II. General Users

Roles and Responsibilities

General users of the computer resources at campus have an important role to data leakage prevention. Being part of the campus network, all end users have the obligation to protect data in the campus network. Below are some good practises for managing information and data:

Good Practices for general users to prevent data leakage

  1. Turn off unused Wireless Network - Disable the Wireless Network Interface Card when connection to the wireless network is not required. This will prevent attacks that are performed through the Wireless Network Interface Card.
  2. Encrypt your files - Make use of data encryption software such as WinZip as well as TrueCrypt for file encryption. A strong key, created in line with the security policy, should be used for encryption when files are being transferred into removable media or through email. Encrypted USB storage device may be used for additional level of protection.
  3. Avoid sending sensitive data over Internet email - Use your campus email to send confidential information. Sending sensitive information over an Internet email may result in a copy of your sensitive data being stored or archived by a third-party server.
  4. Store your data on a secure network drive - Store your data on the server instead of the hard drive of your own laptop to prevent data leakage should you lose the laptop.
  5. Virus scan over files from external source - Scan the files you downloaded from the Internet, whether it is an email or an external storage device before you open or save the file. Virus scanning is important to prevent data leakage.
  6. Ensure proper security is enabled for computer - Be responsible for protecting the security of your computer. Loss or theft of a computer, USB storage device or even printer, is a common cause to the loss of important data.
  7. Do not leave your printed documents unattended - Remember to collect all the printed documents from the network printer and ensure all print jobs are completed when you leave.

Related Incident

Bogus Intranets Scam University Students

Security Company (RSA) has detected a sudden rise in targeted attacks on US universities - particularly public state institutions - against internal websites used to serve students with services such as webmail. Such servers often contain personal data such as grades, names, addresses, and payment information.

Read More