Information Security

The security of information and the controls used to manage it is of the utmost importance to the SUNY Cortland. Faculty, Staff, Students, Guests, Contractors, Vendors - all have a part to play in safeguarding our data and computer systems.

The primary focus points of Information Security Programs at SUNY Cortland are:

  • communicate and engage the College community about Information Security awareness training, and knowing your role safeguarding college data
  • compliance with the statutes and policies protecting the rights of individuals and the organization
  • the continual inspection of processes to maintain data integrity and accuracy 
  • assurance that authorized individuals has timely and reliable access to necessary data.
  • effectively manage the risk to minimize exposure or compromise to college systems
  • denying, where reasonable, unauthorized parties access to information or resources that are protected

 Date Issued Subject
MARCH 2018 Unwanted Calls

The SUNY NY-Alert system is designed to alert you in cases where your personal safety may be at risk. For this reason it is critical that we provide the SUNY NY-Alert system with your email address and cell phone number for text messaging.  


  1. Go into myRedDragon

  2. Select the Faculty/Staff Tab

  3. Under Important Links, select HR Services/TAS

  4. Under Self Service, select SUNYHR Self Service

  5. Enter your Date of Birth for verification

  6. You should now see your Human Resource Record

  7. Now select the Phone Tab

  8. The numbers listed here will be the numbers that will be sent to SUNY NY-Alert

    a. The only numbers going to SUNY NY-Alert will be Cell, Other, and Work Phone 2

  9. To update a phone record, under select click on the radio button of the phone you wish to update, then select Add, to add a new number or Update to update an existing number

  10. Under Phone Details, enter the number you are adding or updating, if this is a cell phone, make sure "is this a Cell Phone" says "Yes" NOTE: Cell yes will be text message only, Cell no will be a voice call and no text 

How to recognize phishing email messages, links, or phone calls

Phishing email messages, websites, and phone calls are designed to steal money. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off of your computer.

Cybercriminals also use social engineering to convince you to install malicious software or hand over your personal information under false pretenses. They might email you, call you on the phone, or convince you to download something off of a website. 

What might a phishing email message consist of?

  • Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling.
  • Beware of links in email. If you see a link in a suspicious email message, don't click on it. Links might also lead you to .exe files. These kinds of file are known to spread malicious software.
  • Threats. Have you ever received a threat that your account would be closed if you didn't respond to an email message?
  • Spoofing popular websites or companies. Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows.

SANS Ouch Newsletter

OUCH! is the world's leading, free security awareness newsletter designed for everyone. Published every month in multiple languages, each edition is carefully researched and developed by the SANS Security Awareness team, instructors and community members.

Daily Tips

Data Classification

All SUNY Cortland’s data must be classified into one of the three categories and protected using appropriate security measures consistent with the minimum standards for the classification level as described in related information security standards, procedures, and guidelines.  Read More ...

Understanding FERPA

The SUNY Cortland Student Information Policy outlines the appropriate use of student information to support the protection of student privacy in accordance with the Family Educational Rights and Privacy Act