This page offers information, tips and resources to help promote safer computing within and beyond the Haas and UC Berkeley environments.
General Security Tips
Since your account logins provide access to various services, it is vital to keep your account secure. These logins would include everything behind your Berkeley CalNet account, as well as your personal accounts (Google, Apple, etc.).
Never share your account information with anyone. Do not share your password or post it anywhere.
Do not use dictionary words or family or department names. It is best to use a combination of alphanumeric and special characters. Also, changing your passwords periodically, at least once a year, would be helpful.
2-Step verification is an identity authentication method used by many organizations as an added layer of security against hackers and thieves.
Campus uses the 2-Step for all CalNet logins, and should be available to all affiliates (students, faculty, staff) through various authentication options.
When offered to you, be sure to enable 2-Step for your personal accounts as well.
Avoid storing personal or confidential information on your computer or mobile device(s).
If you have to store them there, make sure to protect the data by password-protecting your device(s).
Never leave your property unattended. If you need to temporarily leave your computing or mobile devices untended, make sure to lock your screens.
Most Haas-issued computers have password-protected screen locks installed. Remember to lock these screens whenever you need to leave the machine unattended.
Turn off the computer when you are not using it.
To lock your screens:
Win: Windows Key + L
Mac: Control + Shift + Eject
In the event of theft, please do not engage the thief/thieves, and contact UC Berkeley Police Department as soon as possible.
System updates and patches help keep your devices up-to-date against malware and viruses so applying them whenever they are available is recommended. You can also configure your computer to download updates automatically.
Phones and its carriers would typically have updates automatically downloaded to your device, but may require your action to click on and install them.
Insecure applications can cause trouble for your computer or phone by installing mal-, bloat- or spyware. Try to vet and verify apps and their sources before choosing to download them.
For Berkeley-imaged computers (faculty and staff), choose only applications which are on offer through UC Berkeley BigFix. If the app you require is unavailable on BigFix, send a request through [email protected].
Many viruses are spread through email attachments. If you receive suspicious or unexpected items in your inbox, even if it appears to be originating from a member of your contact list, do not open it. Reach out to your contact through a separate email to verify the authenticity of the unexpected email and attachment.
Once you determine that the email is a scam, you can report it as a phishing attack (instructions at this UC Berkeley Security page). Be sure to let your supervisor and/or teammates know too so that they may look out for similar attacks.
Protect your data by backing it up regularly. You can consider doing so by several means, including using cloud storage solutions (like your bDrive) and external or accessory drive solutions.
- U.C. Berkeley Security Basics and Best Practices
- U.C. Berkeley Security Phishing page
- U.C. Berkeley Information Security and Policy
- Protect your CalNet account with the CalNet 2-Step (recommended for faculty, staff and other employees)
- U.C. Berkeley System Status page
- University of California Office of the President – Systemwide Information Security
- Travel Tips