Information security and the protection of Albright data and systems is everyone’s responsibility!
How am I responsible for Information Security and Data Privacy?
- Keep your computer’s software up to date, including your mobile devices.
- Use different passwords for different websites and services. Do not use your Albright account credentials on other, non-Albright, systems and applications. In this manner, a compromised password for one system or service does not put all of your personal data, information and access at risk.
- Use strong passwords that are easy for you to remember and difficult for others to guess.
- Change your passwords regularly.
- Do not save or store your passwords in your browser or within applications.
- If you suspect that your password has been compromised, you should change it immediately, or call Client Services at 610-921-7676.
- Be aware that no reputable business will ever ask you to share your password. You should never share or provide your password to anyone, including Albright IT Services personnel.
- Use a password on your smart phone or other mobile devices.
- Protect the highly sensitive data (social security number; driver’s license number; passport number; financial/credit/banking account numbers) of Albright community members, including students, prospective students, faculty, staff, alumni and donors. For additional information about the electronic storage of highly sensitive data, see Albright’s Administrative Data Management and Access Policy.
- Report information security incidents by emailing ITSecurity@albright.edu
How do I choose a strong password?
All LionLink passwords must meet the following complexity requirements:
- 10 or more characters
- Characters from 3 of the 4 following groups:
- An upper-case letter
- A lower-case letter
- A number
- A special character (~ ` ! @ # $ % ^ & * – _ .)
- Cannot contain a portion of your username
- Cannot be any of your 3 previous passwords
For a strong password, you should also incorporate the following:
- Sentences or phrases
- A combination of mixed-case letters, numbers and special characters
- A variation of capitalization throughout the password
- Have over 12 combined characters that make up the password (16 or more is ideal)
Avoid creating passwords that use:
- Single dictionary words in any language.
- Words spelled backwards, common misspellings, and abbreviations.
- Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
- Personal information. Your name, birthday, driver’s license, passport number, etc…
How do I change my Albright passwords?
Passwords should be changed regularly!
How do I stay ‘safe’ online?
The following information is provided by www.staysafeonline.org:
You use your computer almost daily, for homework, research, social networking, online purchases, and more. The Internet is an amazing tool that provides both opportunities and risks. It is a source of endless information, but must be used with good judgment. When you log on to the campus network (or any network), what you do online could not only have impact on your one computer, but other users as well. These include other students, staff, and faculty members. By combining up-to-date security tools with good judgment, you are much less likely to encounter a security violation, loss of data, or system problems. (StaySafeOnline.org)
Always keep your computer or mobile devices up to date with current operating system patches and antivirus software protection. For information about free antivirus software, please refer to: http://antivirus.about.com/od/freeantivirussoftware/tp/freeantivirus.htm.
Check out the STOP. THINK. CONNECT. tips and advice from the National Cyber Security Alliance: http://staysafeonline.org/teach-online-safety/higher-education/
How do I protect my privacy?
The following tips are from www.staysafeonline.org:
- Learn how to use the privacy settings for any service you use, and use these privacy settings to control your audience.
- Make sure you actually know the people you interact with online.
- Avoid sharing personal information about your whereabouts. It is better not to post your class schedule, your party plans, your hangouts, your vacation plans. Do not use location based services designed to let others know where you are.
- Be cautious with online games and questionnaires. Don’t fill out fun questionnaires that ask for personal information, even if they’re forwarded to you by your friends.
- Post photos of yourself and others with care and respect.
- Phones can contain tremendous amounts of personal information. Lost or stolen devices can be used to gather information about you and, potentially, others. Protect your phone like you would your computer.
- Secure your phone: Use a strong passcode to lock your phone.
- Only give your mobile number out to people you know and trust and never give out anyone else’s number without their permission.
What is a security incident?
An information security incident is any event that exposes (or potentially exposes) information or resources to unauthorized access, disruption or modification. Security incidents should immediately be reported to the IT Services information security team by emailing ITSecurity@albright.edu
Examples of security incidents include:
- Loss or theft of college owned laptops or storage devices
- Unauthorized access to an Albright computer or account
- Violation of college IT policies or standards
- Compromises of college data
- Inappropriate use, storage or distribution of highly sensitive data. Please see Albright’s Administrative Data Management and Access Policy for additional information regarding highly sensitive data and the appropriate methods for electronic storing and security highly sensitive data.
How do I report a security incident?
Report suspected security incidents immediately by emailing firstname.lastname@example.org
When reporting security incidents, you should provide as much detailed information as possible, including your contact information, the date of the incident and the approximate time of the incident. For contact information, please include your name, email address and phone number.
Please note: For incidents involving threats to health or safety or the theft or vandalism of computers or computing devices contact Public Safety at (610-921-7670).