As university employees, we use the personal
information of others in order to do our jobs. Many times we have access to an
individual's personal data such as name, Social Security number, credit card
number, bank account information, or other identifying information in order to
do our jobs properly. It is necessary that each and every one of us safeguard
this information by practicing good security in our everyday routines and by
being aware of the sensitivity of the information we are working with.
Information security is more than simply having a
user ID and password to protect our systems. Viruses, worms, spammers, phishers,
and other malicious activities threaten us every day. Technology alone is not
enough to ensure information security. Investments in firewalls, intrusion
detection systems, anti-virus software, and other security technology are only
the fundamentals of physical security. People are truly the driving force
behind the success of information security.
Security awareness is needed to educate people on
how to protect not only their own personal information but also the information
they handle in their jobs daily. Because of the importance of the information
we handle, we need to practice good security in our everyday routine and be
conscious of the different types of information we have access to.
Each of us needs to be familiar with potential
security issues in our particular area and recognize how to prevent them in the
future. It is our shared responsibility to protect Shawnee State's information
and technology resources.
SSU's Security Awareness
Shawnee State University is working to ensure
that all members of our university family, including students, faculty, and
staff, are aware of the importance of information security and understand their
role in creating and maintaining security. It is important that everyone
recognize the need to protect data, information and systems not only with
technical solutions but also with human efforts. As a part of this effort,
information has been distributed to all employees to promote Security
Awareness. SSU is participating in the Federal Trade Commission's educational
program on Identity Theft entitled "Deter, Detect, Defend; Avoid ID Theft" and
has launched it's own Security Awareness Education Campaign "Be Informed, Be
Aware, Be Responsible About Information Security".
Here are several resources that can be used to
increase your level of Security Awareness:
Deter, Detect, Defend
Federal Trade Commission's brochure with easy to read tips (PDF - 207KB)
A 10-minute educational video that provides an overview of identity theft and outlines the steps consumers can take. Provided by the Federal Trade Commission.
The process of identifying an individual based on a user name and password for the purpose of allowing access to systems or services.
A computer program file capable of attaching to disks or other files and replicating itself repeatedly, typically without the user’s knowledge.
A procedure that renders the contents of a message or file unreadable in order to prevent anyone, except the intended recipient, from reading the data.
A value for a computer or device that is used to identify a particular network or host on the network.
A form of Internet fraud that aims to steal valuable information such as Social Security numbers, credit cards, user IDs, and passwords.
A network established and operated by a private organization for users within that organization. A private network includes: internal Local Area Networks (LANs) and Wide Area Networks (WANs); leased lines; the university network backbone; and internal telephony systems.
Any network ultimately beyond the physical access control of Shawnee State University. This includes, but is not limited to, the public telephone system, the Internet, or satellite systems.
An electronic form of junk mail or unsolicited e-mails generally dealing with advertisement or marketing a product.
Any software that secretly gathers user information without the user’s knowledge or consent. Once installed, the spyware monitors user activity on the Internet and transmits the information in the background to someone else. It can also gather e-mail addresses, passwords and credit card numbers.
Communication systems and adjuncts including but not limited to: phone system; private branch exchange (PBX); voice mail; fax service; wireless transmissions; call accounting; call management systems; voice response (VRU/IVR); and voice recorders.
A program that appears useful and legitimate but contains hidden code designed to perform unauthorized functions.
Virtual Private Network (VPN)
Technology that establishes a private and secure network connection within a public network, such as the Internet.
A self-replicating program that reproduces itself over a network.