Information Security Additional Resources and External Websites

  • Credit Freeze
  • With the recent news about the Equifax hack, where most Americans had their credit information exposed, many are looking for steps they can take to protect themselves from identity fraud. One important step is to get a credit freeze for each of the three US credit agencies. A credit freeze prevents additional credit accounts from being opened in your name. For more information on credit freezes, see the Federal Trade Commission's Frequently Asked Questions pageOpens in new window .
  • Password Managers
  • The average American has around 130 accounts registered with their primary email. Each of these accounts requires a password, however good security practices require that you never reuse the same password for different accounts. How can one possibly remember 130 strong, unique passwords? The simple answer is you don't. Instead use a password manager to manage all those accounts for you. A password manager is a program that keeps all of your passwords in a secure vault that is locked by a master password. For a free full featured password manager, try KeePassXCOpens in new window .

 

How To Check Your credentials/Accounts integrity and prevent compromises...

In the following sections, you will find few useful tips to check your accounts and devices for potential tech related compromises.

Generate Passwords

Generate strong and easy to remember passwords with Diceware.

Password GeneratorOpens in new window

Hacked Accounts

Simply enter the email address associated with the accounts you want to check.

Account CheckerOpens in new window

Hacked Passwords

Enter your password into the secure application and it will tell you if that password is already known to attackers.

Password CheckerOpens in new window

Phishing Emails

Learn how to detect phishing attacks from the phishing experts at Malwarebytes.

Detect PhishingOpens in new window

Strong Password 

Get a quick estimate of how secure your password is and how long it would take attackers to guess.

Password TestOpens in new window

 

 

Cyber Security Laws

There are several federal laws that govern different aspects of cybersecurity in the United States. For anyone working with medical records, the Health Insurance Portability and Accountability Act (HIPPA) governs what data can be accessed by different administrators or medical professionals. The Computer Fraud and Abuse Act (CFAA) grants protections to certain "protected computers", including those used by the Federal Government or financial institutions. Under the CFAA obtaining unauthorized access to computer systems or exceeding authorized access can result in severe fines or a felony depending on the context of the attack. Distributed Denial of Service attacks, also known as DDoS attacks are also illegal under the CFAA, even if the attack was not successful in disrupting the targeted service.

California Security Breach Information Act (SB-1386)

SB 1386 requires that any person or business that conducts business in California follow certain procedures to disclose the details and extent of security breaches that compromise non-encrypted personal information. The bill requires that affected persons be notified of the compromise of their data in a timely matter following the breach. For more information, see the full text of the bill.PDF File

Code of Ethics for the Security Professionals

Like many other professions, Security professionals also follow code of ethics specific for their profession. CSUF uses a Managed Security Services Provider (MSSP). Dell, Secureworks is an extension of CSUF security operations that closes the loop of people, processes and technology, offering 24x7 security operations center support.

DELL SECUREWORKSOpens in new window

 

 

CSU Internal Audit Reports

CSUF Audit ReportsOpens in new window

 

 

NSA Security Oath

NSA Secuirty Oath rev 4/9/53PDF File Opens in new window

NSA/CSS Employees Reaffirm their Oath to the Constitution of United States

The event began with a moment of silence at 8:46 a.m., the time when the first plane hit the World Trade Center in New York City on Sept. 11, 2001. ADM Rogers then invited the workforce to join him in reaffirming their oath, which is officially known as the Oath of Office.  Oath to the ConstitutionOpens in new window