Information Technology has been advised by the cybersecurity company Malwarebytes that there may be unlicensed installations of their Malwarebytes anti-malware software on Ball State-owned systems. Use of this software has now been blocked from running on university-owned computers and it should be removed from all machines that are being used in support of university business.
The Office of Information Security Services recommends the use of Carbon Black Defense for the protection of university-managed devices when compatible. Sophos anti-virus software is also an acceptable alternative if you're already running it. To determine which antivirus software you have installed, refer to this Technology HelpDesk Knowledge Base article. If you are not currently running any antivirus software on your university-owned computer, contact the Technology HelpDesk to have Carbon Black Defense installed.
If you need assistance removing Malwarebytes from your Ball State-owned computer, please contact the Technology HelpDesk by submitting a request or by calling them at 765-285-1517.
The Office of Information Security Services is responsible for the confidentiality, integrity, and availability of all information assets at Ball State University.
Our office is responsible for managing University technology policies and procedures, including what to do in the event of a security breach or how to dispose of confidential information. We also provide you with the information you need to protect your personal or work computer.
You can also find us on Facebook and Twitter.
Security Tips for Remote Work
The Office of Information Security Services is working to keep your information safe from cyber criminals. With the recent surge in employees nationwide working remotely, the National Cybersecurity Alliance has released a set of tips regarding online security practices to protect individuals and the university from these security risks.
- Think Before You Click. Cyber criminals are taking advantage of people seeking information on COVID-19. They are distributing malware campaigns that impersonate organizations like WHO, CDC, and other reputable sources by asking you to click on links or download outbreak maps. Slow down. Don't click. Go directly to a reputable website to access the content.
- Lock Down Your Login. Create long and unique passphrases for all accounts and use multi-factor authentication (MFA) wherever possible. MFA will fortify your online accounts by enabling the strongest authentication tools available, such as biometrics or a unique one-time code sent to your phone or mobile device.
- Connect to a secure network and use a company-issued Virtual Private Network (VPN) to access any to access any work applications or servers that require it. Home routers should be updated to the most current software and secured with a lengthy, unique passphrase. Employees should not be connecting to public WiFi to access work accounts unless using a VPN.
- Keep devices with you at all times or stored in a secure location when not in use. Set auto log-out if you walk away from your computer and forget to log out.
- Limit access to the device you use for work. Only the approved user should use the device (family and friends should not use a work-issued device).
- Use company-approved/vetted devices and applications to collaborate and complete your tasks. Don't substitute your preferred tools for ones that have been vetted by the company's security team.
- Update your software. Before connecting to your corporate network, be sure that all internet-connected devices ‒including PCs, smartphones and tablets ‒ are running the most current versions of software. Updates include important changes that improve the performance and security of your devices.
For the latest information and resources for remote teaching and working at Ball State, please visit our Keep Teaching and Working website.
If you have further questions about online security for your remote working environment, or need help implementing any of these practices, please submit a request for help to the Technology HelpDesk, or call them at 765-285-1517.
Create & Manage
Passwords are a critical part of information and network security. They ensure the security and confidentiality of data that is stored on technology across campus.
To keep information secure, and to protect yourself from unauthorized access to your personal information and identity theft, you must create complex passwords and keep your password confidential.
When you are first issued your Ball State credentials, you will receive an email with a link to create your own password. You must follow these password requirements when creating your Ball State password.
Your password must follow these requirements:
- be at least 12 characters in length.
- contain at least three (3) of the four (4) following criteria:
- lowercase letters
- uppercase letters
- not contain your first name, middle name, last name, username, or keyboard runs (QWERTY, ASDFG, etc.)
Once your initial Ball State password is created, you will need to change it every 12 months. As a reminder, you’ll receive a notification on myBSU when you’re within 15 days of your password expiration date and it will remain there until you change your password.
If you do not change your password by the expiration date, you will no longer be able to log in to your Ball State account. In these cases, you will need to call the Technology Help Desk or visit the Tech Center (BL101) to reset it.
To manage your Ball State password, go to myBSU and select the “BSU Password Update” link.
Reset or Change Your Ball State Password
If you have forgotten your Ball State password, you’ll need to reset it. Be sure to follow the password requirements when resetting your password.
Cyber security starts with you. You should protect your Ball State password in the same manner as your credit card or bank account numbers.
No legitimate university faculty, staff, or student will ever ask for your Ball State password.
People who desire to use your Ball State account maliciously will work hard to convince you that you must disclose it. Never reveal your password to anyone under any circumstances.
Students and employees may sometimes receive emails asking for their Ball State password or other personal information. These requests are not legitimate. Please email us to report any of these suspicious emails to us.
Report an Email
Tips to create and maintain a secure password:
- Never share your password with a friend, co-worker, or anyone, no matter how much you trust him or her.
- Do not write down your password.
- Do not use obvious choices like your birth date, spouse, boyfriend or girlfriend, pet name, your car make/model, or easily recognized words or phrases.
- Do not use a keyboard sequence (asdfghjklasdfghj) or a number sequence (123456789012).
- Do not use your favorite sport.
- Do not reuse your passwords across multiple sites.
In order to provide an additional layer of security when logging it to Ball State networks and applications, we use Duo Security as the second level of online security. The Duo application confirms your identity by using a smartphone or token to provide a second verification—which is why it’s called “two-factor” authentication.
Read the set-up instructions.
Download the Mobile App:
If you need to re-activate your smartphone to use Duo, you purchased a new phone and need to set it up for Duo two-factor authentication, or have general questions about using Duo, check out these HelpDesk articles.
If you still need help, or just want someone to walk you through the process, please contact the Technology HelpDesk at 765-285-1517.
Protect Your Computer
While your Ball State credentials protect you while using our networks and services, there are other security threats on the Internet.
Knowing how to protect your computer itself from viruses, phishing attempts, and other methods to obtain your personal information is key to a safe experience.
Here are a few ways to protect your computer from these threats.
- Install anti-virus software and keep it up to date
- Turn on regular software updates
- Turn on your computer’s firewall
- Encrypt your computer’s hard drive
- Learn when you need to use the Ball State Virtual Private Network (VPN)
- Be aware of viruses and other malicious software on flash drives and other devices
Do You Have a Virus or Malware?
The safest way to deal with a computer infected with a virus or malware is to bring it to the Tech Center in Bracken Library, Room 101 and let our experts analyze it.
We can safely examine your computer and advise you on the best course of action to remove the malicious software.
Report Security Issues
The Office of Information Security Services can help you with any information security issues that may arise.
We can help you keep your information and resource secure whether it’s a:
Don’t hesitate to report any possible security issues to us.
Report an Issue