A message from the Chief Information Security Officer
Hello and welcome to Stony Brook University!
Our goal is to help you achieve a safe rewarding experience while contributing to
your success as a student. While having fun, making new friends, and of course, furthering
your education is on the top of your priority list, it’s also vital you remember to
protect yourself and your data along the way!
In order to achieve your fullest potential, we must work together as a team to ensure
that you avoid needless obstacles so you can focus on what is most important: your
student success.
With that said, my team and I have put together the Stony Brook University Student Survival Guide for Safe Computing. In this resource, you will find cut-to-the-chase crucial information, links, and
phone numbers to help keep you and your data safe.
We urge you to read it over, keep it in a safe place, and give it some thought. Remember,
you are the reason we are all here, so together let’s make it yet another great year.
Thank you,
Matthew Nappi Chief Information Security Officer Stony Brook University
Student Survival Guide for Safe Computing
Don’t be a [CYBER]BULLY
Cyberbullying is aggression that takes place over digital devices like computers,
cell phones, and tablets. Cyberbullying can occur through text messages, email, social
media, and any other type of online venue. Stony Brook University takes any form of
bullying very seriously.
If you are the victim of Cyberbullying never hesitate to report it or ask for help.
Personal Devices: You are accountable for any actions performed using these devices,
by you or anyone else!
University Devices: Log in as yourself. Always remember to log out completely to prevent
someone else from accessing your account. This would result in a very bad day for
you.
Passphrases or Passwords, that is [not] the question!
The law of Stony Brook University
No Instructor, Staff, Advisor or anyone affiliated with Stony Brook University should
ever ask you for your password… PERIOD!
If this is ever the case, never share your password.
If asked for your password, report to the head of that department and to the DoIT
Service Desk.
You are accountable for what is done with your account.
More Survival Tips
There is never not a good time to change your password.
Use a passphrase, an easy to remember phrase that has no obvious connection to yourself.
Longer is always stronger.
Here are a few examples, both good and not so good:
wolfie123 - A very weak password
I ate two slices of pizza - Better
I ate 2 slices of p1zz4! - Best
Sharing your password with anyone, and we do mean anyone, puts all your data and personal
information at risk.
[Appropriate] Use of Information Technology
IT systems may be used for purposes pertaining to a student’s academic position or
related responsibilities and assignments. Stony Brook University takes this very seriously.
Respecting others and the appropriate use of technology is essential to make the University
safe and enjoyable for all.
Stony Brook IT resources are not in place for personal financial gain, harassing or
threatening others, and any use that would be damaging to the integrity of the University.
Tech Support - Contact us online [instead of standing on it]!
Did you know that Stony Brook has an online ticket system that enables you to report
any type of technical issue? Have an issue? Don’t tell reddit, tell us. Just go to
the following link and you’re on your way:service.stonybrook.edu
ALSO: If you receive an email from doithelp@connect.stonybrook.edu or one of our cyber security professionals, it is your responsibility to respond.
If you are not sure it is legitimate, call us to verify (2-9800). In most cases we
are reaching out to you because you may have a device that have been infected or compromised.
Failure to do so will result in loss of access to the Stony Brook wireless network.
Remember we are a team looking out for your best interest. So your problem is our
problem.
Get HELP [not frustrated]
No question is too big or too small and, in some cases, issues can be addressed while
you wait. The entire staff understands you need to stay connected and will get you
back online as soon as possible.
Back up [not down]
In life, you always need to have a Plan B. Plan B = Back Up Plan. This applies to
your data as well. If you don’t want to lose it, then back it up.
Every student has their own:
Google Drive- UNLIMITED storage space and accessible from anywhere with internet access
MySBFiles- a central file server that is scanned and backed up regularly, available through
any SINC Site computer and the DoIT website
Every Medical student has:
U: Drive - for personal storage
W: Drive - for group storage
Medical students may also obtain:
SBM OneDrive - for external storage and/or collaboration
SBM Box for Research purposes
*both OneDrive and Box are storage solutions usually available for free but they lack the required security for HIPAA compliance therefore medical students must use SBM’s version of these solutions which meet the security requirements.
Don’t get caught [get smart...er]
Phishing is the attempt to obtain your sensitive information for malicious reasons, by the
bad guys disguising themselves as a trustworthy entity through social engineering
and electronic communications.
Your best defense is to follow your gut and use common sense to avoid becoming a victim
to this very popular practice.
Here are a few tips that may help you stay out of harm’s way:
Never share personal information over the phone. If you’re unsure just hang up. Legitimate
companies or institutions will never ask for such information.
When reading emails:
Never open links from unknown mail sources.
Check the sender’s email address as well as the body of the email for errors and typos.
Errors and typos in the email address can be first easy sign your about to be phished.
When you do think you have a phishing email here at the University you can forward
the email to: phishbowl@stonybrook.edu
This email address is managed by the Information Security Department. We will take
it from here! Let us do the work for you in trying to resolve the issue or blocking
the sender from the campus community.
