This page uses javascript to help render elements, if you have problems please enable javascript.
 
You are now inside the main content area
 
 
 
left col

Cyber Safety

Best Practices

Simple Habits. Stronger Security. Safer Campus.

right col
 
left col
right col
 
left col

Why Cybersecurity Matters

In today’s digital-first academic environment, cybersecurity is not just an IT issue, it’s a shared responsibility. Every student, faculty member, and staff member plays a role in protecting CSUF’s digital ecosystem. Cyber threats are constantly evolving, and even a single weak password or careless click can lead to:

  • Data breaches that expose sensitive student, research, or financial information.
  • Disruption of services like email, learning platforms, or administrative systems.
  • Reputational damage to the university and its community.
  • Legal and compliance violations under CSU, FERPA, HIPAA, and other regulations.
right col
 
left col

Cybersecurity Best Practices

Explore best practices, designed to reduce risk, prevent data breaches, and ensure compliance with CSU policies. By following cybersecurity best practices, you help:

  • Prevent attacks before they happen
  • Minimize the impact of incidents
  • Create a culture of security awareness across campus
right col
 
left col

Email Protection

Email is the #1 target for cybercriminals. It’s used to deliver phishing scams, malware, and social engineering attacks.

 

Best Practices:

  • Verify the sender, check the email address, not just the display name.
  • Look for red flags like poor grammar, urgent language, or mismatched URLs.
  • Avoid opening unexpected attachments especially .exe, .zip, or .docm files.
  • Never send sensitive data espcially passwords, personal information, and SSNs via email.
  • Use CSUF email for all university-related communication to ensure security and compliance.
  • Report suspicious emails to iso@fullerton.edu or use the “Report Suspicious” button in Outlook.

Example: If you receive an email saying "Your account will be deactivated in 24 hours”, don’t panic. Check the sender, get it verified, and report it (if suspicious).

 

Resources:

 

Malware Protection

Malware can steal data, damage systems, or lock you out of your files (ransomware).

 

Best Practices:

  • Install antivirus software on all devices and keep it updated.
  • Avoid downloading software or files from unknown or untrusted sources.
  • Avoid pirated software or downloads from untrusted websites.
  • Don’t plug in unknown USB drives or external devices.
  • Run regular scans to detect and remove threats.
  • Keep your operating system and apps updated to patch known vulnerabilities.

Example: A free PDF converter from an unknown site might install spyware. Always download from trusted sources.

 

Resources:

 

Password Protection

Strong passwords are your first line of defense against unauthorized access. Weak or reused passwords are a major risk. 

 

Best Practices:

  • Use long, complex passwords (12+ characters with a mix of letters, numbers, and symbols).
  • Never reuse passwords across multiple accounts.
  • Use a password manager to generate and store secure passwords.
  • Enable Multi-Factor Authentication (MFA) on all accounts that support it.
  • Change passwords immediately if you suspect they’ve been compromised.

Example: Instead of “Titan123,” use a passphrase like “Titan$Graduate2025!” and store it in a password manager.

 

Resources:

 

Phishing Protection

Phishing is a deceptive attempt to trick you into revealing personal or financial information.

 

Best Practices:

  • Be skeptical of urgent or unexpected messages, especially those requesting action.
  • Hover over links to check where they lead before clicking.
  • Don’t download attachments from unknown senders.
  • Report phishing attempts to the ISO to help protect others.

Example: A fake email from “CSUF IT Support” asking you to reset your password immediately is likely a phishing attempt. Always verify before clicking.

 

Resources:

 

Public Wi-Fi Safety

Public Wi-Fi is convenient but often insecure, making it easy for attackers to intercept your data.

 

Best Practices:

  • Avoid accessing sensitive accounts (e.g., banking, CSUF systems) on public networks.
  • Use CSUF’s VPN to encrypt your connection when off-campus.
  • Turn off auto-connect features on your devices.
  • Use HTTPS websites and avoid entering personal information on unsecured sites.

Example: At a coffee shop, use your phone’s hotspot or VPN instead of connecting to open Wi-Fi.

 

Resources:

 

Device Security

Your devices are gateways to your data and the university’s systems.

 

Best Practices:

  • Lock your screen when stepping away, even for a moment.
  • Install security updates as soon as they’re available.
  • Avoid using personal devices for university work unless approved and secured.
  • Use antivirus and firewall protection on all devices.

Example: If your laptop is stolen but encrypted and password-protected, your data is much safer.

 

Resources:

 


Home Network Security

A secure home network is essential for remote work and learning.

 

Best Practices:

  • Change default router credentials and use a strong Wi-Fi password.
  • Enable WPA3 or WPA2 encryption on your router.
  • Keep router firmware updated to fix security flaws.
  • Create a guest network for visitors to isolate your main devices.

Example: Don’t use “admin/admin” as your router login. Change it to something unique and secure.

 

Resources:

 

Secure Remote Work

Remote access introduces new risks that must be managed.

 

Best Practices:

  • Use CSUF-approved tools like OneDrive, Teams, and VPN.
  • Avoid saving sensitive data on personal or unencrypted devices.
  • Follow CSUF’s remote access policies and report any issues promptly.
  • Back up important files to secure cloud storage.

Example: Don’t email student records to your personal Gmail. Use CSUF’s secure platforms.

 

Resources:

 

Data Handling & Storage

Improper data handling can lead to serious breaches.

 

Best Practices:

  • Store sensitive data only in approved, encrypted locations.
  • Use secure file transfer methods (e.g., encrypted email, SharePoint).
  • Avoid using USB drives unless encrypted and approved.
  • Follow CSU data classification standards when handling student, financial, or health data.

Example: Don’t store student related spreadsheets on your desktop. Use OneDrive or SharePoint with encryption.

 

Resources:

 

Incident Awareness

Knowing how to respond to a security incident is just as important as prevention.

 

Best Practices:

  • Recognize signs of compromise (e.g., slow performance, unexpected pop-ups, unauthorized access).
  • Don’t try to fix it yourself, you may make it worse or destroy evidence.
  • Report incidents immediately to the ISO for investigation and containment.

 

Resources:

 

right col
 
 
left col

Are You Cyber Safe?

Use this quick checklist to assess your cybersecurity habits

  1. I use multi-factor authentication (MFA) on all my accounts.
  2. I never reuse passwords across different services.
  3. I verify links and attachments before clicking.
  4. I backup up import files reqularly.
  5. I lock my screen when away from my device.
  6. I report suspicious emails or activity to IT.
right col