Information Security

Top 10 Security Measures

1. Use a strong password

A strong password is one of the best ways to protect yourself against identity theft and unauthorized access confidential level 1 information.  Do not share your password or post it anywhere. Do not use dictionary words, family, or department names.  Change passwords often. Check our tips for creating a strong password.

2. Protect confidential level 1 information

Security of confidential data is of utmost importance at CSU, Chico. Be cautious with any protected data, and store as little on your computer or in unlocked areas as possible.  Do not store level 1 protected data (e.g., social security or credit card numbers) on your workstation or on your desk. Do not post social security numbers or grades in any public location or on the Internet. Confidential grade posting is possible through Blackboard Learn.

Anyone utilizing/accessing university computer systems, related data files, and information shares the responsibility for the security, integrity, and confidentiality of information. For more information see the CSU, Chico Data Classification and Protection Standards. (PDF)

3. Make sure your operating system and virus protection are up-to-date

Make sure you computer has the latest patches, security fixes and anti-virus software. Set your computer to have updates downloaded and installed automatically. 

  • Windows Updates for Managed State Computers
  • Windows Updates for Non-Managed Computers
  • McAfee Anti-Virus Products

4. Use secure and supported applications

Any software you install has the potential to be exploited by hackers, so be very careful to only install applications from a trusted source. Bit9 is a software is available for State-owned computers as a means of white listing acceptable applications to be installed on a desktop. The use of pirated software is illegal and in breach of CSUC's Policy on Use of Computing and Communications Technology.

5. Be wary of suspicious emails

Don't become a phishing victim. Stop, Think, Connect.  Always check links in an e-mail before clicking.   Learn how to recognize the signs of a hidden attack.  Don't open email attachments until you've verified their legitimacy with the sender. If you suspect the message isn't legit, delete it.

6. Store confidential information only on CSU, Chico servers

Unencrypted CDs, DVDs, and USB drives are convenient ways to store data; the trouble is, they're just as convenient for thieves as for you. Wherever possible, store confidential level 1 and 2 information in your Bay folder.  If you must store confidential information locally or on an external media, you should encrypt it and then delete it as soon as you no longer need it.

7. Back up your data … and make sure you can restore it

If your computer becomes infected or the hardware fails, you may be unable to retrieve important information. Store your University data on Box. Check with ITSS if you need help with this. You can also read more on how to protect against a data disaster.

8. Protect information in all its forms

Protecting your digital data is important. But paper and the human voice remain important elements of the security mix. Keep confidential printed information in locked file cabinets and shredded when no longer required. If you're talking about confidential level 1 information on the phone, take appropriate steps to ensure you're not overheard. 

9. Learn to be security-aware

All employees are enrolled in the CSU Information Security Awareness training. If you haven't received an invitation to take the training, contact

10. If you're unsure about something - ask!

In addition to this web site, there are many resources on campus to help you; start with the ITSS or the Information Security Office. Questions or concerns specific to your role at the University should be referred to your supervisor or advisor.

In any situation where you believe that there is a threat to the physical safety of a person or property, contact the University Police immediately.