Cybersecurity

Cybersecurity Awareness Month

October is over but that doesn’t mean you have to stop learning about cybersecurity! Visit the cybersecurity awareness month page for a recap of events and resources for continuing to increase your awareness.

Find Cybersecurity Resources

About Us

The Cybersecurity and Privacy unit in the Division of IT provides the University with support for identity and access management; incident response; payment card processing security; awareness and training; and data security. We are also home to the Cybersecurity Internship Program and research security consulting services. If you have questions about any content you see here or need additional support, please contact us at the Division of IT Central Helpdesk at: help@colostate.edu or (970)-491-7276.

IT Security Policies

IT security practices are specified in policies approved by the ITEC Advisory Council (IAC), updated at least annually and posted at the Office of Policy and Compliance:

Identity and Access Management

Incident Response

Departments at Colorado State University have access to Incident Response materials and training to assist in responding to a variety of cybersecurity breaches.

Credit Card Security (PCI-DSS Compliance)

Merchants at Colorado State University that take credit card payments for goods and services are required to comply with the Payment Card Industry Data Security Standard (PCI-DSS), whether conducting e-commerce, mail-order/telephone-order, mobile, or retail transactions.

Awareness and Training

Information security is everyone’s responsibility. Every person who interacts with our University computers, our networks, or handles information of any kind, plays a part in ensuring that data and those services are protected. Being aware of risks and defenses is the first step to responding appropriately as well as protecting yourself and the University.

See CSU Pueblo’s Information Security Awareness page for tips on avoiding scams, keeping passwords safe, and more.

Data Security

Preserving and ensuring the confidentiality, integrity and availability of sensitive information are the hallmarks of information security. In addition, certain federal, state, local and university regulations may apply depending on the type of data and application.

Research Security & Compliance Information

Controlled Unclassified Information

Cybersecurity Internship Program

In 2018 the Division of IT established a Cybersecurity Internship that is open to Undergraduate students. Students in the program learn about cybersecurity concepts and work with professional level security tools to support our security posture at Colorado State University.

Interested in participating or have questions? Get in touch with us at: CYBR_Cybersecurity_Interns@colostate.edu

Secure Your Data and Devices

CSU provides secure off-campus access to on-campus resources via the GlobalProtect gateway, also known as a Virtual Private Network (VPN).  GlobalProtect VPN provides a secure and encrypted tunnel between your device and the CSU network that enforces the use of recent, more secure operating system versions.  The VPN is reachable via the GlobalProtect desktop client or via the web interface (Fort Collins: gateway.colostate.edu | Pueblo: pueblogateway.colostate.edu). 

Duo is a tool that provides two-factor authentication to better protect your account by requiring an additional piece of information beyond your username and password. When you access certain CSU System services – including Microsoft 365 applications (OneDrive, Teams, etc.) and university email accounts, VPN, using both the GlobalProtect desktop agent/client and gateway.colostate.edu – you will be required to use a device that you have (mobile phone, desk phone, or a hardware token) to provide an additional layer of security to your account. This is done by receiving a push authentication request through the Duo Mobile App, a phone call, or entering a generated code. Intro to DUO and Why CSU uses it

Antivirus & Malware

Microsoft Email Encryption