Fresno State uses lots of data every day. Payroll information, procard and student financial aid information are just a few examples of confidential data elements we utilize on a regular basis.

The IT Team Can’t Do It Alone — Cybersecurity Is Everyone’s Responsibility
These data elements are shared within our university and with vendors we do business with. It’s not just the IT departments responsibility to understand the information security requirements needed to protect confidential data. Information security is a shared responsibility.

Every campus department needs to understand how to properly secure the data entrusted to it. The following tips will help the university to protect its sensitive data.

What can you do every day to protect data?
There is not a "one size fits all" blueprint for information security controls that all universities can follow. Our entire campus community has a responsibility to know basic information security protections to safeguard sensitive data from being mishandled:

• Update your computing devices: Ensure updates to your operating system, web browser and applications are being performed on all personal and Fresno State issued devices. For additional information, contact your college IT Liaison.

• Enable two-factor authentication: Whether for work or personal use, two-factor authentication can prevent unauthorized access even if your login passwords are lost or stolen. You may enroll university devices with DUO [two-factor authentication] here.

• Create really strong and unique passwords and NEVER share them: If you use the same password across multiple email accounts and websites holding sensitive data and one of those sites experiences a breach, then all sites are at risk of being compromised.

  Complex passwords don’t have to be obscure to be strong. Create passwords using phrases and words that only you know and strengthen them by including special characters to ensure the words are not obviously connected. Here are a few examples: $ilverAl0hapapayA or j3remiahM!ffybu11d0g.

  Never, never share your password! Avoid writing down your passwords, and store your passwords securely.

• Protect your devices: Using biometrics or six-digit passcodes on smartphones and tablets is critical to prevent curious minds from accessing personal data, work email or retail/banking information. It also helps protect your device if lost or stolen.

• Understand where, how and to whom you are sending data: Many breaches occur because of "oopsie moments" where we accidentally post confidential information publicly or mishandle by sending via email. Never send confidential information in an email. Taking care to know how you are transmitting or posting data is critical.

More than half of the breaches in the education sector were caused by activities directly attributable to human error, including lost devices, physical loss and unintended disclosure. Such breaches are preventable by following the basic information security protection safeguards presented.

Thanks for taking a moment to familiarize yourself with these important data security practices.

Sincerely,
Technology Services