Cybersecurity affects everyone on campus, from students checking email to faculty managing research and staff supporting daily operations. Every account, device, and click plays a role in keeping our digital environment safe. Cyber threats often rely on simple mistakes rather than advanced hacking, which means awareness is one of our strongest defenses. This page is designed to help you recognize common risks and make safer choices online.

The following items are considered best practices and essential awareness that will assist us in keeping our systems secure.

• Phishing & Social Engineering
  Always pause before clicking links or opening attachments, especially if a message creates urgency, asks for credentials, or claims something will be suspended or expire. Check the sender’s address carefully, hover over links to verify destinations, and be cautious of unexpected requests—even if they appear to come from someone you know. Legitimate institutions will never ask for passwords or MFA codes via email or text. When in doubt, report the message or verify it through a trusted channel rather than responding directly.
• Passwords & Account Security
  Use strong, unique passwords for every account and never reuse campus credentials on personal websites. Enable multi-factor authentication (MFA) wherever it is available, as it significantly reduces the risk of account compromise. Password managers can help generate and store secure passwords safely, eliminating the need to memorize them. Never share passwords, and be cautious of login prompts that appear unexpectedly or outside normal workflows.
• Device & Data Protection
  Keep all devices updated with the latest operating system and application patches to protect against known vulnerabilities. Lock your screen when stepping away. Store sensitive data only in approved systems and back up important files regularly. If a device is lost, stolen, or behaving unusually, report it immediately to minimize potential impact.
• What to Do If You Suspect a Security Issue
  If you believe you’ve clicked a suspicious link, entered your credentials on a fake site, lost a device, or noticed unusual account activity, contact the ITC immediately. Prompt reporting helps limit potential damage and protect both your account and the campus community. To secure the situation, your account may be temporarily locked while the issue is investigated—this is a normal and protective step, not a penalty. The ITC will work with you to restore access safely and guide you on any next steps.