Security Tips - University Information Technology Services

Security Tips for Your KSU Journey

Keeping your personal data safe is important! Try to keep these security tips in mind throughout your KSU journey and check back often for more tips:

Check for Updates Regularly

Visit the software website or use the built-in update checker to get the newest version.
Back up Your Data

Before installing updates, create a backup of your important files to prevent data loss.
Be Careful with USB Drives

Avoid using USB drives from unknown sources, they may contain malicious software.
Be Mindful of Public Wi-Fi

Avoid accessing sensitive information on public Wi-Fi networks. Use a VPN for added security.
Stay Informed

Follow reputable cybersecurity news sources and consider attending workshops or online courses.
Enable Multi-Factor Authentication (MFA)

Add an extra layer of security to your accounts by using a second form of verification.

Virtual Private Network (VPN)
Report Suspicious Emails
Password Tips
Financial Fraud Alert

Virtual Private Network (VPN)

KSU’s Virtual Private Network creates a secure connection between your device and KSU’s network, protecting your data as well as the University’s. You should use the KSU VPN used any time you are working away from campus—especially when using public Wi-Fi.

To begin using the KSU VPN, follow these instructions to download and install the VPN software, GlobalProtect, on the device you will be using to remotely access KSU services and/or your office desktop.

Get Started with the KSU VPN

Report Suspicious Emails

Reporting suspicious emails is as simple as clicking the "Phish Alert Report" button in your KSU email application and confirming your submission in the pop-up panel on the right-hand side of the screen.

Find answers to some common questions below. For details and examples of suspicious emails, check out the Phish Market!

What does the "Phish Alert Report" button look like?

The "Phish Alert Report" button can look slightly different based on whether you're using Outlook on the Web (ksumail.kennesaw.edu), the Outlook app on your computer, or Outlook for mobile devices. See the related image to familiarize yourself with the variations.
What happens when I click the "Phish Alert Report"?

When a user clicks the "Phish Alert Report" button, another pop-up on the right-hand side of the screen will confirm your choice to report the email. The email will then be deleted from your inbox and forwarded to the UITS Office of Cybersecurity for investigation.
What if I made a mistake in clicking the "Phish Alert Report" and need to access a reported email?

If a user needs to access a message that has been reported, the message can be found in that user's "Deleted Items" folder until it is emptied-which makes the deletion permanent, similar to any other deleted message. As long as the message is still in the "Deleted Items" folder, it may be moved back to the user's inbox.
What if I'm not sure whether an email is a phishing attempt?

It's always better to err on the side of caution. If you are unable to verify a sender's unusual or suspicious request in-person, by phone, or through a Teams message, you can report that message by clicking the "Phish Alert Report" and confirming your submission on the pop-up panel on the right-hand side of the screen. You can also check the Phish Market site for information about any ongoing, campus-wide alerts.

Learn more about reporting emails

Password Tips

Keep your password private! Never share your KSU password with anyone, even if a person says they work for KSU. (UITS will never ask for your password.) 

Tips for Creating an Effective Password

Complexity is key: Incorporate a mix of numbers, special characters, and uppercase and lowercase letters. Avoid simple or guessable patterns like "password1234."  
Uniqueness matters: Use a different password for each account.  
Length is strength: The longer your password is, the better. Each password should include at least 12 characters.  
Phrases may outperform words: Consider using memorable phrases or short sentences as passwords—and remember to include numbers and special characters, as well.  
Passwords should be updated regularly: Change your password every 6–12 months, at a minimum. If you suspect your account has been compromised, change your password immediately. Please note that your KSU password expires yearly. You will receive email reminders via KSUmail starting 30 days prior to the expiration date.

Changing Your Password 

As noted above, your KSU password expires yearly, and you will receive email reminders via KSUmail. However, you can change your password prior to the automatic expiration date by logging in to netid.kennesaw.edu.  

Change your Password

Financial Fraud Alert

Colleagues, please be aware of an emerging financial threat targeting university employees. Malicious individuals are targeting employee email accounts which, after successful compromise, are used to send illegitimate communications and attempt financial system access.  

What to Look For

Unexpected DUO prompts
Faux job offers that require payment upfront  
Unusual activity on your OneUSG and/or email accounts.

How to Protect Yourself

Use caution when replying to emails with an EXTERNAL tag
Never accept unexpected DUO requests and, if you receive an unexpected DUO request, immediately change your NetID password and notify the ServiceDesk
Report any suspicious activity to the UITS Service Desk

Learn more about Phishing Emails