Facebook logo
Facebook logo Twitter logo Instagram logo Snapchat logo YouTube logo Wordpress logo

IT Security

Adopting IT Security best practices can keep you safe while using the Internet. You’ll be taking steps to protect not only your personal information but also Douglas College’s data. That means there will be less possibility to put yourself and the College at risk.

Tips to be safe online

  • Keep your devices updated with the most recent versions of operating system and antivirus software.
  • Keep your devices and Wi-Fi network password-protected.
  • Use different passwords/passphrases for different websites.
  • Don’t share your College Network Access (CNA) credentials with others.
  • Don't click links or open attachments without checking if they're valid.
  • Ensure that website links are https instead of http before making financial transactions online.
  • Don't download from suspicious or unknown sources.
  • Connect only to external Wi-Fi networks you trust, and never shop or bank on public networks.
  • Turn off Wi-Fi, Bluetooth, camera and location services on your mobile when not in use.
  • Enable multi-factor authentication for your accounts whenever possible.
  • Delete old, unused software applications from your devices.

More information can be found on Get Cyber Safe and Tips for Online Safety 2017.


Having a strong password is fundamental to protect your online information. But the best option is to create a passphrase instead. Passphrases are sequences of words that may contain mixed case, numbers and punctuation. They’re longer than passwords, but easier to remember because you can associate them with a situation that’s familiar to you, e.g., NeverWenttoBali! or BeentoGreece.2004 (it would take, respectively, 131 billion years and 220 trillion years for hackers to guess those passphrases).


Phishing is a practice used by cybercriminals to trick Internet users into revealing confidential information. There are three methods: mass-scale phishing (wide net of attacks), spearphishing (specific victim or group) and whaling (a big victim within a company, generally an executive). Hackers want you to click a link or open an email attachment that will give them access to your computer and, consequently, the ability to steal information from you or the organization whose network you’re using. To look above suspicion, those emails generally bring details about the company (data found online) and the sense of urgency. They try to convince you to take action immediately. To identify a phishing email, look for:

  • Poor grammar and spelling
  • A link that doesn’t go where it’s supposed to go
  • A sender with an external email address claiming to be from an internal address
  • Attachments in PDF or Word formats

ATTENTION: if you receive a phishing email in your College email address, don’t click any links or open any attachments. Instead, send a copy to the CEIT Help Desk to report the phishing attempt.


Spam is the practice of sending unsolicited email to a large number of recipients who never provided their email addresses to the sender. Some spammers (people who send spam) make the “From” field in the email look like it came from your email address, so they get past spam filters. They want you to click a link to try to sell you products. Spammers often get paid by the company selling those products based on the number of people clicking the link, and based on email accounts verified as active. Never reply, otherwise you’ll confirm that your account is active. The best attitude is to delete any spam.

Questions? Contact the CEIT Help Desk.