Security Tips for Students
Securing your VCU accounts and your personally-owned devices is a critical step in preparing to take classes. To get started, we've provided a list of resources here however this is by no means an exhaustive list.
VCU Information Technology Policies, Standards, Baselines and Guidelines, and General Information Security
In addition these recommendations, ALL students at VCU regardless of their current enrollment status are required to comply with the following policies highlighted below. We strongly encourage ALL students at VCU to review these policies.
Direct Policy Link: https://vcu.public.doctract.com/doctract/documentportal/08DA32A63EDBCB19E7EB6A357AF5AB2F
Virginia Commonwealth University provides and maintains computer and network resources to support its faculty, staff, and students in their education, research, patient care, and work activities. All individuals receiving a university computing account, or using VCU computer and network resources, are expected to comply with this Computer and Network Resources Use policy.
All users of these resources are expected to restrict their use of VCU computer and network resources to university-related responsibilities and actions. Limited personal use of the university's computer and network resources is permitted only when it does not interfere with the performance of the user's job or other university responsibilities or other university functions and is otherwise in accordance with this policy.
Use of the university’s computer and network resources for an individual’s business or for personal commercial purposes is not authorized. Further limits may be imposed upon personal use in accordance with accepted management principles.
All users of VCU computer and network resources are expected to act in a responsible, ethical, and legal manner. VCU computer and network resource users must respect the rights and privacy of other users, share computer and network resources equitably and follow VCU policies and local, state, and federal laws relating to copyrights, privacy, security, and other uses of computer, networks, or electronic media. University employees are specifically prohibited from using VCU computers, networks, or electronic media in contravention of Va. Code Section 2.2-2827 as detailed more fully below.
This policy sets forth the responsibilities of faculty, staff, students and system administrators when using VCU computer and network resources and the responsibilities of the VCU Chief Information Officer in enforcing it.
Noncompliance with this policy may result in disciplinary action up to and including termination for employees or expulsion for students. Suspected violations of this policy should be reported according to the policy specifics and procedures.
VCU supports an environment free from retaliation. Retaliation against any person who brings forth a good faith concern, asks a clarifying question, or participates in an investigation is prohibited.
Direct Policy Link: https://vcu.public.doctract.com/doctract/documentportal/08DA32A740D3032ECF12859338633542
Information technology enables more accurate, reliable, and faster information processing with information more readily available to administration, faculty, staff, and students. However, information technology has also brought new administrative concerns, challenges, and responsibilities. Information assets must be protected from natural, technological and human hazards. Policies and practices must be established to ensure that hazards are reduced or their effects minimized.
The focus of information security is ensuring reasonable and proportionate protection of information and continuation of program operations. Providing efficient accessibility to necessary information is the impetus for establishing and maintaining information systems.
This policy sets forth the elements of VCU’s Information Security Program, including its associated information classification and protection requirements, and the procedure for reporting, investigating and resolving suspected violations. This policy is part of VCU’s Information Technology Policy Framework referenced in the Related Documents section. The information technology standards and baselines associated with this policy that are included in the Information Technology Policy Framework must be followed in conjunction with this policy. Information technology guidelines are also included in the framework as recommendations and best practices.
Noncompliance with this policy may result in disciplinary action up to and including termination. VCU supports an environment free from retaliation. Retaliation against any employee who brings forth a good faith concern, asks a clarifying question, or participates in an investigation is prohibited.
Protect Your Password!
Your eID password is your access to all VCU resources. Never share your password with anyone! No VCU official will ever ask for your password in an email. Learn more about protecting your information and devices at go.vcu.edu/protect.
Sign up for the Self-service Password Reset Tool. This tool allows you to reset your password when it expires 24/7. Visit https://go.vcu.edu/password for more details.
Rise in Job Scams Targeting Students
Scammers are targeting students with unsuspecting job opportunities which lead to victims loosing thousands of dollars. Read more about Job Scams here.
Phishing Scams
The beginning of a sophisticated cyber-attack usually starts with a phishing scam. A phishing scam is a social engineering attack that utilizes phone calls, email, social media, or a text message to trick a victim into disclosing information that he or she would typically not disclose. The end goal of phishing scams is usually the theft of login credentials such as usernames and passwords. Armed with the username and password of an individual, a cyber adversary can then masquerade as the victim, steal his or her personal information protected by those credentials.
Downloading Using the VCU Network
Duo 2-factor Authentication
Protecting Your Personal Devices
Other Security Tips
Visit the Security Awareness and Training site for more tips on how to protect yourself and your identity.