University of Nebraska Kearney

Protecting the nonpublic personal information of our employees and students is an important responsibility. The practices listed below can help us ensure that information stays protected.

• Email is a primary method for attacking your computer.  It is easy for an attacker to send a message that will infect your computer, even if you do not read or preview it.  This is why antivirus software is essential.
  • Use encrypted email or do not send confidential information.
  • Do not open attachments you are not expecting.
  • Do not click on links to web pages that arrive in email.
  • Report any suspicious email messages you receive to the ITS Helpdesk.
  • Keep your preview pane closed.
  • Never respond to spam—even to “unsubscribe.”
• Sensitive communication via email poses real risks.  The most common disclosures result from email accidentally sent to the wrong person.  Therefore, use special care when addressing email with sensitive information.  For highly sensitive data, choose methods other than email.
• Use special care when faxing sensitive information.  Be sure that the fax number is correct and that someone on the other end will promptly retrieve the faxed document.
• Use special care when handling paper documents.  Do not leave documents with social security numbers on your desk when you leave.  Do not share social security numbers over the telephone when your conversation can be overheard by others.
• Choose a strong password—one that is difficult to guess.  If you think your password has been compromised or shared, change it immediately. 
• Do not share passwords and do not allow anyone to work on a computer that you have logged into. 
• Recognize when your computer may be compromised.  It is often difficult to recognize when your computer system has suffered a security compromise.  If you notice your computer behaving slowly, rebooting by itself, or exhibiting any unusual behavior, notify an IT support person.
• Avoid risky web and email activities:
  • Be skeptical of email and web sites that ask you to provide personal information, such as social security number, to download software or files.
  • Confirm that an embedded web link in the body of an email goes where it is expected to go before you click on it.
  • “Free stuff on the Internet is like candy from a stranger.”  Be aware that seemingly harmless games, utilities, and other “fun stuff” can work behind the scenes and install spyware or other malicious software (malware) on your computer.  They can harbor viruses and even open a “back door” giving access to your computer.
  • Identity theft is the intentional use or theft of a person’s private information to obtain goods or services.  Any purchase at a web site or any online transaction, such as online banking, increases your risk of identity theft.  Take precautions to ensure the confidentiality of your private information.
  • Only download from well-known software vendors.
• Any security incidents involving systems that store and/or have access to social security number  must be reported promptly to the Information Technology Services Helpdesk.  Security incidents include, but are not limited to, virus infections, spyware infections, rootkits, compromises such as hacks and inappropriate use, and lost media or lost computing devices.

   

Office of Information Technology Services, 114 Otto Olsen Bldg, (308) 865-8950
ITS HOME | POLICIES | ABOUT ITS