IT: Security Best Practices

cyber security icon


  • Cooper Union requires that all devices connected to the campus network run up-to-date antivirus software. Cooper provides CylancePROTECT for all Cooper union computers on campus.   

  • We strongly recommend that students acquire antivirus software for their personal computers.  Cylance , McAfee, and Norton are all reputable providers. 

  • Cylance should always be active and configured to update on a regular basis. 

  • Cylance uses AI Driven Threat Protection. 

  • CylancePROTECT works where most attacks occur - at the endpoint - for better efficacy, faster resolution, and less disruption.  

  • If you do not have Cylance installed on your work computer (or are not sure) please contact: 

  • Contact if you believe that your computer is infected with malware. Disconnect the computer from the network immediately to keep the infection from spreading or sending information to an attacker. 


Passwords are one of the most important controls on access to information. We strongly recommend that you never use the same password for multiple accounts. If a hacker compromises a credential, that same username and password could be seriously compromise your data! 

  • Choose a password that is at least 10 characters which includes: Upper/Lower case, Numbers & Symbols.  Try to avoid dictionary words. 

  • Enable two-factor verification 

  • Change your password at least once every 6 months 

  • Use a Passphrase or a Password Generator. A passphrase is a group of words that means something to you. For example: CooziP10003! That translates to: Cooper zip code is 10003! 

  • If you have trouble keeping track of passwords, use a Password Manager for all your websites. Keeper or LastPass are one of many examples of password managers.  


Here are some common sense measures that can reduce your vulnerability to cyber crime and reduce vulnerability to social engineering.  

  • Be careful of email that does not have a Cooper email address (ending in or if you do not recognize the sender’s email address 

  • Do not open email if a sender’s name does not match their email address or if the language and spelling of the email are obviously inaccurate or vague 

  • Never respond to an email with personal information (social security number, address, etc.), send money or wire funds to anyone you do not know or any business where you have not confirmed that request for information is coming directly from them.    

  • Phishers have become very sophisticated and can make the requests look very real with logos and typeset matching institutions’ branding.  

  •  Any phishing attempt to trick you into revealing confidential, personal, or financial information, your password, or sending money is a scam. Credible organizations will never ask for this. 

  • Malware, spyware, Trojan viruses, and other malicious software is often transmitted through email in the form of malicious links or seemingly credible attachments. Clicking these links or opening these attachments may infect your computer. 

  • Do not transmit sensitive, restricted information by email. It is not secure. This includes passwords, PIN numbers, or files containing restricted information (such as Social Security numbers). 


  • Phishing: Legitimate organizations do not email, call, or otherwise contact their customers asking sensitive questions or for personal information, such as usernames and passwords. This is known as "Phishing," an attempt to trick people into revealing confidential, personal, or financial information, obtaining a password, or sending money. When in doubt, do not respond or give your information and contact the organization directly.  

  • Shredding: Throwing away a document can give a cyber criminals opportunity to impersonate you. Shred sensitive information and never put it in the garbage intact. 


  • When at home, be sure to password-protect your Wi-Fi network. Specifically, always change the vendor default username and password for routers, modems, and other smart devices. Not having your wireless connection locked down is an open invitation for someone to break into your network and access your systems 

  • When in public locations such as hotels, coffee shops and airports, be wary of wireless networks. Do not connect to a wireless network you do not recognize. Avoid looking at or entering personal or sensitive information when connected to a public network. 

  • Most cell phones have Personal Hot Spot capabilities built-in; those are safer to use than a public network. 


Due to hardware failure, malware infection, or other causes can put you into a situation where your data is permanently lost or inaccessible. Be sure to regularly backup your data which you find important. 

  • Cloud backups are a good option for many users. Once installed, these applications back up the data on a scheduled or continuous basis.  

  • Backing up to an external Hard Drive is also an excellent choice and most manufacturers supply free software to back up the data. The problem with backing up to an external Hard Drive is remembering to do it, unless it is constantly plugged in. 

  • On a Mac, use Time Machine to back up your data to an external drive 


We accumulate a lot of personal information on our mobile devices. This valuable data makes these devices a target for thieves and cyber criminals. 

  • Use password, passcode, or biometrics on your mobile device. Set the lock feature to a few minutes. 

  • Use Encryption to protect your personal information on mobile devices 

  • Leave your Blue Tooth turned Off when not in use 

  • Do not save passwords or PINs on your smart phone 

  • Use remote tracking software on your smart phone that can find, lock, and erase your data if your smart phone is lost or stolen 

  • Take note of your IMEI (International Mobile Equipment Identity) number. An IMEI is your 14–16-digit serial number which identifies your smart phone. If a device is reported stolen, it will be permanently unusable on most carrier networks, even if the SIM card is changed 


Avoid peer-to-peer (P2P) networks and remove any file-sharing clients. P2P clients have worldwide sharing capabilities and you never know if the file has a Trojan virus or worm virus. Unsigned apps from the Apple’s App Store or Google’s Play Store may have “back doors” to the mobile device allowing cyber criminals to steal your data. 


Whenever a laptop or portable device is lost or stolen, the data on that device has also been stolen. If proprietary Cooper Union data is lost or compromised, the resulting damage can be much greater than the cost of replacing the equipment. 

  • Avoid storing personal data on laptops and other mobile devices 

  • Before leaving your work area, turn off, close the lid of, or lock your computer. Put away sensitive documents; lock cabinets and other storage spaces. Take portable devices or media with you or lock them up. 

  • Remove sensitive documents right away from printers and copiers so that no one else can read them. 

  • Shred documents that contain sensitive information. Do not discard them in public wastebaskets. 


  • Zoom: always set a password for your meetings to avoid strangers entering your teleconference. 

  • Third Party Applications: Do not use free software for teaching.   

  • Always use the educational license of software for academic purposes to remain FERPA compliant. 

  • If you want to request new software for a class, please contact



  • Founded by inventor, industrialist and philanthropist Peter Cooper in 1859, The Cooper Union for the Advancement of Science and Art offers education in art, architecture and engineering, as well as courses in the humanities and social sciences.

  • “My feelings, my desires, my hopes, embrace humanity throughout the world,” Peter Cooper proclaimed in a speech in 1853. He looked forward to a time when, “knowledge shall cover the earth as waters cover the great deep.”

  • From its beginnings, Cooper Union was a unique institution, dedicated to founder Peter Cooper's proposition that education is the key not only to personal prosperity but to civic virtue and harmony.

  • Peter Cooper wanted his graduates to acquire the technical mastery and entrepreneurial skills, enrich their intellects and spark their creativity, and develop a sense of social justice that would translate into action.