Benchmarks Online

Skip Navigation Links


Page One

Campus Computing News

Summer Hours

Information Security Awareness

Get it while it lasts! UNT Support of SkillPort Computer-Based Training Ends November 2008

Today's Cartoon

RSS Matters

The Network Connection

Link of the Month

Helpdesk FYI

Short Courses

IRC News

Staff Activities

Subscribe to Benchmarks Online
    

Information Security Awareness

By Charlotte Russell, Director, Administration and Compliance (CITC), Information Security Officer (UNT)

Faculty and staff who come into contact with University data (e.g., student records, personnel information, financial data, etc.) are strongly encouraged to either attend a classroom-based security awareness course or take the online security course. Both are offered by the CITC Information Security group. If you handle some type of protected information, these courses will help you to become more aware of how important it is to ensure the security of university information.

You can learn more about information security in a number of ways:

Here are a few examples of methods that you can use to help ensure the protection of data and resources:

  1. Save important files to the network rather than to your hard drive.
     

  2. Use strong passwords and avoid using your UNT passwords on external systems.
     

  3. Don’t reply to e-mail requesting personal information, even if the source seems legitimate.
     

  4. Keep your software up-to-date.
     

  5. Social security numbers have been replaced by the empl id and should never be collected or stored on desktops, workstations, or on web servers.
     

  6. Credit cards numbers should never be transmitted via unencrypted means (e.g., e-mail, web forms, etc.). Departments who process credit card information must be authorized by UNT's Student Accounting and University Cashiering Services department.
     

  7. If one of your job functions requires you to handle sensitive data, ensure that it is transmitted via secure channels only (ex: ssh, ipsec, ssl, etc.).
     

  8. Research software and obtain permission from your supervisor and network manager before you install it. Look for known vulnerabilities by using websites such as www.secunia.com, www.securityfocus.com, or even popular search engines.
     

  9. When using ssh, remember to disable root logins, use strong passwords (or even use key authentication instead of passwords), and filter connections to trusted sources.
     

  10. If you are creating homegrown web applications, remember to keep best security practices in mind. Check the www.owasp.org community for current web application security standards or contact Central Web Services at cws@unt.edu for technical assistance.
     

  11. Remember, if you administer a website, register it at http://web3.unt.edu/siteregistration. See this recent article in Benchmarks Online for background information on this policy.
     

  12. Subscribe to an Information Security RSS Feed from http://security.unt.edu/news/general or http://security.unt.edu/news/vulnerabilities The feed icon is located at the bottom of each of the pages. 

     

 

Originally published, June 2008 -- Please note that information published in Benchmarks Online is likely to degrade over time, especially links to various Websites. To make sure you have the most current information on a specific topic, it may be best to search the UNT Website - http://www.unt.edu . You can also search Benchmarks Online - http://www.unt.edu/benchmarks/archives/back.htm as well as consult the UNT Helpdesk - http://www.unt.edu/helpdesk/ Questions and comments should be directed to
benchmarks@unt.edu

 

Return to top