Kansas State University


IT News

Five things you need to know about IT security at K-State

A new semester has begun, so it is time to remind everyone of their personal responsibility in helping protect themselves online and keep K-State information and technology safe. To quote IT security experts, “the Internet is a bad neighborhood,”* and based on the number of security incidents at K-State in 2008, it’s getting worse. You can still function safely online, though, if you take the time to learn about security and “think before you click.” Here are five things you should know about IT security at K-State:

  1. Never give your password to anyone in an e-mail message. K-State has been plagued by numerous e-mail scams over the last year that try to trick people into replying with their eID password. In fact, more than 120 K-Staters have had their eID password stolen this way in the past year. If you remember this one simple rule, you can prevent becoming a victim of these scams: K-State IT support staff will never ask for your password in an e-mail, nor will any legitimate business or organization. If you get such an e-mail, just delete it.
  2. Learn to recognize scams, frauds, and other forms of malicious communications so you don’t become a victim of identity theft, financial fraud, or end up with a compromised computer. Criminals are using all kinds of new tricks and coming at you from all angles — e-mail, malicious links on webpages, Instant Messaging, social networking sites like Facebook and MySpace, phone calls, and even knocking on your door.
  3. Use K-State’s free antivirus software on your Windows or Macintosh computer, which is required by policy if you are going to connect your computer to the K-State campus network, including the wireless network.
  4. Keep your computer AND your applications patched with the latest security patches. Just keeping your operating system, like Microsoft Windows or Mac OS X, patched is no longer sufficient. Hackers are regularly targeting vulnerabilities in applications like Microsoft Word, Adobe Acrobat, QuickTime Player, antivirus software, web browsers, e-mail clients, and countless others. Where possible, configure applications to automatically check for and install updates.
  5. Do not use peer-to-peer (P2P) software to obtain or distribute licensed or copyrighted songs, movies, and/or software that you do not have the legal right to possess. It is against the law, against K-State policy, and it puts your computer at risk of being compromised since hackers now attach malicious programs to files obtained through P2P applications. Buy the CD or the song — don’t steal it!

This is by no means an exhaustive list of the security precautions people must take. Much more information about IT security is available on K-State’s IT security website and K-State’s IT policy pages. Visit these sites and become familiar with what is expected of you so you can function safely online and protect yourself, your colleagues, and K-State’s information resources.

* from Firewalls and Internet Security: Repelling the Wily Hacker by William Cheswick, Steven Bellovin, and Aviel Rubin, 2003

About Harvard Townsend (harv@ksu.edu)

Chief Information Security Officer