Humboldt State University's Information Security Team

works with the campus community to secure system and network resources and to protect the confidentiality of student, faculty, and staff information. 

The Team collaborates with IT teams in the administration of account access control and the establishment of policies, procedures and guidelines. We also track, coordinate, and mitigate responses to security incidents.

Security Incident Definition

Incidents can include but are not limited to:

• attempts (either failed or successful) to gain unauthorized access to a system or its data
• unwanted disruption or denial of service
• the unauthorized use of a system for the processing or storage of data
• changes to system hardware, firmware, or software characteristics without the owner's knowledge, instruction, or consent

We encourage you to report any activities that you feel meet these incident criteria. It is our policy to keep any information specific to your systems confidential.

Keep Your System Current

Security threats are heavily focused on exploiting vulnerabilities in common operating systems and applications. One of the most important ways to keep your information safe is to ensure your operating system, browser, and other widely-used applications such as Adobe's Acrobat Reader are kept up-to-date (as well as your antivirus). You can also take advantage of the campus-wide license for the free use of Sophos Antivirus on personal systems (requires HSU login).

Note:  Your computer will need to have the latest patches installed for Windows and Macintosh systems, as well as up-to-date antivirus definitions, in order to connect to the HSU wireless network.

Protected Information

"Protected information" (sometimes called Personally-Identifiable Information, or PII)  is an umbrella term for information that is linked to an individual person's identity. This information can be used to facilitate identity theft:

• Social Security number and name
• drivers' license number and name
• credit card number and cardholder name
• bank account informationthat would permit access to account

Universities in particular have become attractive targets for hackers because of the freedom with which information is exchanged in an educational environment. Humboldt State University, like other institutions, is legally required to be vigilant and proactive in the protection of PII that's been entrusted to us.

Frequently Used Links

Tools and Resources

Incident Response

Forms

Secure Media Transfer & Disposal Procedures

Security Resources for ITS Staff

Physical safety, including cyberstalking and cyberbullying, concerns should be reported to the HSU Police Department by calling 911 or 5555 from any campus phone.

If you need to report an information security incident that has either happened already or is in process, please use one of the emergency contact methods below:

• Email (24x7): security@humboldt.edu
• Daytime phone: (707) 826-3815
• After hours phone: (707) 826-5555 (University Police Department)

To report non-urgent information security concerns, send an email to the appropriate address below:

• Spam and other email scams: spam@humboldt.edu
• Inappropriate web behavior: abuse@humboldt.edu
• Web page security problems: webmaster@humboldt.edu

• I think my computer has a virus. What should I do?
• How can my computer have been compromised? I keep everything up-to-date.
• What constitutes protected data?
• How do I know if I have protected information on my computer?
• Is it safe to send Level 1 (PII) data through email?
• What are the best ways to protect passwords?
• How can hackers get my password?
• Are there passwords I should NEVER use?
• How do I access my computer from off-campus?
• Why is it such a big deal if someone hacks an HSU computer?

The primary document governing Information Security at HSU is the Appropriate Use Policy. 

For more information - HSU Technology Policies