Security Tip: Misconceptions

“People think that information security is about technology, but it is really about educating people.” – Patricia Patria, Vice President for Information Technology, Becker College

Information assets are vulnerable anywhere, anytime, from any place on the planet; there is no state of complete security. In fact, there are several misconceptions surrounding information security. Namely, that security is a one-time project and not an ongoing process; IT staff can handle security issues by themselves; and security is all about technology. The fact of the matter is a data breach will likely happen at some point, it is just a matter of when.

Although security technologies are critical to protecting information and networks, about 90 percent of all breaches have some sort of human component, according to EDUCAUSE*. In fact, within IT@Sam, there is a continual process of monitoring, operating, and implementing improvements and policies to keep up with the landscape of threats. However, information security is multilayered and must involve everyone at SHSU.

Here are but a few simple things you can do to help avoid a data breach:

  1. Limit the number of third parties you give information to.
  2. Do not click on links in emails that are unsolicited or suspicious.
  3. Don't overshare on social media.
  4. Frequently change PINs and passwords to personal accounts.
  5. Create strong passwords with at least eight characters – a number, a symbol, a lowercase and uppercase letter and even misspelled words.

*EDUCAUSE® is a nonprofit association and the foremost community of IT leaders and professionals committed to advancing higher education.