Safe Computing

Phishing

Beware of any e-mail purporting to be from Information Technology Services asking for your W&L password. Any such e-mail is "phishing": an attempt to steal personal information. ITS staff will never ask you for your password, via email, phone, or any other means. Remember, your password is your secret.

Never respond to e-mails asking for your W&L password or other personal information, such as bank account or social security numbers. Instead, please forward such phishing attempts to spam@wlu.edu, and then delete the email.

Please protect yourself:

E-mail and viruses

W&L uses constantly updated filters that eliminate most viruses. But newly hatched viruses sometimes slip through our system, so it's important to follow some important rules:

Students should be sure the preinstalled anti-virus software on their pc is the most current version. Anti-virus software is automatically installed and configured on University-owned computers in labs, offices and other settings. If you suspect that your computer is infected with a virus, call the help desk at 540-458-4357  or email them at help@wlu.edu.

Spyware

Spyware (also known as Adware) can also hinder the proper functioning of your computer. It can also be used to sell your personal information without your knowledge. Here are some rules of thumb to help avoid infection:

Passwords

Select a hard-to-guess password, and don't share it with anyone, including those who purport to represent W&L (see Phishing section, above). W&L network passwords must meet the following requirements. These requirements are enforced when passwords are changed or created:

You can use mnemonics to create a password that meets those requirements, and is still easy to remember. Try song lyrics, rhymes or common expressions. For instance, the nursery rhyme "Mary had a little lamb, her fleece was white as snow..." with the addition of some additional characters, could yield the password:

Mhallhfwwas&52

If your password becomes known to anyone, change it immediately. Your W&L network password should be different from any other password you use.

Identity theft

If you follow the guidelines on this page, you'll help to avoid identity theft. This resource from the Federal Trade commission explains identity theft, and what to do if your identity is stolen:

Data security on smart phones

Certain types of advanced cell phones, such as Blackberries, iPhones and phones using the Windows Mobile operating system, can be configured to automatically retrieve e-mail and other data from W&L's Exchange (Outlook) server. When the devices are configured in this way, ITS enforces minimum security settings to protect potentially sensitive University data stored on the devices:

These settings may function somewhat differently than described here, depending on the device. If you are a W&L faculty or staff member and would like to configure your smart phone to automatically retrieve e-mail and other data from your Exchange/Outlook account, please call the help desk at 540-458-4357 or email them at help@wlu.edu.

Firewall policy, inbound network traffic

ITS operates a "default deny" inbound perimeter firewall as the first level of defense against security threats to the University's network and IT resources. Outbound traffic is "default allow." This means inbound computer traffic from off-campus is blocked - unless the communication originated from a computer on campus or unless there is an exception to allow the traffic.

Additionally, there are firewalls dividing the interior network into separate zones based on the role of the IT resources within each zone. For example, web servers have distinct and separate roles from database servers.

If you have an academic or work-related reason for un-blocking a specific computer port, please request an exception by completing a Web Help Desk request; go to https://helpdesk.wlu.edu and select request type "Network" then "Incoming Firewall Exception."

W&L security documents

Other resources on safe computing