Find out how to keep your device updated and protected against online threats.

When connected to the Sidney Sussex College network, you are responsible for ensuring that your device has adequate anti-virus protection and is up to date with the latest operating system updates and security patches. Compromised devices can severely disrupt the College's network and it's users.

University Information Services (UIS) offer guides on cyber security. The Stay Safe Online course should be completed by everyone .

Below you can find some tips on staying secure:

Anti-virus

Keeping your devices protected with antivirus software is a requirement for use of the University's data network.

For Windows or macOS devices, the University provides free McAfee antivirus products for students and staff to protect your own devices. You should only have one anti-virus product running on your machine.

For devices running Linux, we'd recommend Sophos, Comodo, or the open-source ClamAV.

We would also recommend using an anti-malware program such as MalwareBytes.

If you think you have been infected, please report this to us or seeI've been infected with a virus, what should I do?

Email

Below are five top tips on staying safe with emails:

  1. Don’t click any links or open attachments
    Treat any links in email with caution. Hovering your mouse over the link can reveal the scammer's fake link. Scammers frequently create fake websites that look like legitimate ones to trick you in to entering in your account details or personal information. Remain vigilant even from a trusted sender in case their email account may have become compromised.
     
  2. Check the 'From' address in emails
    Email addresses can be faked to look correct so this isn’t a guarantee that the email is legitimate, however, if it’s incorrect to start with then you know the email isn’t genuine.

    From: Jane Doe <Jane.Doe@cam.ac-uk.com>
     
  3. Don’t give out personal/sensitive information
    One of the main goals of scammers is to gain something valuable to them. This is typically money/vouchers or data they can use or sell on such as usernames/passwords or personal data. Be wary when sending personal information to someone who has asked for it.
     
  4. Beware of emails claiming to need information/payment urgently
    While there are plenty of legitimate reasons for needing something urgently, scammers frequently use urgency to pressure and trick people in to handing over data or funds.
     
  5. Uncertain about an email? Report it
    If you’re unsure if an email is genuine, report it to us. See How do i report an email to IT?


    If you think you have fallen victim to a scam or fraudulent email please notify us immediately.
Backups

It is very easy to lose, overwrite, or delete a file accidentally; keeping backups of your files is the best way to protect yourself when this happens. Some best practises for backups are:

3-2-1 backup approach:

  • Keep at least three copies of your data
  • Keep the backed-up data on two different types of storage, eg external hard drive and cloud storage
  • Keep at least one copy of the data offsite – in the event of a major disaster such as a ransomware or a fire, having a copy of your data elsewhere will be vital, eg backups stored in the cloud or on an external hard drive left at your home

Note: Be careful when using cloud services for backups, when sync issues occur they can often erase newer versions of your files that have not yet been uploaded. You must ensure that you have an offline copy of your files if you choose to use cloud storage.
 

Take backups frequently and regularly:

Taking backups regularly ensures that if the worst happens, you’ll have a recent copy of your files available so that you’ll spend less time redoing work.
 

Test your backups:

Backups are useless if the files don’t open. Regularly check that the files you’re backing up are working.

Encryption

If you have devices that store important or sensitive files, you don’t want them falling in to the wrong hands. Using encryption for your device or external media will protect your data from being able to be read by someone else.
  
Please contact the IT Office and we can offer you advice on how to encrypt your device.

Firewall

A firewall provides protection against malicious attempts to connect to your computer through the network. We highly recommend activating the firewall that comes with your operating system. Most are enabled by default.

Please contact the IT Office and we can offer you advice on how to encrypt your device.

Passwords

Your passwords are the most common way to prove your identity when using websites, email accounts, and your computer. The use of strong passwords is therefore essential in order to protect your security and identity.

Use three random words to create a strong password. A good way to create a strong and memorable password is to use three random words. Numbers and symbols can still be used too.

Never use the following personal details for your password:

  • Names of pets, brands, celebrities, partners, children, friends or family
  • Anything related in an obvious way to you, such as your initials, email address or date of birth
  • Anything easily discovered on your social media profiles like your favourite places to visit or favourite sports teams

We'd recommend following the advice on passwords available here:

 
Physical security

Portable devices such as laptops and phones are particularly vulnerable to theft, loss, accidental damage, and resale. If your device is not suitably protected, it's also easy for criminals to steal your data or infect your computer without needing online access.

You can keep your devices safe by following the below advice:

  • Lock your room each time you leave, even if you only leave for a minute. Do not hesitate to report any suspicious activity you see to the porters
  • Purchase a locking cable such as a Kensington security cable that secures your laptop/computer from theft
  • Never leave a device on a car seat or out of your view on public transport
  • Get a padded bag. Many laptops are broken simply by dropping them

For more advice, please see: www.getsafeonline.org/protecting-your-computer/physical-security2/.

Software and security updates

Software and app updates contain vital security updates to help protect your devices. Cyber criminals use weaknesses in software and apps to attack your devices and steal your identity. Software and app updates are designed to fix these weaknesses and installing them as soon as possible will keep your devices secure.

You’ll often receive a prompt on your computer, smartphone or tablet to inform you that a software or app is ready to be updated. Don’t ignore this message.

Below is a list of popular operating systems and how you can check for updates on them. We'd recommend checking for updates at least once a week to make sure your device remains secure:

Third-party applications can contain security vulnerabilities and therefore also need to be regularly updated, consult the support documentation for the application.

Scams and fraud

A common type of fraud is computer software service fraud. This can start with either a phone call, an email, or a pop-up message in your web browser stating there is something wrong with your computer or internet connection and that it needs to be fixed.

There will either be a demand for payment to fix it or they will install software on the computer which will allow the criminals to access personal and financial details.

  • Computer firms do not make unsolicited phone calls to help you fix your computer. Fraudsters make these phone calls to try to steal from you and damage your computer with malware. Treat all unsolicited phone calls with scepticism and don’t give out any personal information.
  • Computer firms do not request credit card information to validate copies of software. Nor do they ask for any personally identifying information, including credit card details.
  • Computer firms tend not to send out unsolicited communication about security updates, although they do send security software updates. If in doubt, don’t open the email.