Security Tips

Arizona State University Cyber Security Tips

Do’s

1. Create Complex Passwords and Use Multi-Factor Authentication (MFA)

   
   Why It Matters: Strong passwords with letters, numbers, and special characters make it harder for attackers to guess or crack your login credentials. Passphrases are recommended.  MFA (e.g., using a one-time code from an app such as DUO) adds an additional layer of security, reducing the risk of unauthorized access to sensitive data.

2. Stay Informed Through Mandatory Security Training

   
   Why It Matters: Ongoing education about emerging threats, best practices, and enterprise policies ensures that all employees remain vigilant against cyber threats. ASU requires annual or periodic training to support compliance and manage risk effectively.

3. Lock Your Electronic Devices

   
   Why It Matters: Even a brief moment of leaving devices unlocked provides an opportunity for unauthorized access. Locking devices when unattended safeguards confidential enterprise information from internal and external threats.

4. Confirm Secure Connections (Look for the Lock Icon and “HTTPS”)

   
   Why It Matters: HTTPS websites encrypt data in transit, preventing attackers from intercepting or stealing sensitive information. Verifying the lock icon or “https://” in the address bar ensures your connection is secure.

5. Dispose of Unnecessary Data Properly

   
   Why It Matters: Storing unneeded files expands the attack surface for breaches. Regularly trashing or securely deleting old files helps maintain data retention policy compliance and prevents sensitive information from being exposed.

6. Keep Systems and Antivirus Software Up to Date

   
   Why It Matters: Regular updates and patches address known vulnerabilities. Outdated systems and antivirus programs are prime targets for hackers looking to exploit security loopholes.

7. Use Encrypted Wi-Fi or VPN for Secure Access

   
   Why It Matters: Public or unsecured networks can be easily intercepted by cybercriminals. Connecting through your organization’s secure Wi-Fi or using an official VPN ensures encryption and helps protect company data from interception.

Don’ts

1. Don’t Click Untrustworthy Links or Visit Suspicious Websites

   
   Why It Matters: Malicious links and websites can download malware or redirect you to phishing pages that steal credentials and sensitive information.

2. Don’t Use or Share Pirated Media (Infringing Copyright)

   
   Why It Matters: Copyright infringement violates the law and enterprise policies. Pirated media often contains hidden malware, posing a threat to the organization’s network.

3. Don’t Open Unsolicited Emails Requesting Personal or Confidential Information

   
   Why It Matters: Phishing scams often appear legitimate but aim to trick you into sharing passwords or financial details. Always verify the sender’s identity through official channels before responding.

4. Don’t Share Your Password

   
   Why It Matters: Password sharing undermines individual accountability and increases the risk of unauthorized access. Each user should maintain unique login credentials aligned with enterprise security policies.

5. Don’t Use Unsecured Systems or Devices
   Why It Matters: Systems not patched or protected with up-to-date antivirus software are more susceptible to malware. Using only secured devices minimizes the likelihood of introducing viruses or other threats into the corporate network.