Cyber Security Information for Students
There are many cyber security threats out there, but it is important to remember that most of them are avoidable. For additional cyber security do's and don'ts, check out ITS' "Top 10 List" of Good Computing Practices.
Make sure others don’t have the chance to use your accounts maliciously!
- Don’t share your password with anyone. ITS will never ask you for your password. Neither should anyone else.
- Always use cryptic passwords that can’t be easily guessed. See the "Top 10 List" or "Protect Passwords" pages for additional information and tips.
Criminals and hackers continue to come up with schemes designed to compromise computers, steal personal or private information or passwords, or trick you out of money. Scams commonly use email, the internet, or the telephone. Social media sites, texts and your personal computer can also be used as phishing tools.
Don't get fooled! For information about protecting yourself from scams, see http://its.ucsc.edu/security/scams.html
A good rule of thumb is to only post information you would be willing to put on a banner in a public place.
Assume that any information you enter online is public unless you are using a known, trusted, secure site. Social networking sites (Facebook, Twitter, etc.), personal web pages, and blogs are great places for people to find personal information about you -- and once you post something, you can't take it back! For tips on protecting your privacy online, go to http://its.ucsc.edu/security/internet.html
Updates fix problems in your operating system (the basic program that runs your computer/device) software, and apps. Out-of-date and unpatched devices are especially vulnerable to viruses and hackers. To protect yourself:
- Turn on automatic updates for your computer, antivirus, and all apps that you have.
- Install updates when your programs tell you they are available.
- Shut down or restart your computer once a week. This helps make sure software and security updates are properly installed to protect your computer and keep it running smoothly.
- For mobile devices, remember to sync often so you get available updates. Always install updates when your carrier tells you they are available.
Filesharing can expose your computer to a number of security risks.
- Although filesharing is not in itself illegal, if you share or download copyrighted material without permission – even unwittingly – you are breaking both the law and UC policy and could be subject to University, criminal, and/or civil sanctions. Please see ITS’ Copyright Education web site for more information.
- Improperly configured filesharing software can allow others access to your entire computer, not just to the files you intend to share.
- Viruses and malware can be transmitted by filesharing software.
- Files offered by others may not always be what they say they are.
What can you do?
- #1: Run up-to-date anti-malware software. This is required for Macs and PCs on campus!
Free software for students...
- #2: Make sure your filesharing software is configured only to share the files you intend to share.
- Also, turn filesharing off when you’re not actively using it to avoid unknowingly sharing personal or copyrighted files.
- Other tips to avoid malware...
- Additional information about filesharing is also available on OnGuardOnline.gov's web site.
Legal Filesharing Services
We strongly encourage you to use legal filesharing services for obtaining music, movies, TV, games, books, etc. on the Internet. A large list of digital music, videos, and other services is available from Educause at http://www.educause.edu/legalcontent.
Google is great for email and all of its many apps and tools. Google drive provides unlimited storage for documents and can be used to back up any local data or folders you have on a device. However, don’t forget to protect your account and any private information. Google security and privacy information is available at http://its.ucsc.edu/google/security.html.
Get started with Google drive: http://its.ucsc.edu/google/drive.html
Additional Google security tips:
Phones and mobile devices need to be protected just like any other computer.
Imagine that your phone or other mobile device was lost or stolen.
In addition to the device, what information did they get? Which of your accounts and credit cards can they use? Only store information you’re willing to lose. See http://its.ucsc.edu/security/mobile.html for information about:
- protecting mobile devices
- prevention in case of theft or loss
- wireless security
Checklist for lost or stolen mobile devices:
- Immediately report lost or stolen devices to the police: Report to UCSC police for campus incidents and local police for off-campus incidents (phone is best).
- If you used the device for work, notify your supervisor and also report it to the ITS Support Center (info below) so they can help identify and address potential compromised accounts or data.
- For phones, notify your cellular carrier -- see if they can deactivate the device.
- Change all passwords stored or used on the device, including email, backup services, shopping, banking, Snapchat, etc.
- Notify credit card companies and banks if you used the device for shopping or banking.
- Try to track its location, if possible.
- Try remotely wiping the device if sensitive data or passwords were stored on it.
A special note about mobile devices with GPS:
While Location Services are convenient and can also help track your phone in case of loss or theft, you may be sharing information about your location when you post or when you connect to your online apps. Location information can also be embedded in pictures. It is a good idea to review the privacy settings on the sites and apps you use to see if you can limit who can see your location information.
More information about Facebook Location/Check-In Services is available at:
Random wireless hotspots can steal your passwords and information. It is even possible to set up a hotspot that looks legitimate but lets people spy on everything you do while connected. To protect your privacy, use eduroam secure wireless where it’s available on campus and in other locations (it’s an international service). Use the campus virtual private network (VPN) when connecting to public wireless, like in a coffee shop.
Many people think that Macs are immune to viruses and malware. While it is true that Macs are targeted less often than PCs, there is still plenty of malware out there that can compromise Macs. Macs need all of the same protections as PCs to keep your information secure. See ITS' "Top 10 List" of Good Computing Practices for tips on securing your computer and information.
Whether you live in the dorms, an on-campus apartment, or off campus, be sure to keep your door locked to help prevent theft -- and don't rig your dorm room door to just push open. Lock your vehicle and keep valuables out of sight. Keep an eye on your backpack in public places. Although it is easy to feel safe on campus or living with other students, thefts happen and items go missing every week!
If you ever have a question about a cyber security issue, contact the ITS Support Center