IT: Security Best Practices

security icon

1. INSTALL ANTIVIRUS SOFTWARE  

  • Cooper Union requires that all devices connected to the campus network run up-to-date antivirus software. Cooper provides Blackberry Protect (formerly CylanceProtect) for all Cooper-owned computers.   

  • We strongly recommend that students acquire antivirus software for their personal computers. Blackberry , McAfee, and Norton are all reputable providers. 

  • Blackberry should always be active and configured to update on a regular basis because it works at the endpoint where most attacks occur  It is more efficient, faster and will mean less disruption.. 

  • Blackberry uses AI Driven Threat Protection which will stop more attacks than just signature based systems.. 

  • Blackberry Protect works where most attacks occur - at the endpoint - for better efficacy, faster resolution, and less disruption.  

  • If you do not have Cylance installed on your work computer (or are not sure) please contact: ITsupport@cooper.edu 

  • Contact ITSupport@Cooper.edu if you believe that your computer is infected with malware. Disconnect the computer from the network immediately to keep the infection from spreading or sending information to an attacker. 

2. USE A STRONG PASSWORD FOR EVERY WEBSITE AND APPLICATION YOU USE  

Passwords are one of the most important controls on access to information. We strongly recommend that you never use the same password for multiple accounts. If a hacker compromises a credential, that same username and password could be seriously compromise your data! 

  • Choose a password that is at least 10 characters which includes: Upper/Lower case, Numbers & Symbols.  Try to avoid dictionary words. 

  • Enable two-factor verification for all sites that support it (Facebook, Instagram, Twitter, LinkedIn, Etc.) 

  • Change your password at least once every 6 months 

  • Use a Passphrase or a Password Generator. A passphrase is a group of words that means something to you. For example: CooziP10003! That translates to: Cooper zip code is 10003! 

  • If you have trouble keeping track of passwords, use a Password Manager for all your websites. Keeper or LastPass are one of many examples of password managers.  

3. E-MAIL SECURITY TIPS 

Here are some common sense measures that can reduce your vulnerability to cyber crime and reduce vulnerability to social engineering.  

  • Be careful of email that does not have a Cooper email address (ending in @cooper.edu) or if you do not recognize the sender’s email address 

  • Do not open email if a sender’s name does not match their email address or if the language and spelling of the email are obviously inaccurate or vague 

  • Never respond to an email with personal information (social security number, address, etc.), send money or wire funds to anyone you do not know or any business where you have not confirmed that request for information is coming directly from them.    

  • Phishers have become very sophisticated and can make the requests look very real with logos and typeset matching institutions’ branding.  

  •  Any phishing attempt to trick you into revealing confidential, personal, or financial information, your password, or sending money is a scam. Credible organizations will never ask for this. 

  • Malware, spyware, Trojan viruses, and other malicious software is often transmitted through email in the form of malicious links or seemingly credible attachments. Clicking these links or opening these attachments may infect your computer. 

  • Do not transmit sensitive, restricted information by email. It is not secure. This includes passwords, PIN numbers, or files containing restricted information (such as Social Security numbers). 

  • DO NOT CLICK ON LINKS IN EMAILS OR OPEN ATTACHMENTS YOU WERE NOT EXPECTING!

4. HOW TO SPOT PHISHING ATTEMPTS 

  • Phishing: Legitimate organizations do not email, call, or otherwise contact their customers asking sensitive questions or for personal information, such as usernames and passwords. This is known as "Phishing," an attempt to trick people into revealing confidential, personal, or financial information, obtaining a password, or sending money. When in doubt, do not respond or give your information and contact the organization directly.  

  • Shredding: Throwing away a document can give a cyber criminals opportunity to impersonate you. Shred sensitive information and never put it in the garbage intact. 

5. USE SECURE WI-FI CONNECTIONS AT HOME AND WHEN TRAVELING 

  • When at home, be sure to password-protect your Wi-Fi network. Specifically, always change the vendor default username and password for routers, modems, and other smart devices. Not having your wireless connection locked down is an open invitation for someone to break into your network and access your systems. The password for your Home Wifi Access Point should be something complex that utilizes multiple character types similar to your password.

  • You should always use at least WPA2 Encryption settings on your Home Wifi Setup.  This configuration is typically a toggle setting in your Home Wifi Setup.
  • When in public locations such as hotels, coffee shops and airports, be wary of wireless networks. If possible, you should use your cell phone's hotspot. (Check your data plan for associated fees.) 

  • Do not connect to a wireless network you do not recognize. Avoid looking at or entering personal or sensitive information when connected to a public network. 

  • Most cell phones have Personal Hot Spot capabilities built-in; those are safer to use than a public network. 

6. BACK UP IMPORTANT INFORMATION 

Due to hardware failure, malware infection, or other causes can put you into a situation where your data is permanently lost or inaccessible. Be sure to regularly backup your data which you find important. 

  • Cloud backups are a good option for many users. Once installed, these applications back up the data on a scheduled or continuous basis.  

  • Backing up to an external Hard Drive is also an excellent choice and most manufacturers supply free software to back up the data. The problem with backing up to an external Hard Drive is remembering to do it, unless it is constantly plugged in. 

  • On a Mac, use Time Machine to back up your data to an external drive 

7. SECURE YOUR MOBILE DEVICE 

We accumulate a lot of personal information on our mobile devices. This valuable data makes these devices a target for thieves and cyber criminals. 

  • Use password, passcode, or biometrics on your mobile device. Set the lock feature to a few minutes. 

  • Use Encryption to protect your personal information on mobile devices 

  • Leave your Blue Tooth turned Off when not in use 

  • Do not save passwords or PINs on your smart phone 

  • Use remote tracking software on your smart phone that can find, lock, and erase your data if your smart phone is lost or stolen 

  • Take note of your IMEI (International Mobile Equipment Identity) number. An IMEI is your 14–16-digit serial number which identifies your smart phone. If a device is reported stolen, it will be permanently unusable on most carrier networks, even if the SIM card is changed 

8. DOWNLOAD FILES LEGALLY 

Avoid peer-to-peer (P2P) networks and remove any file-sharing clients. P2P clients have worldwide sharing capabilities and you never know if the file has a Trojan virus or worm virus. Unsigned apps from the Apple’s App Store or Google’s Play Store may have “back doors” to the mobile device allowing cyber criminals to steal your data. 

9. SECURE YOUR WORK AREA BEFORE LEAVING IT UNATTENDED 

Whenever a laptop or portable device is lost or stolen, the data on that device has also been stolen. If proprietary Cooper Union data is lost or compromised, the resulting damage can be much greater than the cost of replacing the equipment. 

  • Avoid storing personal data on laptops and other mobile devices 

  • Before leaving your work area, turn off, close the lid of, or lock your computer. Put away sensitive documents; lock cabinets and other storage spaces. Take portable devices or media with you or lock them up. 

  • Remove sensitive documents right away from printers and copiers so that no one else can read them. 

  • Shred documents that contain sensitive information. Do not discard them in public wastebaskets. 

10.  SOFTWARE SAFETY TIPS 

  • Zoom: always set a password for your meetings to avoid strangers entering your teleconference. 

  • Third Party Applications: Do not use free software for teaching.   

  • Always use the educational license of software for academic purposes to remain FERPA compliant. 

  • If you want to request new software for a class, please contact itsupport@cooper.edu

 

 

  • Founded by inventor, industrialist and philanthropist Peter Cooper in 1859, The Cooper Union for the Advancement of Science and Art offers education in art, architecture and engineering, as well as courses in the humanities and social sciences.

  • “My feelings, my desires, my hopes, embrace humanity throughout the world,” Peter Cooper proclaimed in a speech in 1853. He looked forward to a time when, “knowledge shall cover the earth as waters cover the great deep.”

  • From its beginnings, Cooper Union was a unique institution, dedicated to founder Peter Cooper's proposition that education is the key not only to personal prosperity but to civic virtue and harmony.

  • Peter Cooper wanted his graduates to acquire the technical mastery and entrepreneurial skills, enrich their intellects and spark their creativity, and develop a sense of social justice that would translate into action.