As the largest K-12 computing network in the United States, users of the LAUSD computing environment have a responsibility to do all they can to protect themselves, their accounts, the systems they use, and the secure data they deal with. For more information, review the District's Responsible Use Policy (RUP) for District Computer and Network Systems.
Set secure passwords and don't share them with anyone
Remember that in LAUSD, your password is more than just a way to access your email securely, it may provide access to student records, employee payroll information, District programs, or anything else you might deal with as part of your job or partnership with the District. Therefore, keeping your password secure is extremely important. Avoid using common words, phrases, or personal information and update regularly.
Keep your operating system, browsers, antivirus, and other critical software up to date
Security updates and patches are usually available for free from major companies. Remember that companies often stop providing regular updates and support for older versions of their products, so having older versions of things on your computer tends to put you at greater risk.
Verify the authenticity of requests from companies or individuals by contacting them directly
If you are being asked to provide personal information via email, you can independently contact the company directly to verify this request. If you are not 100% certain the the request for information is legitimate, then you should never take any action except to verify independently, and if you cannot, delete and ignore the request.
Pay close attention to website URLs
Pay attention to the URLs of websites you visit. Malicious websites sometimes use a variation in common spelling or a different domain (for example, .com instead of .net) to deceive unsuspecting computer users.
Never, ever access a web link or open a file attached to any email unless you are completely certain it is safe to do so. If you are expecting an email or know that the material linked to the message are legitimate, then you should be fine. If you have an inkling of a doubt, however, you should always err on the side of caution.
Always be suspicious of an email message that doesn't "feel" right
Things that should raise red flags for you include:
Do not provide account or personal information to an untrusted sourceIf you ever get a message asking you to "update your account information" or otherwise provide personal information about yourself or your District accounts, always question its intentions. If you know for a fact that this message was generated by District systems, then you should be okay, but if you have doubts, you can always check by calling the individual who sent you the message or contacting email@example.com for help.
If you have to open an attachment before you can verify the source, take the following steps:
Never open an attachment you are not 100% certain is safe
Many email clients (for example, Microsoft Outlook, Entourage, Mac Mail, Eudora) offer junk mail folders and filters that allow you to control how your incoming email is sorted, particularly messages from people in your contact lists from those sent by unknown sources, to help facilitate your efforts to keep junk mail separated from the messages that are important to you. Take advantage of these tools and configure them in a way that enables you to get what is important while minimizing clutter from junk mail and unwanted content.
Take advantage of junk mail folders and other anti-SPAM tools
Restrict access and secure the personal information of employees and customers to prevent identity theft.
Be suspicious of unsolicited contact from individuals seeking internal organizational data or personal information.Verify a request’s authenticity by contacting the requesting entity or company directly.
Immediately report any suspect data or security breaches to your supervisor and/or authorities.Whenever you are suspicious of a possible cyber security threat, don't hesitate to let the IT Division know. You can email us at firstname.lastname@example.org or call (213) 241-5200 to alert us. When in doubt, it's always best to err on the side of caution!
Take advantage of privacy and security settingsUse site settings to limit the information you share with the general public online. Most services (e.g., Facebook. Twitter, MySpace, etc.) allow you to limit the information that the public or anyone not on your trusted lists can see. Take advantage of these.
Do not post information that would make you vulnerable, such as your address or information about your schedule or routine. If your friend posts information about you, make sure the information is something that you are comfortable sharing with strangers. After all, you wouldn't hang a banner in front of your house that announces who you are and your phone number. Posting this information publicly online is virtually the same thing.
Limit the amount of personal information you post
If you don't know someone or are not "friends" with someone in real life, then you should not be "friends" with that person in cyberspace easily. Cybercriminals commonly exploit public spaces such as social media sites to befriend others they don't know to learn compromising information about them.
Be wary of strangers and cautious of potentially misleading or false information
Download the District's Social Media Policy
Only access the Internet over a secure networkMaintain the same vigilance you would on your computer with your mobile device.
Do not click on unknown links or answer strange questions sent to your mobile device, regardless of who the sender appears to be.
Be suspicious of unknown links or requests sent through email or text message
Download only trusted applications from reputable sources or marketplacesCyber criminals love to set up companies and organizations that may appear to be legit but are actually entities designed to steal your information or cause some type of damage to computing systems. Always contact companies by phone or otherwise to verify the legitimacy of downloadable content if you are ever less than 100% certain.