Working in Human Resources, by default, gives you access to “S4” information. “S4” information is the highest rating the university gives for sensitive data. Here are a few things you can do to help protect the information entrusted to you by CFAES and Ohio State:
- If you receive an email or phone call where you are to provide or verify information such as your Social Security Number, credit card, your username/password, it is likely a phishing attempt and you should not provide this information. If it is your personal email, simply delete the email (do not click on any links). If it is your OSU employee email, do not click on any links and forward the email to report-phish@osu.edu. No reputable company will ever ask you for this information.
As a reminder, CFAES nor Ohio State will never ask you for your username and password.
- Lock your computer when you step away. If you leave your computer unlocked and accessible to anyone passing by, it provides an opportunity to either steal information or manipulate sensitive information.
- Never share your password with anybody. If you are pressured to do so, don’t as it violate OSU policy.
- Do not log into another computer as yourself so someone can work with your elevated system access. If they can’t perform their duties as is, have them speak with their manager.
- If you have someone in your office, be aware of what you have on your monitor. If it’s information they wouldn’t normally see, minimize the window.
If you suspect an issue or have any security related questions, immediately call/email/Lync Rob Clifford(.158) and report the issue.
January 2017, Robert Clifford, CFAES Information Security Officer, Systems Manager