Security Tips

Computer Security Tips

Secure Your Office

  • When leaving, lock the door and keep unauthorized users away from systems.
  • Keep all media containing confidential information in a secure place.
  • Do not create any paper records of passwords.

Secure Your Computer

  • Turn computers off when leaving for the day or during extended periods of inactivity unless a special need requires that they are left on.
  • Close applications and log out when away from your computer.  Lock a Windows screen by pressing Windows Key+L.
  • Update and maintain the University installed anti-virus and anti-malware software on university owned computers.
  • Scan all removable media for viruses before using them.
  • Keep systems updated with all of the current security patches. Where possible, turn on automatic updates to apply operating system security updates. Check regularly for updates to third party applications such as Adobe, Flash, Java, or Internet browsers, etc., or consider using an automated patching solution. Automatic updates offered by Windows and Macs do not always patch these applications.

Secure Your Data

  • Back-up systems thoroughly and often, and store your back-ups in a separate secure location.
  • Do not save sensitive information to portable drives. Be sure to encrypt sensitive data wherever it is stored.

Secure Your E-mail

  • Verify the contents of any email attachment with the sender before opening and never open attachments from unknown persons.
  • Do not respond to any email with confidential information (username, password, social security number, etc.). Legitimate businesses will never ask for this information via E-mail.
  • Delete messages that you no longer need - some common practices include emptying your trash and outgoing mail folders.  (Note: follow university retention guidelines for business e-mail.)
  • Make sure your e-mail is configured to use secured, encrypted ports for sending and receiving e-mail.  See HelpDesk.LaTech.edu for information on proper configuration.
  • Change your password at least once a month using strong password guidelines.

Spamming and Phishing

Spamming is an unsolicited commercial e-mail. Spam has been used as a method to make malicious code and almost always waste computing resources.  Phishing is an attempt to gain personal or financial information from individuals by posing as a legitimate entity. Phishers are often very good at making their messages look authentic. They often ask for information such as usernames, passwords, credit card numbers, and other sensitive information.

Never respond to any email with confidential information. Louisiana Tech and other legitimate businesses or government entities will never ask for this information via email.

What to do if you get a phishing email

If you suspect that you have received a phishing email, send the email including its full header information to  This e-mail address is being protected from spam bots, you need JavaScript enabled to view it .

Identify a phishing email

Here are some hints to identify phishing emails:

  • Genuine emails do not usually provide links to click on.
  • Genuine links sent in emails from any department at Louisiana Tech University will have URL's starting with http://www.latech.edu/<something>.
  • Louisiana Tech administrative departments will not request your username and password to be entered or sent back in an e-mail reply.
  • Phishing emails generally do not contain sender's email or contain "on behalf of Louisiana Tech University."
  • Some phishing emails contain fuzzy logo symbols which are not genuine.
  • Phishing emails do not contain signatures or any contact information.
  • Genuine emails will be signed by the person it is coming from.

Be particularly vigilant whenever there are holidays or significant events, since attackers heighten their activity during these times.

How to Protect Yourself

Here are some best practices that will help protect you and your computers:

  • Beware of messages that claim your account has been suspended.
  • Be suspicious of any email with urgent requests for personal financial information.
  • Never click on a link in an email. Instead, always type the legitimate Web address of the site you want to reach directly into your Web browser.
  • Be suspicious of email messages and other electronic communications from sources you do not know or recognize.
  • Use the latest versions of your operating system (OS) and applications.
  • Have the latest security software updates (patches) installed. This includes patches for your OS and applications.
  • Keep your anti-virus software up to date.
  • Report any suspicious emails.
  • APWG (Anti-Phishing Working Group)
If in doubt, please contact the Louisiana Tech University Help Desk at This e-mail address is being protected from spam bots, you need JavaScript enabled to view it or via phone at (318) 257-5300.

Malware

Malware is a category of software programs that get installed on a computer system and perform unwanted tasks. They include anything from viruses to annoying pop-up ads to spyware.

Signs you may have malware

Most viruses are created mostly for stealing information rather than destroying it. If your computer has malware, it may act in the following manner:

  • Become unexpectedly slow
  • Lock up on applications
  • Shut down unexpectedly
  • Display error messages continuously
  • Display a lot of pop-up ads while you browse the Internet
  • Not allow programs to uninstall or files to be deleted
  • A pop-up reports malware on your computer and claims you need to install some program to remove the problem.  Do not do this--you may already be infected, but clicking on the pop-up to install a "cleaning" solution will definitely infect your computer.

It is important to understand that most university employees (faculty and staff) and students use computers both at home and at the university.  Often information, files, or even programs are used on both computers and are exchanged via e-mail, direct electronic connections such as the University VPN, or on portable storage devices such as flash drives.  Therefore, it is vital for everyone to practice computer security with malware at home and at the university.

If you get a computer virus or suspect malware on your university computer:

  1. Make sure your university provided anti-virus software is up to date.
  2. Make sure that all programs including applications and the operating system have been updated.
  3. Scan your computer with your anti-virus software.
  4. Delete everything the university provided program identifies as a problem.

If you get a computer virus or suspect malware on your personal computer:

  1. Stop activities that involve usernames, passwords and other sensitive information.
  2. Disconnect your computer from the network.
  3. Install anti-virus software on your computer.
  4. Make sure that the anti-virus software is up-to-date.
  5. Once you confirm the anti-virus software is updated, scan your system.
  6. Delete everything the program identifies as a problem.

If the program still persists, please contact the Computer Center Help Desk at at This e-mail address is being protected from spam bots, you need JavaScript enabled to view it or via phone at (318) 257-5300 for more help.

Preventing malware and viruses on your computer

  • Never open a email attachment that comes from someone you don’t know
  • Install anti-virus software on your computer and keep it up to date
  • Scan every email attachments or files that you download from the internet before you open them
  • Scan flash drives, CD/ DVD disks, other storage media, if they are from other sources

Identity Theft

The Federal Trade Commission defines identity theft as another person using your personal identifying information such as your name, social security number or credit card number without your permission to commit fraud or other crimes.

Tips to avoid personal identity theft.

  • Identify vulnerable data. It is important for you to identify the sensitive information that is vulnerable to theft on your personal laptops and desktop machines.
  • Raise awareness. Protection and management of sensitive information requires awareness by all the people who work with this type of data. Educate your friends and colleagues about how to secure sensitive information.
  • Practice avoidance. Avoid collecting, handling or storing unwanted sensitive information.

Identity Theft FAQs

What is considered as sensitive information?

Sensitive information includes legally protected elements such as:

  • Louisiana Tech University Campus Wide ID numbers (CWIDs)
  • Social Security Numbers
  • Credit card numbers, bank account numbers
  • Driver's license numbers
  • Health information
  • Confidential legal or financial data
  • Personally identifiable student/staff information 

Who handles sensitive information?

Sensitive information is handled by hundreds of people working in departments like administration, admissions, the finance department and the health center. 

What data is most at risk?

Sensitive data left on personal laptops or desktop computers are the most vulnerable to theft and will be available to all the people who have access to it, or if the property is stolen.

Facebook Security Tips

Protect your privacy and identity on Facebook

Social networking sites such as Facebook are an open book for others to harvest information about you. It is important to understand that you NEVER know who exactly is lurking to gather information about you.  Failure to take the proper precautions can lead to online identity theft, cyber stalking, actual theft if it is known that you are out of town, or even violent crimes. For this reason, it is important to manage your Facebook settings to protect yourself. Facebook has provided some powerful options to protect you online—but it is up to you to use them!

Read the Facebook Guide to Privacy

At the very bottom of every page on Facebook, there is a "Privacy" link.  The linked page is "A guide to privacy on Facebook," which contains the latest privacy functions and policies. Facebook discloses information that it sets as visible to everyone and that you cannot make private. This information includes sensitive information like your name, profile picture, gender and networks. When in doubt, use the "Preview my profile" button on any privacy settings page to check how your information appears to others.

Think carefully about who you allow to become your friend

Once you have accepted someone as your friend they will be able to access any information about you (including photographs) that you have marked as viewable by your friends. You can remove friends at any time should you change your mind about someone.

Show "limited friends" a cut-down version of your profile

You can choose to make people "limited friends" who only have access to a cut-down version of your profile. This can be useful if you have associates with whom you do not wish to give full friend status or feel uncomfortable sharing personal information.

Disable options, then open them one by one

Think about how you want to use Facebook. If it's only to keep in touch with people and be able to contact them then maybe it is better to turn off the bells and whistles. It makes a lot of sense to disable an option until you have decided you do want and need it, rather than start with everything accessible.

Think before you post

It is also important to understand that organizations often use Facebook to make important decisions such as hiring, interview screening, or even job promotions. Posts on social network sites that often seem trivial can have a great impact on one's life.  Once it is posted, you have lost control of where it goes.  The bottom line is "think before you post" statements or pictures.

More reading

A general primer on protecting yourself online can be found in "Own Your Space", downloadable from Microsoft and other sites.  A more brief, Facebook specific guide, "A Guide to Facebook Security" , available from Facebook security, provides tips tailored specifically to Facebook.