Leaving computer security to Cornell Information Technologies or your unit tech support person is like expecting the police to come around every night and lock your doors. You have to take personal responsibility for protecting yourself, as well as protecting any sensitive personal data about your co-workers that you may manage.

"The vast majority of computer breaches we have investigated over the past few years have been the result of poor personal choices, weak computer practices and less than satisfactory data handling procedures," says Steve Schuster, director of the Cornell IT Security Office.

You'll find help in a new e-book, "Computer Security at Cornell," from CIT's IT Security Office. Aimed at faculty and staff, the e-book is informative without overwhelming the non-IT professional. It is available for download in PDF format at http://www.cit.cornell.edu/security/handbook.cfm or from a link on the IT Security Office Web page at http://www.cit.cornell.edu/security. A mass e-mailing to faculty and staff is planned to urge everyone to read and follow the book's advice.

Chapters include such topics as how to recognize and respond to security problems, how to protect your identity and university data and how to secure the computer you use at Cornell. There is also a chapter of Internet safety tips and things to do when you work off campus.

Sometimes, the book reminds us, data is more important than machines. In one article, Robert Richardson, director of the San Francisco Computer Security Institute, says, "In the past, if a laptop was stolen from a café, it was reasonable to think it would be reformatted and sold as a new machine… Now, even the dumbest criminals are on to the fact that data is where the money is."

Shaley DeGiorgio is a writer with CIT's Department of Academic Tech Support and User Services.