IT Security Services created a survey to help establish a baseline for an Information Security Awareness Program. The questions have been posted below along with additional information.
Question: To your knowledge, does Saint Louis University have an Information Security Officer?
Nick Lewis is our ISO and he can be contacted at firstname.lastname@example.org.
Question: Do you know who to contact if your computer is hacked or infected?
Contact the ITS Service Desk at email@example.com or 977-4000 or your local support person.
Question: If you have anti-virus installed on your computer, your computer cannot become infected as the anti-virus program will stop all viruses, worms and Trojans.
Anti-virus software only works as a simple barrier between you and the rest of the world. The best way to stop all viruses, worms and Trojans is to be pro-active. Be wary of e-mail you are not expecting and question the safety of websites you visit.
Question: Do you know what an e-mail scam is and how to identify one?
Be sure to ask yourself, is this too good to be true? Does it make sense? Be wary of e-mail from someone you do not know or are not expecting.
Question: Should you use personal devices, such as your mobile phone or personal computer, to store or transfer sensitive information?
The use of personal devices puts sensitive information at risk. You should only transfer and store sensitive information on approved devices.
Question: According to SLU policies, are Cloud services, other than Google Drive, allowed in our organization or used to store organizational data?
Currently, the only approved cloud service vendor SLU uses across the entire organization is Google Apps for Education.
Question: The responsibility of protecting our organization's devices and information rests solely on Information Technology Services.
The responsibility of protecting our organization's information and devices rests on all of us.
Question: My computer or information has no value to hackers; they do not target me.
Hackers are constantly trying to gain information about you and your employer as well as any access point into SLU's network.
Question: Is your work computer configured to be automatically updated? For students, is your personal computer configured to be automatically updated?
ITS managed devices are configured to be automatically updated. If you are unsure about your device, contact the service desk or your local support person. Keeping your operating system and other software up-to-date helps ensure the safety of your computer and information.
Question: Are you careful when you open an attachment in e-mail?
Always make sure it is from a person you know and that you are expecting the e-mail. E-mail attachments are the fastest way for a hacker to infect your computer. Think before you click.
Question: Has your boss or any other co-worker asked you for your password? For students, has anyone asked you for your password?
No legitimate business or organization will ever ask for your password and it should never be shared with anyone.
Question: Do you use the same passwords for your SLU accounts as you do for your personal accounts at home, such as Facebook, Twitter, iTunes, or your personal e-mail accounts?
Creating separate passwords for every account is the safest way to protect your information. Using a password manager to manage all of the passwords may be helpful. More password security tips can be found on our webpage
Question: Have you logged into SLU accounts, including e-mail, using public computers, such as computers from a public library, cyber café or hotel lobby?
Many times public computers lack the security needed to safely access your SLU accounts.
Participants who completed their survey and provided their name were entered into a drawing to win one of four Kindle Fire HD 16GB tablets. The winners are:
Christian W. Lees, junior, Parks College of Engineering, Aviation and Technology
Charlotte M. Williams, Manager, Surgery Administration
Denise M. Oppermann, Administrative Assistant, Center for Advanced Dental Education
Mary A. Lavin, Associate Professor, School of Nursing
Please e-mail the Information Security Team with any questions.