Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks, or in more often the case in school environments, preventing people who should not have access to valuable and sensitive data from being able to access it.
Use a complex combination of letters, numbers, and special characters. Use system-generated passwords, and don’t allow users to generate their own.
Don’t use the same password across multiple accounts.
Use a password manager to generate, securely store, and manage complex passwords.
Add an extra layer of security by requiring additional verification (e.g., text message code, authentication app) along with your password.
---
We ask that all staff members enable 2 Factor Authorization on their ICS Work accounts.
2FA authorization is adding an additional check or "factor" into the login process as a way of verifying that the person signing into the account is who they say are. If a normal process is logging in with a username and password (1FA), 2FA adds one additional verification, often a text message or email sent with a link to confirm. In this specific case, it's connecting your phone number to your work account, to receive a text message when you login to a new device for the first time.
You can find instructions on how to do so here.
Ensure that your operating systems, software, and applications are regularly updated to patch vulnerabilities.
Enable automatic updates so that your devices and systems automatically receive the latest security patches.
Use reputable antivirus, ant-spyware, and anti-malware tools to scan and block malicious software.
Run routine scans to detect and remove threats.
Implement regular—at least daily—malware pattern updates.
Firewalls help block unauthorized access to your network by monitoring incoming and outgoing traffic. Ensure both software and hardware firewalls are enabled.
Set up WiFi with WPA3 encryption, and change the default router password.
Avoid using public WiFi for sensitive transactions unless using a private, secured VPN.
Maintain backups of critical data on a secure, off-site, or cloud-based storage system.
Ensure that your backup process works by testing restores periodically.
Ensure that you and other users are familiar with phishing and other social media and social engineering exploits.
Be skeptical about unsolicited offers and requests, particularly those around money or goods. For example, a common email attack involves a courier company asking for money to complete delivery.
Conduct regular training on phishing, social engineering, and security awareness to help employees recognize potential threats.
Implement security policies, such as acceptable use policies and data protection guidelines.
Don’t click on suspicious links or download attachments from unverified emails.
Set up spam filters to reduce phishing emails and block malicious links.