Duration: May 20 to November 30, 2025

 

All students should read this page to the end and take the "Confirmation Test" at the end of the page.

 

 

"Information security” refers to activities to protect information assets held by an organization from cyber attacks, unauthorized access, and natural disasters. While our daily lives and economic activities have become more convenient and sophisticated with the advancement of information technology, information security incidents such as information theft and destruction of computer systems have been occurring frequently.

While it is necessary to prevent incidents and accidents related to information security, it is also important to be equipped with knowledge on a regular basis to minimize damage should they occur.

 

Shizuoka University has established the “Declaration on Information Security” and widely communicates its efforts to the general public.

Through this web seminar, you will understand the importance of information security and deepen your knowledge.

 

Declaration on Information Security

Shizuoka University is engaged in education and research based on the following three principles:

1.     Cultivate well-educated people who shall bear responsibility for the future of our planet and have both profound global awareness and expertise.

2.     Understand the critical situations of modern society and conduct creative academic researches aiming at sciences that support the foundations of global peace and human well-being.

3.     March with local communities, sincerely deal with the issues faced by them, and fulfill the role of a cultural and scientific base.

 

We strictly adhere to the information security to help in the realization of the University’s ideas and to make maximum use of the achievements of our educational and research activities. Thereby, we declare the following four pledges.

• Be truly sensible and use information technology and devices correctly.
• Protect information from unnecessary access and promote educational as well as research activities.
• Protect personal information and secure safe campus life.
• Respect information security of others and never disturb it.

 

Information security measures on using the Internet

As a characteristic of the Internet, it is difficult to completely prevent malpractices, such as wiretapping, elimination, manipulation and destruction of data through the network, because there is no person or rule for controlling the entire system in principle.

Therefore, we need to take self-defense measures.

 

Basic measures for protecting personal computers

Basic PC protection measures are listed below:

• OS and software updates:
  Keep operating systems and application software such as Windows and macOS updated to the latest versions.
• Install and update anti-malware software:
  Install reliable anti-malware software and keep it up-to-date.
• Regular backups
• Use of strong passwords
• Enable multi-factor authentication:
  Set up multi-factor authentication for greater security when possible.
• Attention to suspicious e-mails and websites:
  Be careful not to open suspicious e-mails or attachments or access suspicious websites.

The following cases require attention.

• Start using a new external service ⇒ Reconfirm that it is safe.
• If you have any idea of unwanted access ⇒ Please do not access the site again, and if you have entered personal information, please change your password immediately and report it to the Center for Information Infrastructure.
• Made changes to the installation environment and usage ⇒ Avoid weekend changes, since within the university network, the detection of anomalies may be delayed on weekends and holidays.

 

About Password

To protect your personal information and account security, please manage your ID/password strictly. Password compromise can lead to account hijacking, information leakage, and financial loss. It can also lead to loss of credibility.

• Do not give your password to anyone else, even a friend or acquaintance.
• Set a password that is at least 8-16 characters long and sufficiently complex.
• Do not write it on a note and post it on a display or other place where others can see it.
• Do not use the same password for multiple services.
• If there is a possibility that the password has been compromised, please report it immediately to the person in charge of management at the Center for Information Infrastructure, etc.

 

Examples of bad passwords

Use the keyboard sequence as it is / Simple words and their repetition / Personal information (your name, birthday, phone number, etc.) / Few characters / A history of password leaks (may be on the Internet semi-permanently) / Including some or all of your ID / Identical password for multiple services / Has not been changed in years (may have been leaked in a major information leakage incident at a major website or other major site) / Has been left at default settings / Has been entered many times in public (possible shoulder hacking)

 

Data Protection and Disposal

Data is a valuable asset. Back up the data on your computer and other devices you use on a regular basis. This will protect your data in the event of OS reinstallation or disk failure.

Ransomware (ransom virus), which has been raging in recent years, encrypts not only infected terminals but also files on shared servers and external disks. It is effective to obtain regular backups and store them offline. In the event of infection, do not pay the release fee. It may reoccur and encourage malicious activity. Report it to the police or other cybersecurity-related public authorities for guidance.

Care must be taken when disposing of devices that contain data. Not only have there been cases of used computers with data left over from the previous owner, but there are also cases where people intentionally purchase used computers that show signs of having been used by a company, etc., and then search for the data stored on them to obtain confidential information.

Please ensure that data is securely erased before disposing of the equipment by using appropriate methods, such as using dedicated data-erasure software or the services of a professional company. This applies not only to computers and discs, but also to mobile phones, smartphones, CDs and DVDs, USB memory sticks, various memory cards, external discs, etc.

 

Malware Protection

Anti-malware protection is essential for data and system security. (Malware: A generic term for malicious software. There are many different types, including viruses, worms, spyware, ransomware, and Trojan horses.) Malicious software such as viruses and ransomware can cause serious damage, including information leakage, data destruction, and system shutdown. Installing appropriate security software and updating it regularly can minimize these risks.

Anti-malware measures are essential to maintaining the health of the digital environment.

As a basic measure:

• Security software/anti-malware software: If purchased, pattern file updates will be stopped when they expire, so be sure to check the renewal period and contract details.
• Pattern file updates: Since new malware appears daily, definition file updates should be set to occur automatically.
• Perform regular scans: Most security software allows you to set up a schedule, so be sure to do so.
• Countermeasures against infection via USB memory: Some types of infection are transmitted using automatic playback of storage media such as USB memory devices. It is important to turn off the auto-play function, scan files and folders before opening them, and use those from trusted manufacturers.
• Prevention of infection by browsing Web pages: Use the latest OS and browser. Some patterns are downloaded when clicking on links or advertisements. Do not browse suspicious sites or advertisements out of curiosity.
• Do not download unreliable free software or data.
• Be aware of suspicious e-mails.
• Be security conscious on a regular basis.

 

Email Attacks

A number of attacks through unsolicited e-mails with malware attachments and attacks that deprive an organization of important information by mixing factual characteristics and information about the organization with e-mails (targeted attacks) have been confirmed at the University. Some of them are sophisticated enough to slip through inspections and blocking by the latest security devices.

Please check your email, noting the following:

• Email senders can easily be forged:
  Do not open the attached file or access the URL, believing that it is a person or company you know. If you feel even the slightest hint of suspicion in the text of an e-mail, please contact the sender directly or consult with the Center for Information Infrastructure.
• URL links in emails can be easily disguised:
  Even if the URL looks like a trustworthy website URL, it may be disguised. Move your mouse over the URL to see the true URL, so check it carefully. It is important not to click on the URL if you are suspicious of it in the first place.
• Beware of emails asking for personal information! :
  Emails that direct you to a Web site and ask you to enter your ID, password, or credit card number are likely to be phishing emails that trick you out of your information, and you should be wary of them.
• Beware of emails that make people impatient! :
  With unintentionally clickable content such as “No email storage space available” or “We are freezing your account,” attackers are trying to deny you time to make a calm assessment of the situation. Be wary of content that makes you feel rushed.
• Do not open attachments easily:
  Some of them disguise the sender as an acquaintance or work address, and others are executable files masquerading as images or documents. Even if the email is from someone you know, if you do not recognize it or it seems suspicious, do not open the attachment.
  On the other hand, if you send attachments yourself, understand that they may seem suspicious to the other party!

Not only could this result in the leakage, theft, or destruction of important data, but it could also develop into secondary damage (springboard attacks) both inside and outside the university. Even if the information contained in an email is believed to be relevant to you, please be careful not to open email attachments or enter your email address, password, or other personal information when requested by the email or website.

If you have any suspicions at all, do not proceed any further and contact the sender directly or consult with the Center for Information Infrastructure.

 

Copyright Respect and File-Sharing Softwar

It is prohibited to create or distribute copies of copyrighted material (even a part of it) without the permission of the copyright holder. In addition, stealing ideas or freely altering the material is also not permitted. When using other people's copyrighted material, you must check the license terms and obtain permission from the copyright holder if necessary.

Note that P2P file exchange (sharing) software such as BitTorrent and Winny have the following problems:

• There is a high risk of malware infection, which can lead to the leakage of personal information and data.

·         It is easy to share illegal content, so there is a high risk of copyright infringement. There is a possibility of illegal files being downloaded/uploaded without knowing it.

• Network bandwidth is easily strained, which can affect internet use on campus.

For this reason, the use of P2P file-sharing software on the campus network is prohibited.

Even personal laptops and terminals must not be connected to the campus network with P2P file-sharing software installed.

 

Use of SNS, etc.

SNS is an abbreviation for Social Network Service.

LINE, Instagram, X (formerly Twitter), Facebook, and TikTok are typical examples.

• Do not send or contribute to the spread of slanderous comments. In some cases, pressing "Like" can be considered as approval of the post, and you may be held legally responsible, so please be careful. Defamatory comments against others are nothing but a disgrace to the dignity of Shizuoka University, including yourself.
• Because online postings can be viewed by an unspecified number of people, they meet the requirement of publicity, which is one of the requirements for the crime of defamation to be established.
• Do not disclose more personal information than necessary. Also, set appropriate privacy settings, such as limiting the scope of disclosure.
• If publishing a photo that includes someone else, be sure to get that person's permission. Respect their portrait rights.

There have also been many reports of malicious activities using social media. Please be cautious of any contact or information provided by people you do not recognize.

 

Use of public Wi-fi (free Wi-fi)

Public Wi-Fi is available in many places, including train stations, airports, hotels, and stores, allowing you to easily connect to the Internet even outside of school. As a means of communication in the event of a disaster, the "00000JAPAN (Five-Zero Japan)" initiative is also underway.

Although it is easy to use, if you use it without understanding the risks and threats that lurk there, you may be at risk of having your communications intercepted or your ID/password stolen.

The main points you should be careful of are as follows:

·         Check the provider of the access point (SSID): Do not connect to an access point whose provider is unknown or suspicious. There are cases where the SSID is a fake one that pretends to be a common SSID.

·         Do not enter or send ID/password, card information, bank information, or other personally identifiable information.

·         When accessing the web, check the URL carefully.

·         Networks with weak security levels (those without encryption or weak methods such as WEP) are particularly at risk of being intercepted, so avoid using them if you are unsure of the security level.

 

 

Please click the link and take the confirmation test. You will need to log in with your university's 365 ID.

https://forms.office.com/r/ZB8HGfY4tD