Cybersecurity Awareness

Cybersecurity and COVID-19

Not finding what you're looking for?

Try our Search function!

Declutter Your Digital Files

It's easy for our digital selves to get cluttered and disorganized. A proper Marie Kondo approach to thinning out old files can keep your devices and information more secure. Plus it can improve the speed and performance of your devices.

Here are a few things you can do to improve your digital security and online safety:

1. Review Online Accounts Delete any online accounts no longer in use. If an account is still in use, remove any information that is no longer needed, like saved credit cards or documents in cloud storage. Review the privacy and security settings on websites...

Securing Your Data

Overview:

Data is one of UC Berkeley’s most critical assets. The complexity and volume of the data we are taking in is growing while at the same time regulatory requirements are becoming more stringent. These factors make correctly managing data vital for ensuring its confidentiality, integrity, and availability remain intact.

The data management lifecycle:

Proper handling of data throughout its lifecycle is critical to optimizing its utility, minimize the potential for errors, and protect it from breaches. No matter...

Best Practices for Telecommuting Securely

Please note: personally-owned computers used by multiple people in the household are unlikely to meet the Campus Minimum Security for Networked Devices (MSSND) Standard. Risks to consider with home systems include:

Multiple users with administrator access allow for download and spread of malware

Insecure configurations leave the systems vulnerable to attacks

Home use software installed that are not supported and may not be patched for vulnerabilities

Institutional information...

IT Email Communications Best Practices

Email communication theory is largely different from email communication reality. If messages include phishy email characteristics they can be skipped over and miss their intended audience. Plus, they cause concern for the reader who, instead of focusing on the message, focuses on the validity of the email.

Additionally, if emails are hastily written, include too much information (or don't include enough) they can be dismissed by the reader. A balance has to be struck and unfortunately, it's an...

Browser Extensions: How to Vet and Install Safely

What is an extension?

A browser extension is essentially a small piece of software that performs a function or adds a feature to a browser client. Since extensions are given special authorizations within the browser, they are attractive targets for attackers.

How to use extensions (more) safely

Even though extensions can be risky, if used correctly, they can be extremely beneficial. It’s especially important to research extensions if you are using an application that accesses...

Mass Email Communication Guideline

Mass email communications have a higher bar to clear in order not to get blocked by spam filters. Messages can miss the intended audience if they include phishy email characteristics. By following these rules you help ensure campus email recipients remain sensitized to characteristics that are typical of phishing messages and reduce the chance that your message gets blocked.

Communicators should follow these basic guidelines to help messages from being blocked:

Provide sufficient...

Box Collaboration Guidelines

Overview

Box has designed its service to allow users to collaborate on content using one of two features: 1) inviting collaborators or 2) sending share links to your content. Although these features enable easy collaboration of folders and files, extra precautions are necessary to ensure that data is shared with authorized users only. The best way to do that is to set the correct permissions to ensure the security and privacy of your data. In the following sections, we will discuss how to share your content safely.

This document assumes that...

Security Basics: 101

The basics of campus information security boil down to the following three concerns: Protecting Yourself, Protecting Devices, and Protecting Data

Protecting Yourself

Protect your personal information by following guidelines for managing passwords, learning how to avoid phishing scams, and by remembering secure computing practices at all times.

collapse all...

How to Protect Against SQL Injection Attacks

What is SQL Injection?

SQL injection is one of the most common web attack mechanisms utilized by attackers to steal sensitive data from organizations. While SQL Injection can affect any data-driven application that uses a SQL database, it is most often used to attack web sites.

SQL Injection is a code injection technique that hackers can use to insert malicious SQL statements into input fields for execution by the underlying SQL database. This technique is made possible because of improper coding of vulnerable web applications.

These flaws arise because...