Best Practices in Cyber Safety
As the largest K-12 computing network in the United States, users of the LAUSD computing environment have a responsibility to do all they can to protect themselves, their accounts, the systems they use, and the secure data they deal with. For more information, review the District's Responsible Use Policy (RUP) for District Computer and Network Systems.
- Set strong passwords, change them regularly, and don’t share them with anyone.
- Keep your operating system, browser, and other critical software up to date by installing updates.
- Maintain an open dialogue with your friends, family, colleagues and community about Internet safety.
- Use privacy settings and limit the amount of personal information you post online.
- Be cautious about offers online – if it sounds too good to be true, it probably is.
- Find out more about the types of messages that should trigger red flags for you
Set secure passwords and don't share them with anyone
Remember that in LAUSD, your password is more than just a way to access your email securely, it may provide access to student records, employee payroll information, District programs, or anything else you might deal with as part of your job or partnership with the District. Therefore, keeping your password secure is extremely important. Avoid using common words, phrases, or personal information and update regularly.
Keep your operating system, browsers, antivirus, and other critical software up to date
Security updates and patches are usually available for free from major companies. Remember that companies often stop providing regular updates and support for older versions of their products, so having older versions of things on your computer tends to put you at greater risk.
Verify the authenticity of requests from companies or individuals by contacting them directly
If you are being asked to provide personal information via email, you can independently contact the company directly to verify this request. If you are not 100% certain the the request for information is legitimate, then you should never take any action except to verify independently, and if you cannot, delete and ignore the request.
Pay close attention to website URLs
Pay attention to the URLs of websites you visit. Malicious websites sometimes use a variation in common spelling or a different domain (for example, .com instead of .net) to deceive unsuspecting computer users.
Always be suspicious of an email message that doesn't "feel" right
Things that should raise red flags for you include:
- Any message sent to "undisclosed recipients" or not personally to you.
- Any message that really stresses the urgency of responding (e.g., "provide your password in two days, or your account will be deactivated").
- Any message sent from an email address that is from outside the District or from a source that you cannot identify.
- Any message that asks you to link to a website that is outside of the District or otherwise not affiliated with LAUSD (especially those with .edu. .com. .org, or websites from other countries...be especially cautious with any of these!).
Do not provide account or personal information to an untrusted sourceIf you ever get a message asking you to "update your account information" or otherwise provide personal information about yourself or your District accounts, always question its intentions. If you know for a fact that this message was generated by District systems, then you should be okay, but if you have doubts, you can always check by calling the individual who sent you the message or contacting email@example.com for help.
Never open an attachment you are not 100% certain is safe
- Be sure your anti-virus software is up to date.
- Save the file to your computer or a disk.
- Run an anti-virus scan using your computer’s software.
- Turn off the option to download attachments automatically
- This probably goes without saying, but it's important to be familiar with how your computer deals with email attachments. You should always make sure you have a system that allows you to check email attachments one-by-one and deal with them in a secure fashion.
Take advantage of junk mail folders and other anti-SPAM tools
At the Workplace
Restrict access and secure the personal information of employees and customers to prevent identity theft.
Be suspicious of unsolicited contact from individuals seeking internal organizational data or personal information.Verify a request’s authenticity by contacting the requesting entity or company directly.
Immediately report any suspect data or security breaches to your supervisor and/or authorities.Whenever you are suspicious of a possible cyber security threat, don't hesitate to let the IT Division know. You can email us at firstname.lastname@example.org or call (213) 241-5200 to alert us. When in doubt, it's always best to err on the side of caution!
Social Media, Video Games, Forums, Chat Sites and more...
Take advantage of privacy and security settingsUse site settings to limit the information you share with the general public online. Most services (e.g., Facebook. Twitter, MySpace, etc.) allow you to limit the information that the public or anyone not on your trusted lists can see. Take advantage of these.
Limit the amount of personal information you post
Be wary of strangers and cautious of potentially misleading or false information
Download the District's Social Media Policy
Only access the Internet over a secure networkMaintain the same vigilance you would on your computer with your mobile device.
Be suspicious of unknown links or requests sent through email or text message
Download only trusted applications from reputable sources or marketplacesCyber criminals love to set up companies and organizations that may appear to be legit but are actually entities designed to steal your information or cause some type of damage to computing systems. Always contact companies by phone or otherwise to verify the legitimacy of downloadable content if you are ever less than 100% certain.
Need additional help? Contact the IT HelpDesk