Computer users at the College of Southern Idaho (CSI) have
responsibility to safeguard the information stored and used on their systems,
and limit liability due to theft or loss to the fullest extent possible. The
purpose of this document is to provide guidelines and recommendations to do so.
CSI Information Technology Services (ITS) strongly
encourages its computer users to protect the data they store and access.
Particular attention should be afforded to sensitive data.
Sensitive data may include any of the following:
- Personal info on
individuals, including donors, volunteers, alumni, friends, faculty,
students, attendees, and staff. FERPA
applicable information qualifies as sensitive data.
- Confidential data that
contains demographic, biographic, gift, membership, employment, academic,
admissions, or financial information associated with a specific individual.
For users who must
store sensitive data on their laptop:
recommends disk encryption software for any laptop that will be used for
storing restricted or sensitive personal information.
Please contact the Helpdesk x6311 to learn more about getting your laptop
Setup a screen saver password.
This prevents unauthorized access to your computer when you step away
from your desk. We recommend enabling
the screen saver to kick in after 10 minutes of inactivity.
Lock the Door.
Keep the location of where your computer resides locked when you are
away from your desk.
Protect Removable Media such as USB
thumb drives or external hard drives.
Encrypt the media if it contains any sensitive data.
Shred your printouts.
Shred any papers that may contain sensitive data, such as class
rosters, class schedules or other information.
Use caution in your Internet browsing.
Many web sites look innocent but secretly download spyware, trojans
and keyloggers on your system.
Internet gaming, pornographic, and peer to peer file sharing sites are
notorious for “drive by” downloads.
Be cautious with other sites as well:
a major nationwide retailer was recently cited for pushing tracking spyware
onto customer computers. Programs
such as McAfee’s Site Advisor (http://www.siteadvisor.com)
assist Internet users by identifying rogue websites.
Do not share your passwords.
Don’t post your password(s) where others may see them.
Do not allow workstudies to get on the system using your credentials.
Do not allow students or family members
(including children) to use your office computer.
Too often visitors are given unauthorized access to your office
computer. This puts your computer,
the files it contains, and the network in jeopardy.
We receive many service calls asking us to clean spyware and viruses
off computers where unauthorized users have downloaded rogue software.
- Power off of your
PC at the end of the day. This helps prevent unauthorized
intruders from accessing your files and the network using your credentials.
- Perform regular
backups. Backup your My
Documents folder regularly. Because
of space limitations, we do not recommend you backup to the network.
Use a USB hard drive or USB thumb drive instead.
If you use a backup drive, do not
keep it near your computer. Instead, store it in a secure location, such as
a locked cabinet.
guidelines for securing your laptop:
Protect Confidential data:
Do not download confidential data to your laptop
unless you need to work on it.
If the data resides on the network, leave it there – don’t copy it to
your local drive.
Encrypt your hard drive:
encrypting your hard drive, you add another layer of data protection.
Even if someone gains access to your laptop, they can't decrypt the files
to see your information. Please contact the Helpdesk x6311 about getting your
hard drive encrypted. This protects
you, the College and our students in the event of loss or theft.
The cost of encrypting the hard drive is small compared to the value of
Use wireless with caution:
Wireless connections are notoriously insecure and easy for bad guys to
sniff. This is true for wireless connections anywhere - in airports, hotels,
conference rooms, Internet cafés, even at the College of Southern Idaho.
guidelines with a laptop:
Avoid using computer bags:
Computer bags can make it obvious that you're carrying a laptop.
Instead, try toting your laptop in something more common like a
padded briefcase or suitcase.
Never leave access numbers or passwords
in your carrying case: Keeping your password with your
laptop is like keeping the keys in the car. Without your password or
important access numbers it will be more difficult for a thief to
access your personal and corporate information.
Carry your laptop with you:
Always take your laptop on the plane or train rather then checking
it with your luggage. It's easy to lose luggage and it's just as
easy to lose your laptop. If you're traveling by car, keep your
laptop out of sight. For example, lock it in the trunk when you're
not using it.
Keep your eye on your laptop:
When you go through airport security don't lose sight of your bag.
Hold your bag until the person in front of you has gone through the
metal detector. Many bags look alike and yours can easily be lost in
Avoid setting your laptop on the floor:
Putting your laptop on the floor is an easy way to forget or lose
track of it. If you have to set it down, try to place it between
your feet or against your leg (so you're always aware it's there).
Buy a laptop security device:
If you need to leave your laptop in a room or at your desk, use a
laptop security cable to securely attach it to a heavy chair,
table, or desk. The cable makes it more difficult for someone to
take your laptop. There are also programs that will report the
location of a stolen laptop. They work when the laptop connects to
the Internet, and can report the laptop's exact physical location.
Use a screen guard: These
guards help prevent people from peeking over your shoulder as you
work on sensitive information in a public place. This is especially
helpful when you're traveling or need to work in a crowded area.
This screen guard from Secure-It is just one example of a screen
guard you could use.
Try not to leave your laptop in your
hotel room or with the front desk: Too many things have
been lost in hotel rooms and may not be completely secure. If you
must leave your laptop in your room, put the "do not disturb" sign
on the door.