Preventing Identity Theft

When students, faculty, or staff open an account, apply to receive information, or purchase a product, LU Securitythey entrust their personal information to you. If their information is compromised, the consequences can be far reaching.

 While protecting computer systems is an important aspect of information security, it is only part of the process.

  • For more information visit
  • PII = Personally Identifiable Information

Electronic Security

  1. Identify the computers or servers where PII (Personally Identifiable Information) is stored, encrypt, and use LEA2 step.
  2. Don’t store PII on employee’s computers, flash drives, smart phones, or send outside the University in an email.
  3. Pay particular attention to the security of your web applications by using "https://" connections.

Physical Security

  1. Store documents and files containing PII in a secure location. Limit access to employees with a legitimate business need. 
  2. Remind employees not to leave sensitive papers out on the desk when they are away from their workstations.
  3. Require employees lock their computers when away. Put files away, lock their file cabinets and office doors at the end of the day.
  4. Implement appropriate access controls for your building. Tell employees whom to call if they see an unfamiliar person in a place they do not belong.
  5. If you send information containing PII using a shipping company, encrypt the information and keep a backup and track the delivery.

More Guidelines

Password Management

  1. Control access to sensitive information by requiring a “strong” password.
  2. Do not share passwords or post them near workstations.
  3. Be aware of identity thieves attempting to deceive you and asking for your password or other sensitive information by impersonating members of the IT staff or other legitimate businesses.

Laptop Security

  1. Do not store PII on your computer
  2. Be mindful of security when you are on the road. Do not leave a laptop visible in a car, at a hotel luggage stand, or packed in checked baggage at the airport.

Digital Copiers

  1. Get your IT staff involved when buying technology. The hard drive in a digital copier stores data about the documents it copies, scans, faxes, or emails.
  2. When buying or leasing a copier, consider data security features offered. Typically, these features involve encryption and overwriting.
  3. Once you choose a copier, take advantage of all its security features.
  4. When you select a copier, find out if you can have the hard drive removed, destroyed, or overwritten.

Properly dispose of what you no longer need

  1. Effectively dispose of paper records by shredding them.
  2. When disposing of old computers, copiers, printers or storage devices (anything with a hard drive), follow the instructions on IT Equipment Removal Request form to have data destroyed securely at Lamar University. 
  3. Make sure employees who work from home follow the same procedures for disposing of sensitive documents.

Create a plan for responding to security incidents

  1. Have a plan to respond to security incidents. Designate a senior member of your staff to coordinate and implement the response plan.
  2. Investigate security incidents immediately and take steps to close existing vulnerabilities or threats to personal information.
  3. If a computer is comprised, disconnect it immediately from your network.
  4. Consider whom to notify in the event of an incident, both inside and outside your organization. Contact the Service Desk immediately. You may need to notify employees, students, law enforcement, and other businesses.