is completely immune from a malicious attack or from a hardware or software failure that could unexpectedly and suddenly destroy files. Always ensure that your most important data is backed up just in case. For example, copy files to an external USB hard drive.

Software Updating

Enable automatic updating for all software, including but not limited to:

  • Operating System (Windows, Mac OS X, Linux)
  • Internet Explorer, Firefox, Chrome, Safari
  • Office Software (Microsoft Office, Open Office, etc)
  • Java
  • Acrobat Reader, Adobe Flash
  • Email clients

This will help assure that your computer has the patches to prevent the newest exploits.

Mobile Computing

  • Use K-State's VPN service when on an unsecured wireless network, such as at a hotel, airport, or coffee shop. This encrypts your data so it cannot be intercepted by others using the same unprotected wireless network.
  • Never leave your laptop or mobile device unattended.
  • Mobile devices such as smartphones and tablets are subject to many of the same security issues as traditional computers. For more information check out this past presentation on mobile device security.

Security Software

  • Install antivirus. K-State provides Trend Micro free to all faculty staff and students for use at work and at home. This is required for all computers connecting to the K-State network.
  • Install an antispyware software tool. Windows Defender (installed by default in Windows 7) is a free tool provided by Microsoft.

    Spybot Search and Destroy is another useful free tool for use on your home and personal computers. Note: This product cannot be used on university-owned computers.

Email Security

  • Phishing
    • Never respond to a phishing scam. Phishing scams are emails that attempt to trick you into surrendering your username and password, or other sensitive personal information. These emails take many forms--some ask you to reply to the email and include your username and password, others may ask you to follow a link that leads to a webpage where you are asked to fill out your credentials. Kansas State University IT staff will never ask for your eID password.
    • For more information on phishing, click here.
    • To take an online quiz to test your phishing email spotting skills click here.
  • Never open unexpected or otherwise suspicious attachment. Malware is often sent as an attachments from compromised email accounts. Antivirus software will not protect your computer completely because new forms of malware are developed constantly. Be cautious with every email message that contains an attachment, especially if you weren’t expecting it. Verify the source by contacting the sender to confirm that they sent the attachment. You should also scan the attachment with antivirus software.