Computer Security for Student Affairs Data Coordinators

The following information is provided to help the Data Coordinators understand the computer security requirements of San Diego State University and the Division of Student Affairs.  Use this information to review your department's computer security and implement any needed changes.

Each department is responsible for implementing procedures to protect their electronic data and computer hardware from theft, loss, or corruption.

Security Topics:

Software Patches
Anti-Malware Information
Notification
Vulnerability Assessment
System Compromises
Other Security Issues
Security Links
Campus Computing Policies

Software Patches

Software vendors frequently releases patches for vulnerabilities that are discovered in their software.  Some of the most critical vulnerabilities can enable an unauthorized user to take control of the system.  It is critical that every computer in Student Affairs has all current patches installed!

Anti-Malware Information

  • The latest version of anti-malware software can be downloaded from EDORAS.
  • Malware protection (DAT) files should be updated daily.
  • Avoid opening files attached to email unless you know their source or requested the file.
  • Don't run files directly from the Internet (it's safer to save them to disk first and then run them).
  • You can check the validity of a malware at the McAfee site.

Notification

To keep current on the latest security issues and vulnerabilities subscribe to the lists below:

Vulnerability Assessment

For Microsoft operating systems the Baseline Security Advisor can perform local or remote scans of Windows systems. It will scan for common system misconfigurations and weaknesses.

Download Microsoft Baseline Security Advisor

System Compromises

Server log files should be reviewed daily in order to discover suspicious activities and other system problems as soon as they occur. 

If you believe that a system has been compromised, you should:

  1. Immediately unplug the network cable in order to remove the system from the network.
  2. Notify the department director immediately.
  3. Contact Technology Services team immediately.
  4. Use our Student Affairs IT Work Requests system to submit your request to have your PC checked.

If you believe your email account has been compromised:

  1. Contact the ETS Helpdesk immediately.
  2. Notify Technology Services of the incident.

If you believe your email you have been targetted for Phishing attacks, follow these instructions to report it to ETS Helpdesk.

Other Security Issues

  • Make sure that every user account has a strong password.
  • Warn your users about how to avoid Social Engineering.

Security Links

Campus Computing Policies