Information Security Tips

  • Protecting Data While Using Wireless Networks
  • Policy for Acceptable Use of Campus Computing and Communications Technology
  • Beware of Hotbar
  • Avoid Spam
  • Protect Your Credit Card Information Online
  • Avoid Identity Theft
  • Legal Music Downloading
  • E-mail is not secure
  • Protect Copyrighted Works
  • Kazaa Spreading Viruses
  • Web Information for Students to Avoid Identify Theft

Protecting Data While Using Wireless Networks

As wireless networks increase, it is possible to check e-mail, surf the Internet, or conduct research from your laptop virtually anywhere. The university offers Wildcat Wireless service in and around the library, the BMU, Cafe by the Creek, Kendall Hall, Colusa Hall, Continuing Education Building, as well as some residence halls, with more locations coming soon.

With the convenience of using wireless, it is vital to protect your data as it moves through the networks. Hackers can &quota;sniff&quota; (or intercept) confidential information transmitted over wireless connections. It is extremely important to make sure your computer has current virus software and your operating system and software applications have the latest security patches.

In order to use the campus network you must pay a low monthly (or yearly) fee for a subscription. To connect to Wildcat Wireless, you need to download the VPN (Virtual Private Network) client. This software verifies that you are an authorized user, and insures that only authenticated users are on the network.

For more information...

Visit Wildcat Wireless or call at 898-6868
Visit Downloading the VPN client
Visit Wireless Availability Map (PDF)
Visit Current Microsoft operating system updates

Policy for Acceptable Use of Campus Computing and Communications Technology

Assuring that our campus computing and communications resources are used appropriately and legally is important to all of us. Access to these university facilities and resources is a privilege granted for educational use and legitimate university-related business.

Acceptable use of computing and communications resources at CSU, Chico includes...

  • Respect for the legal protections provided by copyright and license to programs and data as well as by university contractual agreements.
  • Respect for the rights of others by complying with all university policies regarding intellectual property.
  • Using accurate identification in all electronic communications to avoid deliberately misrepresenting any user's identity.

All users should be aware of and have read the official university "Policy on Use of Computing and Communications Technology", EM 97-18.  

For more information...

Contact Information Resources at x6212

Information Security Tip - Beware of Hotbar

Hotbar, a shareware program for PCs that provides smiley faces and other icons, can shut down your computer or make it vulnerable to outside intrusion. Hotbar is being pushed through unsolicited (spam) e-mail purporting to be an upgrade to Microsoft Outlook. Once installed on your system, Hotbar records the address of every Web site you visit. It then sends that information back to its controlling server along with a unique ID that allows your Internet use to be tracked and sold to advertisers. Hotbar also records network information so it can punch a hole though network security systems which can make the entire network open to virus or other attack.

E-mail you send to anyone else can also be affected. The recipients can be tracked, and hidden code within the mail may also retrieve information from our servers (such as text and/or banner promotions) which will, in such case, also appear in the e-mail sent.

For more information...

Visit Information Security

Information Security Tip - Avoid Spam

To help prevent spam (unsolicited, commercial e-mail):

  • Never respond to spam or click &quota;remove me&quota; from large, unknown sites. This confirms your e-mail address and you're likely to get more.
  • Use a second e-mail address to sign up for non-university newsgroups, chat rooms, and mailing lists, or for purchases. Free e-mail service is available through Hotmail and Yahoo.
  • Check the privacy policy when you submit your address to a Web site.
  • Use an e-mail filter. Attend User Services workshops on the use of Microsoft Outlook and ways to filter some spam messages.
  • Let the Federal Trade Commission know if a &quota;remove me&quota; request is not honored or if a removal link doesn't work; www.ftc.gov/

Avoid these common scam offers:

  • Chain letters that involve money or valuable items and promise big returns
  • Work at home opportunities
  • Products that promote effortless, long term weight loss
  • Offers to erase accurate, negative information from your credit record
  • Promises to provide a loan for a fee
  • Adult entertainment sites offering &quota;free&quota; content which may reconnect to international long distance phone numbers, at rates up to $7/minute

To file a complaint or for information on consumer issues visit www.ftc.gov/, the Federal Trade Commission.

Protect Your Credit Card Information Online

When shopping online, protect your credit card information from being stolen and abused.

  • Consider using only one credit card online, perhaps one with a low limit.
  • Use a credit card that has a good liability policy if the number has been stolen. Most major credit cards limit your liability to $50.
  • Never use a debit card online.
  • Where possible, have your vendor NOT store your credit card number for use next time. This may keep your card number off of their Web server.
  • Make certain the site is encrypting your credit card number. Your Web browser will have a small picture of a lock that is closed at the top or bottom of the page when using encryption. Also, check the URL of the page to see if it starts with &quota;https://&quota;, which means the page is encrypted.
  • Finally, some credit card companies offer one-time use credit card numbers that are tied to your main account and any subsequent attempts to use it will be denied. American Express and the Discover Card both offer this service.

For more information...

Visit Information Security

Avoid Identity Theft

Identity theft is one of the fastest growing crimes in the nation, accounting for 43 percent of all complaints received by the Federal Trade Commission in 2002, that's 161,800 complaints, up 88 percent. The average victim spends 175 hours and $800 resolving identity theft problems, and it can take two to four years.

To lower your risk:

  • Don't carry your Social Security card or SSN on other cards.
  • Tear up or shred papers with personal information, including credit card offers and &quota;convenience checks&quota; you don't use.
  • Don't give out personal information on the phone - unless you made the call or know the caller. The same goes for mail and the Internet.
  • To limit the sharing of financial information, write to your bank, credit card, insurance, and securities companies to &quota;opt-out.&quota;
  • Check credit card bills for unauthorized charges and report any to your card issuer. Call if bills don't arrive on time.
  • Stop pre-approved credit card offers by calling toll-free 888-5OPTOUT.
  • Get your credit reports at least once a year. Check for changed addresses or fraudulent information. Costs about $8.

For more information...

Visit Information Security
Visit http://www.privacy.ca.gov/consumers/identity_theft.shtml, Information from California Office of Privacy Protection

Legal Music Downloading

One recent national survey shows the number of illegal music downloaders fell from 35 million last spring to 18 million last fall. But other measurements say illegal file sharing is still going strong. Downloading free music can violate copyright laws and make your computer vulnerable to hackers and viruses. A legal and safe option is now available through numerous online locations which sell individual music tracks typically for 99 cents or less. Some sell albums for $9.95 or have a monthly fee. The digital tunes can legally be played on the computer, transferred to portable music players, and burned onto CDs.

Apple iTunes, the forerunner in this market for both Macs and Windows platforms, sold more than 30 million songs since April. Wal-Mart, RealNetworks, Sony, Rhapsody, MusicMatch, EMusic Napster, Walmart, MP3University, and BuyMusic. have launched music downloading services. These can be found on the Internet by doing a search or typing in www, followed by the service name, then .com.

E-mail is not secure

Sending information through e-mail is not secure, and hackers could intercept your information. The university e-mail system and most other e-mail programs are not encrypted and can be vulnerable to outsiders who use sniffers to hack into our network and allow your messages and attachments to be read. Be aware personal or confidential information such as social security numbers, bank account numbers, grades, etc. could be compromised.

In addition, to protect your computer from e-mail viruses, delete messages and attachments from unknown sources. By not opening these attachments and keeping your anti-virus software up-to-date, you minimize the chances of a virus infecting your computer. Current virus software can help handle these threats. PC users still using McAfee 4.5.1 should upgrade to version 7. Mac users should use Virex.

For more information...

Visit Information Security
Contact IT Support Services at x6000

Protect Copyrighted Works

Copyright is a protection provided by U.S. laws (title 17, U.S. Code) to the authors of &quota;original works of authorship,&quota; including literary, dramatic, musical, artistic, and other works. Campus information is available at Use of Copyrighted Materials. This protection extends to both published and unpublished works and generally gives the owner exclusive right to do and to authorize others to do the following:

  • To reproduce the work in copies or phonorecords;
  • To prepare derivative work;
  • To distribute copies or phonorecords to the public by sale or transfer of ownership, by rental, lease, or lending;
  • To perform the work publicly, for literary, musical, dramatic, and choreographic works, pantomimes, and motion pictures and other audiovisual works;
  • To display the copyrighted work publicly, for literary, musical, dramatic, and choreographic works, pantomimes, and pictorial, graphic, or sculptural works, including the individual images of a motion picture or other audiovisual work; and
  • In the case of sound recordings, to perform the work publicly through digital audio transmission.

It is illegal for anyone to violate any of the rights. These rights, however, are not unlimited in scope. One major exception is "fair use," section 107 of the 1976 Copyright Act which provides for use of parts of copyrighted works under defined and specific circumstances. From U.S. Copyright Office,http://www.copyright.gov/.

Kazaa Spreading Viruses

A study from TruSecure showed that nearly half of all software traded over the Kazaa file-sharing network was infected with malicious code. The findings apply not to music and video files but to executable files, including programs designed to circumvent digital copyright protections. Some of the malware infected files on a user's computer; other code would steal user passwords or allow hackers to control an infected machine. Most infected files have .exe extensions, but could be disguised with a .wav or .jpg extension. Current antivirus software would be able to identify 85 to 90 percent of the problematic code found in Kazaa files.

Current virus software can help handle these threats. PC users still using McAfee 4.5.1 should upgrade to version 7. Mac users should use Virex.

For more information see...

Visit Virus/Security Information
Visit Information Security
Contact User Services at x6000

Web Information for Students to Avoid Identify Theft

The U.S. Department of Education has launched a Web site (http://www.ed.gov/misused/) designed to educate students about the dangers of identity theft. College students are reminded to shred unused credit card applications, or any documents with account numbers, social security numbers, addresses, etc. to prevent identity theft. Students should carefully check credit card and bank statements for fraudulent charges or activity. The new Web site offers tips on how to prevent having personal information compromised and provides information on contacting various agencies to report identity theft. Other information security information is available at Information Security.

For more information...

Visit Protecting your Social Security number - Privacy Rights Clearinghouse
Visit Identity theft - Calif Office of Attorney General
Visit Protecting Your Personal Information - Federal Trade Commission