Stay Safe Online
alerts from the ESU Cybersecurity Team
As we work through the transition to online learning, teaching, and working, we want to provide you with as much information possible to make sure you're keeping safe online. Scammers, spammers and hackers will take advantage of situations like the coronavirus crisis and exploit it to their advantage. We will post any relevant cybersecurity alerts and tips on this page that could have an impact on the ESU community.
Zoom - Best Practices
Zoom alert - unintended participants
Issue: Unintended participants are sharing their screens in Zoom meetings.
Solution: When first setting up Zoom or as soon as practical thereafter, navigate to “https://emporiastate.zoom.us/profile/setting" and modify the following:
(Turn on) - “ Require a password when scheduling new meetings - A password will be generated when scheduling a meeting and participants require the password to join the meeting. The Personal Meeting ID (PMI) meetings are not included. “
and verify this setting is turned on:
- “Embed password in meeting link for one-click join - Meeting password will be encrypted and included in the join meeting link to allow participants to join with just one click without having to enter the password.”
Zoom alert - posting links to social media/the web
Issue: Unintended participants in Zoom meetings
Solution: Never share your Zoom meeting URL's on social media or any other public website
Zoom Alert - Sharing Information
Issue: Confidential information being leaked
Solution: Never share confidential protected information such as PII, PHI, or financial account information. For areas such as counseling or medical consulting, there is a HIPAA-compliant Zoom account (available upon request to qualified users at extra cost) that does encrypt end-to-end.
Zoom Alert - Background Information
Issue: Personal, or sensitive, information being shared to many people
Solution: Be cautious about what information is displayed in your video's background. This can include family photos, any type of sensitive documentation, or anything that you wouldn't be comfortable sharing with the world. Best practices is to use a virtual background or simply find a spot in your house that has a plain wall.
Resources to Help You - PROTECT THE NEST!
Check out all our security tips and tricks to make sure you are safe and informed in your digital life!
Phishing Portal
Did you get a possible phishing email? Err on the side of caution and search our database to see if we've flagged it.
Important Things to Remember:
- NEVER store private information on a laptop or computer hard drive. Such protected information should remain only on ESU systems. If it must be stored separate from Banner or other secure systems, OneDrive is available for all employees and it is much more secure than local storage. Here's how to sync your OneDrive to your local computer for convenience of access.
- NOTE: OneDrive is also a great way to ensure that your files are safe even if your device fails or gets lost, stolen, or irretrievably damaged.
- The same email policies apply whether in-office or working remotely. Be vigilant when sending or receiving private information, like grades. Email should never be used for transmission of PII or PHI.
- Be very careful with paper documents containing private information, whether you are taking them home to work on or printing them off-campus. While printing these documents is discouraged, there may be times when it is necessary. If you need to handle paper documents containing private information, keep them as secure as it is possible in your environment. Treat them as if each one contained your own social security number.
- Please be mindful as you check your email that scammers are out in full force. Always use caution when answering mail and clicking on embedded links. If in doubt, please call the help desk or contact ITSecurity@emporia.edu and we will be glad to check for you. Any official communication from ESU will be branded as such. We are always glad to confirm by phone or email (ITSecurity@emporia.edu) whether communication you receive is legitimate. Our Phishing Database also contains examples of phishy emails, so check there for updates.