Home

Security Basics

Security basics provide education, support, and transparency to the ASU community

Physical Security of Mobile Devices

Physical Security

It's easy to snag someone else's laptop or cell phone, but there are several steps you can take to make sure this doesn't happen to your stuff.

  • Use a security locking cable when you leave your computer unattended
  • Try to use a computer bag that doesn’t look like a traditional one
  • Never leave your computer in plain view
  • Use security location tools
  • If available insure your personal mobile device(s) against theft
  • Use encrypted thumb and flash drives
  • Set locked, password-protected screens on your Smart phones and iPhones

Internet Security

Password Security

Treat your computer password like you treat your ATM pin - keep it to yourself. And make your password something strong, something people can't guess. That means your birthday or your last name spelled backwards probably aren't the best choices.

  • Never share your password with anyone
  • Don't leave a copy of your password in plain sight or under your keyboard
  • Change your password often - at least every 90 days
  • Visit www.asu.edu/changepassword to change your ASURITE password
  • Never use short passwords - use at least 8 characters
  • Make your password complex - use a combo of letters, numbers & special characters
  • Log off computers when you're done using them
  • Setup a password protective screensaver to turn on after 15 minutes

Internet / Email Download Security

Opening emails that contain attachments from people you don't know can spread viruses to your computer. It's better to just delete emails from people outside your friends and family circle.

  • Never open email from someone you don't know
  • Preview unknown email if you must open the message but don't know the sender
  • Delete suspicious emails
  • Never download information from an unknown site or a site you don't trust
  • Never visit websites in emails sent from someone you don't know

Shopping Online & Personal Information

  • If you do use a public or Internet cafe to make an online transaction, clear the browser's cache and temporary directories once you are done
  • Look for the padlock at the bottom of the screen to ensure your Internet session is secure
  • If you see an outdated certificate, don’t use that site to make a transaction
  • Keep your personal information in an encrypted or restricted folder

Best Practices

Best Practices

Best practices are the most efficient and effective way of accomplishing a task, based on repeatable procedures that have proven themselves over time for large numbers of people. The following documents have been provided as a service to the university community.

Keep Systems & Software Updated

It's a good idea to check for system updates weekly to keep your computer current and secure.

Create Backups of your Files & Folders

Copy and save the files and folders you'd cry over if you lost. If you're not on good terms with your CDR, thumb, or flash drives, check out My Files, ASU’s new and improved way for enrolled students, faculty, and staff to store files on the ASU Network. With 4 gigabytes of storage space, My Files (formerly known as AFS Manager) is free of charge and is a great way to keep files organized and secure. Access My Files at my.asu.edu or learn more about it in the Help Center.

  • Create an Emergency Rescue Disk (ERD) to recover your system
  • Backup your data at least once a week
  • Keep copies of important data in multiple places

Use a Firewall

A firewall is similar to walking through the security check at the airport; the firewall inspects Internet traffic and either allows information to pass through to your computer or denies it and tells it to go home.

  • Use system firewalls and make sure it's turned on and is active
  • Never turn off your firewall while using the Internet
  • Check out the Software & Tools section of this website to find out more

Software

Spyware & Malware Software

Installing anti-virus software on your computer is kind of like giving your computer a flu shot; it'll prevent future outbreaks and keeps your computer healthy. Spyware and malware programs monitor the ways in which you use your computer. They look to see which websites you browse and can even change the way your computer behaves, like redirecting web pages to advertisements or slowing down your surfing speed.

Alternative Anti-virus Options

There's no need to fear, free anti-virus is here! Check these sites for free anti-virus software:

ISP provided anti-virus software

Free email services with integrated anti-virus

Phishing

What’s phishing?

Phishing is an online scam used to fraudulently collect your personal information, such as passwords or bank account and credit card numbers. Some email messages you receive may look and seem legitimate but should actually be avoided, deleted, and reported.

What does phishing look like?

Common phishing scams are emails that ask for your personal or financial information. Some scammers send emails that look like they’re from a legitimate bank or business and ask you to call a phone number to update an account or to access a “refund.” Because scammers can hide their location, the area code you call does not reflect where the scammers really are. If you need to reach your bank, credit card company, or another business, call the phone number listed on the back of your credit card or financial statement or type in a company’s web address yourself.

What can I do to avoid phishing scams?

There are some easy steps you can follow to avoid phishing scams, including:

  • Don’t use email to send your personal and financial information.
  • Don’t reply to email or pop-up messages that ask for your personal or financial information.
  • Don’t click on links or cut-n-paste a link from an unfamiliar message into your browser. Phishers can make a link look like it will take you to one place but actually sends you to a different site.
  • Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
  • Be cautious about opening email attachments or downloading email files, regardless of who sent them to you.
  • Use firewalls and anti-virus and anti-spyware software, updating them all regularly.

What should I do if I receive phishing spam?

  • Forward spam to spam@uce.gov and to the company, bank, or organization impersonated within the email.
  • You can also report suspect email to reportphishing@antiphishing.org. The Anti-Phishing Working Group uses these reports to fight phishing and cut down on spam.

What should I do if I have been scammed by a phisher?

If you’ve been scammed, contact the financial institution affected immediately and visit the Federal Trade Commission’s Identity Theft Web site at www.consumer.gov/idtheft to find out more about how to protect yourself.

Where can I get more information?

For more information about phishing and how to stop it, visit these links: