Safe Computing and Security
Safe computing at PennWest Clarion
Protect your personal information, prevent identify theft, and secure your computer
and data...follow these Safe Computing practices...
** New -- check out the Security Awareness Resources / Training page
- Never disclose personal information and passwords via email, beware of Scam Attempts.
- You should NEVER provide your password or other sensitive information to someone via email and you should NEVER follow web links in a suspicious message!
Please note that PennWest Clarion will NEVER ask you to send or verify your password information via email! We are continuing to receive reports about password scam attempts being sent to Clarion accounts. You should NEVER provide your password or other sensitive information to someone via email. If in doubt, use caution and DO NOT REPLY. DO NOT OPEN ATTACHMENTS, and DO NOT FOLLOW LINKS IN A SUSPICIOUS MESSAGE.
If you have questions about a particular Clarion message, please contact the PennWest Clarion Center for Computing Services (firstname.lastname@example.org or x2640) for assistance.
Please protect your personal information - be suspicious when you receive unsolicited emails or phone calls. Watch out for emails claiming to be from universities, retailers, banks, or government agencies that threaten to close accounts or require you to "confirm" personal information.
See our Phishing Scam Examples page for samples of past scam messages. Watch out for scam messages that claim to be from Clarion, a "web team", or a technology help desk. The scams all ask for a reply with your password or follow-up via an embedded link to verify your information (the link leads to a malicious web-site that may even attempt to look like a Clarion site). You should NEVER provide your password to someone via email or follow a link in a suspicious message.
For additional information on email scams, please see our Safe Computing - Phishing Scams page.
Passwords are the key to accessing many services. Passwords are one of the most important fundamental safeguards to protecting your information. Unfortunately, passwords are also one of the top reasons for security compromises due to the selection of weak passwords or the careless disclosure of password details.
Here are some important password practices:
- DO NOT SHARE OR REVEAL YOUR PASSWORD to others. NEVER send your password via email. Review our Protecting Your Personal Information procedures. Memorize your password - do not write it down.
- CHOOSE STRONG PASSWORDS - use a mix of numbers, letters, and special characters to create a strong hard-to-crack passwords. Do not use dictionary words, your name, or other personally identifiable information (family names, ID or phone numbers). See our Creating Strong Passwords Tip Sheet for additional information. (login required)
- VARY YOUR PASSWORDS - do not use the same password for your Clarion accounts and other personal accounts (Facebook, Google, banking, etc.).
- CHANGE YOUR PASSWORD ON A REGULAR BASIS - at least every 90 days.
Please see the following sources for tips and additional information on creating effective passwords:
Mobile devices, like smart phones, tablets, iPads, laptops, and netbook computers allow us to stay connected when we are "on the go". Here are a few tips for using your mobile device safely.
- Public Access Wi-Fi Networks - Your data is not safe when you use a public Wi-Fi network (any wireless network
that allows you to join without a password or with a common password). Almost anything
that goes across your screen can be seen by those around you. This includes those
who may look over your shoulder, as well as anyone who may be "sniffing" network traffic.
Someone "sniffing" network traffic can acquire any username or password that you may
use or any data that you send over the Internet, compromising your safety and security.
- Be cautious about the site you visit and the information you release, especially when you are online through an unsecured or unprotected network.
- Get savvy about Wi-Fi hotspots: limit the type of business you conduct and adjust the security settings on your device to limit who can access your phone.
- Protect your $$$! When banking and shopping, check to be sure the site has security enabled. Look at the web address and make sure you see https:// in the URL. The 's' means it's a secure, if it just says http:// then it's NOT secure.
- Disable the geotagging feature on your phone.
- Use a personal firewall when on an untrusted network (e.g., cafe, hotel, or conference center). Set the firewall to deny ALL incoming connections.
- Protect your mobile device from viruses and other threats - Just like your desktop computer, smart phones, and other mobile devices can get infected with viruses and malware. Most mobile devices have free or inexpensive software that can protect them from these threats. Search your devices app store for "antivirus" to see what's available.
- Protect your device with a password or PIN - Most mobile devices have the ability to require a password or PIN to use the device. This is recommended if you use your device to send and receive university email.
- Texting and SPAM - Just like you need to use email responsibly, you should also protect your cell
phone number. Spammers, identity thieves, predators and cyber bullies also use cell
phone text messages to inflict harm.
- Keep your cell phone number private and only give it to people you know and trust. Be careful about where you post your number, including your Facebook profile or other social sites.
- Never reply to text messages from people that you don't know.
- Be suspicious of URL's sent to you in unsolicited text messages or from individuals you do not know. For example, attackers may send you a text message claiming that there is a problem with your account. If you visit the website they send you, they may lure you into providing personal information or downloading a malicious file.
- Be careful of meeting someone face-to-face if you only "know" them through texting. They may not be truthful with you. Let someone else know where you are going, take someone with you, or arrange to meet in a public place during the day time.
Scammers will try to get you to go to websites that look legitimate, but are actually traps. You should always verify the authenticity of the websites you visit, particularly banking and credit card websites. This also applies to the MyClarion and the Password Change web page.
Here's how you can make sure these sites are not imitations:
- Verify the URL - When you log into MyClarion, the URL line at the top of your web browser should
only show: "https://myclarion.edu/psp/epprod/?cmd=login&languageCd=ENG". If it does
not, then DO NOT ENTER YOUR USERNAME AND PASSWORD!
When you go to the Password Change web page, the URL at the top of your web browser should only show "https://pwss.clarion.edu/changePassword.asp". If it does not, then DO NOT ENTER YOUR USERNAME AND PASSWORD!
- Check for the lock symbol - A lock symbol should be displayed next to the URL at the top of your browser. You should click on the lock symbol to verify the authenticity of the website.
- Check the GeoTrust logo or digicert logo - If the site has a "Verified by GeoTrust" logo, it should display the current date and time. You should click on the logo to verify the authenticity of the website.