Cybersecurity Awareness

SSH Key Management

A SSH key with a passphrase provides additional security and can act as an additional authentication factor. Adding a passphrase to your SSH keys is recommended to comply with the Remote Access Services Requirement of the Minimum Security Standard for Networked Devices (MSSND)

See instructions for...

Password Management with LastPass

Overview

Creating strong, unique passwords for each of your personal and work accounts isn't a chore when using a password manager - like LastPass. LastPass can generate and remember passwords for you - no more writing your passwords down and potentially exposing your credentials. Using strong and unique passwords on each of your accounts increases your personal and professional online security.

UC Berkeley offers FREE...

Cybersecurity and COVID-19

Not finding what you're looking for?

Try our Search function!

Declutter Your Digital Files

It's easy for our digital selves to get cluttered and disorganized. A proper Marie Kondo approach to thinning out old files can keep your devices and information more secure. Plus it can improve the speed and performance of your devices.

Here are a few things you can do to improve your digital security and online safety:

1. Review Online Accounts Delete any online accounts no longer in use. If an account is still in use, remove any information that is no longer needed, like saved credit cards or documents in cloud storage. Review the privacy and security settings on websites...

Securing Your Data

Overview:

Data is one of UC Berkeley’s most critical assets. The complexity and volume of the data we are taking in is growing while at the same time regulatory requirements are becoming more stringent. These factors make correctly managing data vital for ensuring its confidentiality, integrity, and availability remain intact.

The data management lifecycle:

Proper handling of data throughout its lifecycle is critical to optimizing its utility, minimize the potential for errors, and protect it from breaches. No matter...

Backing Up Your Data

What is a Backup?

A backup is a second copy (or more) of your digital files and it can protect you from data loss. You can access this backup in the event your device or data become inaccessible, destroyed, or damaged. Data loss can occur in many ways: a computer or hardware crash, a lost or stolen device, data corruption, or malware that encrypts it and holds it for ransom.

Two types of backup are sync services and traditional backups: Sync (or cloud) services backup individual files and do not include...

Best Practices for Telecommuting Securely

Please note: personally-owned computers used by multiple people in the household are unlikely to meet the Campus Minimum Security for Networked Devices (MSSND) Standard. Risks to consider with home systems include:

Multiple users with administrator access allow for download and spread of malware

Insecure configurations leave the systems vulnerable to attacks

Home use software installed that are not supported and may not be patched for vulnerabilities

Institutional information...

Browser Extensions: How to Vet and Install Safely

What is an extension?

A browser extension is essentially a small piece of software that performs a function or adds a feature to a browser client. Since extensions are given special authorizations within the browser, they are attractive targets for attackers.

How to use extensions (more) safely

Even though extensions can be risky, if used correctly, they can be extremely beneficial. It’s especially important to research extensions if you are using an application that accesses...

IT Email Communications Best Practices

Email communication theory is largely different from email communication reality. If messages include phishy email characteristics they can be skipped over and miss their intended audience. Plus, they cause concern for the reader who, instead of focusing on the message, focuses on the validity of the email.

Additionally, if emails are hastily written, include too much information (or don't include enough) they can be dismissed by the reader. A balance has to be struck and unfortunately, it's an...

Mass Email Communication Guideline

Mass email communications have a higher bar to clear in order not to get blocked by spam filters. Messages can miss the intended audience if they include phishy email characteristics. By following these rules you help ensure campus email recipients remain sensitized to characteristics that are typical of phishing messages and reduce the chance that your message gets blocked.

Communicators should follow these basic guidelines to help messages from being blocked:

Provide sufficient...