ERM Free Training videos

UNLOCKED: Security Awareness Training available through ERM Cybersecurity Solutions

Welcome to the College of Southern Nevada’s resource for information technology security. It is important that everyone who uses a computer, laptop, tablet, mobile phone or any kind of smart device understands how to keep their information safe. OTS is committed to helping our faculty, staff and students protect their information and keep it as secure as possible.

Secure choices you can make:

Click Wisely: Beware of phishing emails and scams and only click on links you trust.  Forward suspicious emails to .

Protect Your Password: Use strong and unique passwords and implement two-step verification when possible.  Don’t share your password and use different passwords for work and non-work activities.

Protect Data: Make sure to protect PII data you may handle. Securely encrypt (Link to encrypt how to) or delete files with sensitive information.

Use CSN Email: CSN email should be used to conduct CSN business.  Don’t forward or save college sensitive emails to personal devices or email accounts.

Use Supported Tools: Don’t use unsupported or unapproved software or hardware without consulting OTS.  Downloading software to CSN devices or attaching voice enabled devices or hardware to the CSN network can compromise data at the college. 

Physical Security: Never leave laptops and mobile devices unsecure and unattended.  Secure your area and lock computer screens before leaving them unattended-even if for a few seconds!  Password protect all of your devices using strong authentication when possible.

 

Acceptable Use Policy
Information Security Plan
Password security

How Strong is your Password?

Cybersecurity video - Cyber Safety for Students

Pause, Think and Act (Security Awareness Video)

Cybersecurity Newsletter

Cybersecurity: OUCH! Newsletter

Stop, think, connect campaign logo

Cybersecurity: Stop | Think | Connect

The Power of Updating

Courtesy of Sans.org • May 2020 • The Monthly Security Awareness Newsletter for Everyone

Overview

You may not realize it but cyber attackers are constantly looking for and finding new vulnerabilities and weaknesses in the software people use every day.  This software may run your laptop, could be the mobile apps you use on your smartphone, or perhaps even the software in your baby monitor or other devices in your home.  Bad guys take advantage of these software weaknesses, allowing them to remotely break into devices around the world.  At the same time, the software and device vendors are constantly developing fixes for these weaknesses and pushing fixes out as software updates.   One of the best ways you can protect yourself is to ensure the technologies you use all have the latest updates, making it much harder for cyber attackers to break into them.

How Updating Works

When a software vulnerability is discovered, a software update (also known as a patch) is developed and released by the vendor. Most software programs and devices nowadays have a mechanism to connect over the Internet to a vendor's server to obtain the software update. This update, nothing more than a small program, typically installs itself and fixes the vulnerability.  Examples of software you need to update are the operating systems that run your laptop (such as Microsoft Windows or OSX) or run your smartphone (such as Android or iOS).  Additionally, but often overlooked, you need to update the programs that run on your devices, such as your laptop’s web browser, word processor, messaging software or your phone’s mobile apps (especially social media apps).

This is why, whenever you purchase a new computer program or a new mobile app, check first to be sure the software vendor is actively updating the program or device.  The longer software goes without any updates, the more likely it has vulnerabilities that cyber criminals can exploit.  This is why many vendors, such as Microsoft, automatically release new patches at least every single month.

Finally, if you are no longer using a certain computer program, software or mobile app, remove it from your system.  The less software you have to update, the more secure you are.

Updating


There are two general ways of updating a system:

Automatic -

Whenever a device, operating system, program, or mobile app detects that a new update has been released by the vendor, it automatically downloads and installs the update.  The advantage of automatic updates is that you don’t have to do anything. The software ensures that the technologies you are using are current. The disadvantage of automatic updates is the updated program could cause a problem resulting in the loss of functionality or data.  This is rare for personal devices, but can happen for more complex environments, like large corporations.


Manual -

When an update for a device, operating system, program, or mobile app is available, you must manually download and install the update.  This gives you more control over what and when updates are installed.  Larger organizations (such as hospitals or utilities) typically like manual updates because it allows them to test the changes first to detect and address any issues caused by the update. The disadvantage of manual updates is that it may take you much longer to update the system, or you may even forget to install the update.

Conclusion

For individuals, families, and small businesses, we highly recommend you enable and use automatic updating on all of your devices.  This ensures that all of the technologies you are using, from your smartphone and laptop to your baby monitor and door locks, all have the latest software. Up-to-date devices and software make it that much harder for any bad guys to attack them.  Enabling automatic updates is one of the simplest and most effective ways to protect yourself and securely make the most of today’s technology.

Resources
Got Backups
Four Simple Steps to Being Secure

Making Passwords Simple
Digital Inheritance
Wired Review of Best Password Managers

 

 

How do I send an encrypted email?

Whenever you need to send an email to a recipient outside of CSN, it is very important that it be encrypted, especially if it contains Personally Identifiable Information (PII) of students, staff, or faculty. PII is defined by the US Government as:

Information which can be used to distinguish or trace an individual's identity, such as their name, social security number, biometric records, etc. alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother’s maiden name, etc.

Send An Encrypted Email Graphic

I’ve Received Spam or a Suspicious Email. What Should I Do?

If you have received spam or a suspicious email, follow the steps below: 

  1. Do not click any links within the email.
  2. Forward the message to so the OTS team can investigate the email.
  3. Delete the email.


If you have clicked any links within the email or opened any suspicious attachments, contact the OTS Help Desk.