Carnegie Mellon University Website Home Page
 
Skip navigation and jump directly to page content
News
Security News Archives
2009
January
Welcome Back Faculty and Staff
Welcome Back Students
New Information Security Policy Approved
Accounts
Network, Phone & TV
Software
Email & Calendar
Secure Your Computer
Clusters & Printing
Web Services
Classroom & Event Support
Training & Education
Technical Support & Services
Campus Partners
Information Security Office (ISO)

Welcome Back Faculty and Staff

January 20, 2009

Dear Faculty and Staff,

Welcome back everyone and Happy New Year! The ISO would like to extend its appreciation to all faculty and staff members who participated in the Identity Theft study.

In order to begin the 2009 spring semester with minimal disruption to your network connectivity while keeping your assets and data protected Carnegie Mellon University and the Information Security Office would like to remind you of the following safety tips:

1. Make sure to change your Andrew account password often and use a strong passphrase.
ISO recommends changing your password once every 90 days. A strong password or passphrase consists of letters, numbers and symbols.  For more information on how to manage your Andrew account password, go to: Managing Your Andrew Account Password 

2. Understand the type of data stored on your machine.
Personally Identifying Information (PII)on your machine or that you have access to, may have a legal obligation to act upon or have an adverse impact on the University. PII data includes: Social Security numbers, bank account numbers, credit card numbers, pass words and health record information.  Purge, redact or secure PII and discuss options for alternate storage with your Dept-Admin.

If you are unsure about the type of data stored on your machine, download and run Identity Finder software from Computing Services at:  Licensed Software List

3. Report compromised machine.
If  you think your machine may have been compromised, you should IMMEDIATELY:

  • Disconnect your machine from the network
  • Turn off wireless connection
  • Contact the ISO at (412) 268-2044 or iso-ir@andrew.cmu.edu
  • Contact your Dept-Admin
  • Avoid taking any further action
  • Visit Procedure for Responding to a Compromised Computer guidelines for more information

4. Think before you click when it comes to email attachments, instant messages and websites you don’t trust. If you weren’t expecting a message, don’t know the source, or if a message/website looks suspicious, don’t click and ABSOLUTELY DO NOT PROVIDE ANY PERSONAL INFORMATION!  Verify it first with a phone call or an independent e-mail.  One bad click can infect your computer, launch attacks on others, and result in network suspension until your machine is disinfected!

5. Visit the ISO Website often.
Go to  https://www.cmu.edu/iso/ for security alerts, news, safe computing practices, training events, polices and guidelines and help with securing your computer.

As always, feel free to contact us at iso@andrew.cmu.edu with any questions or comments.  Have a great semester everyone!

Information Security Office
Computing Services
Carnegie Mellon University
https://www.cmu.edu/iso/