-
University Regulations
General Info on UP Diliman: Organizational Structure and more
The university catalogue contains the description of the degree programs and the list of courses offered by each academic unit. The size of each electronic file, in the portable document format (PDF), is given in parenthesis. To read or download, kindly follow the PDF link. THe rest of the catalog, comprising of course offerings of various colleges can be found here.
-
The University (pdf, 3.18 MB)
-
Organizational Structure (pdf, 1.18 MB)
-
Academic Information (pdf, 1.31 MB)
-
Academic Programs (pdf, 0.62 MB)
-
Services and Facilities (pdf, 0.91 MB)
-
Guide to Courses and Curricula (pdf, 0.53 MB)
-
Degree Programs Acronyms (pdf, 0.54 MB)
-
Glossary (pdf, 0.56 MB)
-
Organization-Administration (pdf, 0.58 MB)
The UP Diliman Freshie Kit
The UP Diliman Freshie Kit 2020 contains information on major university offices and their contact information, as well as a list and directory of UP Diliman colleges (as of 2020).
Student Code of Conduct 2012
Watch a short video on Student Code and Ethics. View the full Code of Student Conduct of UP Diliman.
Under the Student Code, a student shall be subject to disciplinary action for any one of the following acts:
-
-
Any form of cheating in examinations or any act of dishonesty in relation to his/her studies, including plagiarism, the act of claiming, in whole or in part, someone else’s work or ideas and passing them off as one’s own;
-
Carrying firearms or any dangerous or deadly weapon;
-
Drinking of alcoholic beverages within academic and administrative buildings, dormitories, and the immediate premises thereof, except in places expressly allowed by the University;
-
Unauthorized or illegal possession or use of prohibited drugs or chemicals, or other banned substances;
-
Gambling within the University premises;
-
Gross and deliberate discourtesy to any University official, faculty member or person in authority.
-
Creating within the University premises disorder, tumult, breach of peace or serious disturbance;
-
Making a false statement, or practicing any deception or fraud in connection with his admission or registration in, application for any grant or scholarship, or graduation from the University;
-
Damaging or defacing University property;
-
Disgraceful or immoral conduct within University premises;
-
Unlawfully taking of University property; and
-
Any other form of behavior that may constitute misconduct.
Data Privacy Policy: UP Diliman
In compliance with the Republic Act No. 10171, known as Data Privacy Act of 2012, the University has released the UP Diliman Privacy Policy to Students, Parents and Guardians to protect personal, sensitive and privileged information processed by the University.
A separate UP Diliman Privacy Notice for Students (revised for A.Y. 2019–2020) may also be accessed for a detailed information on and legal basis of the collection, processing and disclosure of student information. You may view the following:
♦ University's overall Privacy Policy
♦ Privacy Policy for Students, Parents and Guardians
♦ Students' rights and responsibilities as a data subject (i.e. the person whose data is being collected by the university and its employees). These include your right to access your information and to know how it is processed (stored, collected, etc).
UP Diliman has a Data Protection Office that manages the university's overall privacy compliance. View the DPO website. Materials may be downloaded from the website of the National Privacy Commission.
Anti-Sexual Harassment Code
Pursuant to its powers vested by law, the Board of Regents of the University of the Philippines System hereby promulgates this Anti-Sexual Harassment Code within the jurisdiction of the University of the Philippines. Please view the full code.
Revised Code of the University of the Philippines
Download the Revised Code of the University of the Philippines (1961)
Staying healthy and fit during Remote Learning
The following are taken from "DeskFit: 20 Essential Desk Exercises You Can Do Without Leaving Your Office or Home Workspace" by the NASA Headquarters Fitness Center (Tanya Johnson, Marceleus Venable, and Kimber Williams)
Examples of Desk Exercises
Download the DeskFit document above to see what and how you can desk exercises at home. Please take your physical condition and your circumstances into account when doing the exercises featured.
Ten Tips To Stay Healthy at Work or While Working from Home
The tips below are quoted verbatim from the DeskFit document above.
1 Ensure that your workspaces in the office and at home are ergonomically set up to prevent injuries.
2 Take a break from sitting every 30 minutes. A brief 5–10-minute break can help rejuvenate your mind and prevent chronic pain.
3 Walk and use the stairs whenever possible.
4 Alternate sitting and standing throughout the day.
5 Offer walking meetings as alternatives to sitting in conference rooms.
6 Schedule time to exercise daily as a priority—as you would plan other important work responsibilities.
7 Break up physical activity into smaller durations of time—such as 10 minutes before work, 10 minutes at lunch, and 10 minutes after work—if longer durations of exercise do not fit within your schedule.
8 Incorporate microbreaks of 1–2 minutes every 30–60 minutes to stand up and stretch your entire body.
9 Use a hands-free headset for your phone so you can move around easily.
10 Eat nutritious meals and keep healthy snacks available.
A Workout at Work?
"A Workout at Work?" is an article from the Washington Post (dated 6 September 2011). It features short animations on how to do certain desk exercises. A poster version is also available for download. Please take your physical condition and circumstances into account when doing the exercises featured.
"Physical Activity Breaks for the Workplace: Resource Guide"
For a more extensive listing of exercises and information, please consult "Physical Activity Breaks for the Workplace: Resource Guide" from the Centers for Disease Control and Prevention (CDC) of the United States. Please take your physical condition and circumstances into account when doing the exercises featured.
Handbook on Protocol in the University of the Philippines
RA 9500: The UP Charter
Observe data privacy
You will/may get access to the protected information of your teacher or your fellow student, such as email address, cell phone number, place of residence, medical conditions, and religious/political affiliations, among several others. In an academic context, protected information covers your classmate's PowerPoint presentation, term paper, grade, and academic status.
-
-
Please do not share such information without his/their consent.
-
All students have legitimate access at least to their classmates’ UP Mail/DILNET email addresses to facilitate communication only on class-related matters (e.g. groupwork).
-
Sharing of personal, non-UP email addresses, or cell numbers is at the discretion of each student, though he or she may have to provide the same in certain, legitimate contexts (UP Email still unavailable).
-
Please do not reshare or reupload files shared to you via Google Drive without permission from your classmate and/or professor.
-
Please do not post screenshots of your class or your classmates on social media, again without their consent.
-
Please refrain from saving confidential documents/information by/from your classmates on your desktop/computer/phone. As much as possible, keep and access them only via Google Drive or OneDrive.
A list of useful tips may also be viewed from this Facebook post of the National Privacy Commission (originally in images, but converted and merge into a single PDF).
List of Memos: Office of the Vice President for Academic Affairs
View all remote-learning memoranda from the Office of the Vice President for Academic Affairs dating to 11 June 2020.
List of Memos: Office of the Vice Chancellor for Academic Affairs
View this Google Drive folder containing memos from the Office of the Vice Chancellor for Academic Affairs.
Remote Learning Policies
Remote Learning: How Will the Courses Be Delivered?
This infographic (PDF, 1 MB +) by the Office of the Vice President for Academic Affairs discusses the basics of remote learning, including two types of delivery (synchronous and asynchronous) and the content of a course pack. Details of content delivery will be discussed by your professor. It may include a variety of online applications, such as Zoom, Google Suite. See "Remote Learning" tab for details.
Guidelines for the Gradual Reopening of Face-to-Face (F2F) Class Activites
Please view these guidelines (as of 29 November 2021).
WalangForever: Making the Most of Remote Learning
In this webinar, Associate Professor Portia Padilla of the UP College of Education offers remote learning tips. Watch the 13-minute webinar on YouTube (added 2/24/2021).
What is Remote Learning: Modes of Delivery, Course Packs, Guides
This infographic (PDF, 1 MB +) by the Office of the Vice President for Academic Affairs discusses the basics of remote learning, including two types of delivery (synchronous and asynchronous) and the content of a course pack.
For tips, please watch the Isko/Iska Guide to Remote Learning, courtesy of the UP Diliman Information Office. Visit also the Remote Learning page set up by the OVPAA, which contains among other things list of remote learning guides and open access materials.
Liability of the University in a Remote Learning Setup
View document from the College of Law regarding the liability of the university and faculty over student safety in a remote learning setup.
UP Academic and Student Affairs Roadmaps for AY 2020-2021
View the UP Academic and Student Affairs Roadmaps for AY 2020-2021 (OVPAA Memo No. 2020-100).
The document outlines the preparations and programs of the univeristy for the First Semester such as academic infrastructure (Learning Management Systems, Library Resources), gadget and internet connectivity and capacity building for teaching and research. It also contains information on Student Learning Assistance System and other student support programs such peer learning groups, student helpdesk and counseling services.
-
IT Policy
General Safety and Use Policies
- Always log out of your UP accounts after use.
- Kindly ensure that your accounts can only be used/accessed by you (student) alone. Protect your gadget from unauthorized access, including hacking.
- Please refrain from clicking unsolicted links or from downloading unsolicited files that can harm your computer.
- Use your UP Mail/DILNET only for class/UP-related transactions. For instance, refrain from creating accounts on third-party websites using your UP Mail/DILNET.
- In case you lose your phone or computer, please log in to your account to sign out of all devices you are logged into
Zoom Dos and Don'ts
Take steps to protect your UP Mail (See UP Mail tab in CRS, DilNet tab).
Always activate meeting passwords, activate waiting room feature, don't make meeting credentials public (as applicable at least). Always upgrade to the latest software. Follow instructions here. You can also activate Zoom Registration for your meetings. Zoom lists tips on how to keep uninvited guests out of your meetings.
DOs
1. DO mute your microphone when you are not speaking to eliminate background noise and prevent disruptions during your meetings, conferences, or classes.
2. DO be aware of everything that is in view of your camera. Make sure to remove anything that is a possible disruption to the other participants viewing your video.
3. DO make sure that you are in a quiet place conducive for meetings.
4. DO dress up properly for the meeting.
5. DO check your device screen before activating the Share Screen function.
6. DO require a passcode when setting or scheduling your meeting through Zoom.
7. DO make sure that you send your Zoom meeting details (i.e. link, Meeting ID, Passcode) to those who are your invitees only.
8. DO remember that for your authentication settings, you can select the option “UP Mail Accounts Only” to make your Zoom meeting or webinar more secure (this applies if you are the one who will create/host the meeting). This will limit your attendees only to those who are members of the UP community.
DON’Ts
1. DO NOT have a distracting background when using your video.
2. DO NOT leave your microphone on when you are not speaking. Always mute your microphone when it is not your turn to speak.
3. DO NOT place your fan directly facing your desktop/laptop’s microphone. This causes unwanted whirring sounds and your voice might not be heard when you speak (or your voice becomes muffled).
4. DO NOT crosstalk. Use the Zoom feature for raising a hand (or show your physical hand in front of your camera) and speak only when recognized by the meeting host or facilitator.
5. DO NOT post your Zoom meeting details (i.e. link, Meeting ID, Passcode) on social media to prevent unscrupulous individuals from intruding your online meeting. Allowing unwanted attendees may open up your session to “Zoom Bombing”.
—Source: Dos and DOn'ts copied verbatim from email from UP ITDC, 7 June 2021
Stay safe online: know the risks
Know the kinds of risks and dangers you face online. Please view these set of slides—posted during the International Cybersecurity Awareness Day—courtesy of the Office of the Vice Chancellor for Student Affairs.
Take these steps to protect yourself from various online hazards. The slides are courtesy of the Office of the Vice Chancellor for Student Affairs. To learn more about online safety and get more resources, visit the OVCSA's Digicare page.
The UP ITDC also identifies types of security risks in a March 8, 2022 email: "Please be wary of phishing websites, emails, social media posts, and other online avenues masquerading as being associated with the University. Possible methods of attack that may be initiated against online users are the following:
-
-
-
-
Phishing is a cyber attack that obtains an individual’s sensitive data with the culprit posing as a legitimate and trustworthy institution or entity in an electronic communication. This is usually done through unsolicited email and messages on Facebook (especially fake accounts), and other social media.
-
Whaling is similar to phishing, but the culprit poses as an influential member or senior management in an organization in an attempt to use their authority, to lure other important members of that organization into providing sensitive personal information or company data. Culprits also usually do this through unsolicited email, and messages through Facebook and other social media.
-
Vishing is also similar to phishing but is done through voice technology.
-
Smishing is a phishing attack through SMS or text messages.
-
Spear Phishing is a cyber attack personalized to target a specific individual, with the culprit masquerading as someone the victim is familiar with, such as a friend or a family member. This is also done by sending unsolicited emails and messages through email and social media, like phishing.
-
Man in the Middle is a form of attack where the culprit acts as a relay or proxy in a communication between parties. The culprit can eavesdrop, impersonate one of the involved parties, or alter the communication, all while everything still seems normal to the users.
-
Man in the Browser is a similar approach to Man in the Middle, but instead there is a Trojan Horse (a type of malware) that manipulates web pages while still appearing as normal, thus possibly gaining access to the users’ transactions in said web page.
Be reminded that the University will never ask for your username, password, or any other access credentials.
Strengthen Passwords ◊ Use Two-Factor Authentication
Two-Factor Authentication
Please turn on two-factor authentication to protect your UP Mail accounts (see how). Follow the security guidelines in UP's Email Policy Infographic and Infographic 2.
Password Strength
- Strengthen their passwords, especially by using passphrases with a combination of alphanumeric charactices. See examples here.
- Take care of your phone/laptop that has ready access to your UP accounts. Always log out of your UP mail account when not in use
Email safety
View this infographic on UP's email policy. Here is another infographic containing general tips on safety and safety.
Google Drive and One Drive
As much as possible, please set all Google Drive/Docs files—especially those containing sensitive information (See Privacy Tab)— you share to "Restricted" access: sharing them only to those who need to see/edited them. Also, please turn off the abilities of "Editors" to edit sharing permissions. Then once the event is done or the document has already served its purpose, please unshare it immediately. The general idea is that the fewer the people who have access, the less security risks there will be.
Acceptable Use Policy
Software resources of the University, including online services registered under UP (such as Zoom, the UP Mail, cloud storage), must only be used for OFFICIAL academic and administrative purposes.
The Acceptable Use Policy (AUP) of the University states “Users may not use the IT System for personal activities not related to appropriate University functions except in a purely incidental manner. Violators shall suffer a penalty ranging from suspension for one month to one year.”
Included in said policy are categories of use of our ICT resources that are allowed and prohibited. We encourage everyone to read and review the University's Acceptable Use Policy.
-
University Regulations
General Info on UP Diliman: Organizational Structure and more
The university catalogue contains the description of the degree programs and the list of courses offered by each academic unit. The size of each electronic file, in the portable document format (PDF), is given in parenthesis. To read or download, kindly follow the PDF link. THe rest of the catalog, comprising of course offerings of various colleges can be found here.
-
The University (pdf, 3.18 MB)
-
Organizational Structure (pdf, 1.18 MB)
-
Academic Information (pdf, 1.31 MB)
-
Academic Programs (pdf, 0.62 MB)
-
Services and Facilities (pdf, 0.91 MB)
-
Guide to Courses and Curricula (pdf, 0.53 MB)
-
Degree Programs Acronyms (pdf, 0.54 MB)
-
Glossary (pdf, 0.56 MB)
-
Organization-Administration (pdf, 0.58 MB)
The UP Diliman Freshie Kit
The UP Diliman Freshie Kit 2020 contains information on major university offices and their contact information, as well as a list and directory of UP Diliman colleges (as of 2020).
Student Code of Conduct 2012
Watch a short video on Student Code and Ethics. View the full Code of Student Conduct of UP Diliman.
Under the Student Code, a student shall be subject to disciplinary action for any one of the following acts:
-
-
Any form of cheating in examinations or any act of dishonesty in relation to his/her studies, including plagiarism, the act of claiming, in whole or in part, someone else’s work or ideas and passing them off as one’s own;
-
Carrying firearms or any dangerous or deadly weapon;
-
Drinking of alcoholic beverages within academic and administrative buildings, dormitories, and the immediate premises thereof, except in places expressly allowed by the University;
-
Unauthorized or illegal possession or use of prohibited drugs or chemicals, or other banned substances;
-
Gambling within the University premises;
-
Gross and deliberate discourtesy to any University official, faculty member or person in authority.
-
Creating within the University premises disorder, tumult, breach of peace or serious disturbance;
-
Making a false statement, or practicing any deception or fraud in connection with his admission or registration in, application for any grant or scholarship, or graduation from the University;
-
Damaging or defacing University property;
-
Disgraceful or immoral conduct within University premises;
-
Unlawfully taking of University property; and
-
Any other form of behavior that may constitute misconduct.
-
Data Privacy Policy: UP Diliman
In compliance with the Republic Act No. 10171, known as Data Privacy Act of 2012, the University has released the UP Diliman Privacy Policy to Students, Parents and Guardians to protect personal, sensitive and privileged information processed by the University.
A separate UP Diliman Privacy Notice for Students (revised for A.Y. 2019–2020) may also be accessed for a detailed information on and legal basis of the collection, processing and disclosure of student information. You may view the following:
♦ University's overall Privacy Policy
♦ Privacy Policy for Students, Parents and Guardians
♦ Students' rights and responsibilities as a data subject (i.e. the person whose data is being collected by the university and its employees). These include your right to access your information and to know how it is processed (stored, collected, etc).UP Diliman has a Data Protection Office that manages the university's overall privacy compliance. View the DPO website. Materials may be downloaded from the website of the National Privacy Commission.
Anti-Sexual Harassment Code
Pursuant to its powers vested by law, the Board of Regents of the University of the Philippines System hereby promulgates this Anti-Sexual Harassment Code within the jurisdiction of the University of the Philippines. Please view the full code.
Revised Code of the University of the Philippines
Download the Revised Code of the University of the Philippines (1961)
Staying healthy and fit during Remote Learning
The following are taken from "DeskFit: 20 Essential Desk Exercises You Can Do Without Leaving Your Office or Home Workspace" by the NASA Headquarters Fitness Center (Tanya Johnson, Marceleus Venable, and Kimber Williams)
Examples of Desk Exercises
Download the DeskFit document above to see what and how you can desk exercises at home. Please take your physical condition and your circumstances into account when doing the exercises featured.
Ten Tips To Stay Healthy at Work or While Working from Home
The tips below are quoted verbatim from the DeskFit document above.
1 Ensure that your workspaces in the office and at home are ergonomically set up to prevent injuries.
2 Take a break from sitting every 30 minutes. A brief 5–10-minute break can help rejuvenate your mind and prevent chronic pain.
3 Walk and use the stairs whenever possible.
4 Alternate sitting and standing throughout the day.
5 Offer walking meetings as alternatives to sitting in conference rooms.
6 Schedule time to exercise daily as a priority—as you would plan other important work responsibilities.
7 Break up physical activity into smaller durations of time—such as 10 minutes before work, 10 minutes at lunch, and 10 minutes after work—if longer durations of exercise do not fit within your schedule.
8 Incorporate microbreaks of 1–2 minutes every 30–60 minutes to stand up and stretch your entire body.
9 Use a hands-free headset for your phone so you can move around easily.
10 Eat nutritious meals and keep healthy snacks available.
A Workout at Work?
"A Workout at Work?" is an article from the Washington Post (dated 6 September 2011). It features short animations on how to do certain desk exercises. A poster version is also available for download. Please take your physical condition and circumstances into account when doing the exercises featured.
"Physical Activity Breaks for the Workplace: Resource Guide"
For a more extensive listing of exercises and information, please consult "Physical Activity Breaks for the Workplace: Resource Guide" from the Centers for Disease Control and Prevention (CDC) of the United States. Please take your physical condition and circumstances into account when doing the exercises featured.
Handbook on Protocol in the University of the Philippines
RA 9500: The UP Charter
Observe data privacy
You will/may get access to the protected information of your teacher or your fellow student, such as email address, cell phone number, place of residence, medical conditions, and religious/political affiliations, among several others. In an academic context, protected information covers your classmate's PowerPoint presentation, term paper, grade, and academic status.
-
-
Please do not share such information without his/their consent.
-
All students have legitimate access at least to their classmates’ UP Mail/DILNET email addresses to facilitate communication only on class-related matters (e.g. groupwork).
-
Sharing of personal, non-UP email addresses, or cell numbers is at the discretion of each student, though he or she may have to provide the same in certain, legitimate contexts (UP Email still unavailable).
-
Please do not reshare or reupload files shared to you via Google Drive without permission from your classmate and/or professor.
-
Please do not post screenshots of your class or your classmates on social media, again without their consent.
-
Please refrain from saving confidential documents/information by/from your classmates on your desktop/computer/phone. As much as possible, keep and access them only via Google Drive or OneDrive.
-
A list of useful tips may also be viewed from this Facebook post of the National Privacy Commission (originally in images, but converted and merge into a single PDF).
List of Memos: Office of the Vice President for Academic Affairs
View all remote-learning memoranda from the Office of the Vice President for Academic Affairs dating to 11 June 2020.
List of Memos: Office of the Vice Chancellor for Academic Affairs
View this Google Drive folder containing memos from the Office of the Vice Chancellor for Academic Affairs.
Remote Learning Policies
Remote Learning: How Will the Courses Be Delivered?
This infographic (PDF, 1 MB +) by the Office of the Vice President for Academic Affairs discusses the basics of remote learning, including two types of delivery (synchronous and asynchronous) and the content of a course pack. Details of content delivery will be discussed by your professor. It may include a variety of online applications, such as Zoom, Google Suite. See "Remote Learning" tab for details.
Guidelines for the Gradual Reopening of Face-to-Face (F2F) Class Activites
Please view these guidelines (as of 29 November 2021).
WalangForever: Making the Most of Remote Learning
In this webinar, Associate Professor Portia Padilla of the UP College of Education offers remote learning tips. Watch the 13-minute webinar on YouTube (added 2/24/2021).
What is Remote Learning: Modes of Delivery, Course Packs, Guides
This infographic (PDF, 1 MB +) by the Office of the Vice President for Academic Affairs discusses the basics of remote learning, including two types of delivery (synchronous and asynchronous) and the content of a course pack.
For tips, please watch the Isko/Iska Guide to Remote Learning, courtesy of the UP Diliman Information Office. Visit also the Remote Learning page set up by the OVPAA, which contains among other things list of remote learning guides and open access materials.
Liability of the University in a Remote Learning Setup
View document from the College of Law regarding the liability of the university and faculty over student safety in a remote learning setup.
UP Academic and Student Affairs Roadmaps for AY 2020-2021
View the UP Academic and Student Affairs Roadmaps for AY 2020-2021 (OVPAA Memo No. 2020-100).
The document outlines the preparations and programs of the univeristy for the First Semester such as academic infrastructure (Learning Management Systems, Library Resources), gadget and internet connectivity and capacity building for teaching and research. It also contains information on Student Learning Assistance System and other student support programs such peer learning groups, student helpdesk and counseling services.
-
-
IT Policy
General Safety and Use Policies
- Always log out of your UP accounts after use.
- Kindly ensure that your accounts can only be used/accessed by you (student) alone. Protect your gadget from unauthorized access, including hacking.
- Please refrain from clicking unsolicted links or from downloading unsolicited files that can harm your computer.
- Use your UP Mail/DILNET only for class/UP-related transactions. For instance, refrain from creating accounts on third-party websites using your UP Mail/DILNET.
- In case you lose your phone or computer, please log in to your account to sign out of all devices you are logged into
Zoom Dos and Don'ts
Take steps to protect your UP Mail (See UP Mail tab in CRS, DilNet tab).
Always activate meeting passwords, activate waiting room feature, don't make meeting credentials public (as applicable at least). Always upgrade to the latest software. Follow instructions here. You can also activate Zoom Registration for your meetings. Zoom lists tips on how to keep uninvited guests out of your meetings.
DOs
1. DO mute your microphone when you are not speaking to eliminate background noise and prevent disruptions during your meetings, conferences, or classes.
2. DO be aware of everything that is in view of your camera. Make sure to remove anything that is a possible disruption to the other participants viewing your video.
3. DO make sure that you are in a quiet place conducive for meetings.
4. DO dress up properly for the meeting.
5. DO check your device screen before activating the Share Screen function.
6. DO require a passcode when setting or scheduling your meeting through Zoom.
7. DO make sure that you send your Zoom meeting details (i.e. link, Meeting ID, Passcode) to those who are your invitees only.
8. DO remember that for your authentication settings, you can select the option “UP Mail Accounts Only” to make your Zoom meeting or webinar more secure (this applies if you are the one who will create/host the meeting). This will limit your attendees only to those who are members of the UP community.
DON’Ts
1. DO NOT have a distracting background when using your video.
2. DO NOT leave your microphone on when you are not speaking. Always mute your microphone when it is not your turn to speak.
3. DO NOT place your fan directly facing your desktop/laptop’s microphone. This causes unwanted whirring sounds and your voice might not be heard when you speak (or your voice becomes muffled).
4. DO NOT crosstalk. Use the Zoom feature for raising a hand (or show your physical hand in front of your camera) and speak only when recognized by the meeting host or facilitator.
5. DO NOT post your Zoom meeting details (i.e. link, Meeting ID, Passcode) on social media to prevent unscrupulous individuals from intruding your online meeting. Allowing unwanted attendees may open up your session to “Zoom Bombing”.
—Source: Dos and DOn'ts copied verbatim from email from UP ITDC, 7 June 2021
Stay safe online: know the risks
Know the kinds of risks and dangers you face online. Please view these set of slides—posted during the International Cybersecurity Awareness Day—courtesy of the Office of the Vice Chancellor for Student Affairs.
Take these steps to protect yourself from various online hazards. The slides are courtesy of the Office of the Vice Chancellor for Student Affairs. To learn more about online safety and get more resources, visit the OVCSA's Digicare page.
The UP ITDC also identifies types of security risks in a March 8, 2022 email: "Please be wary of phishing websites, emails, social media posts, and other online avenues masquerading as being associated with the University. Possible methods of attack that may be initiated against online users are the following:
-
-
-
-
Phishing is a cyber attack that obtains an individual’s sensitive data with the culprit posing as a legitimate and trustworthy institution or entity in an electronic communication. This is usually done through unsolicited email and messages on Facebook (especially fake accounts), and other social media.
-
Whaling is similar to phishing, but the culprit poses as an influential member or senior management in an organization in an attempt to use their authority, to lure other important members of that organization into providing sensitive personal information or company data. Culprits also usually do this through unsolicited email, and messages through Facebook and other social media.
-
Vishing is also similar to phishing but is done through voice technology.
-
Smishing is a phishing attack through SMS or text messages.
-
Spear Phishing is a cyber attack personalized to target a specific individual, with the culprit masquerading as someone the victim is familiar with, such as a friend or a family member. This is also done by sending unsolicited emails and messages through email and social media, like phishing.
-
Man in the Middle is a form of attack where the culprit acts as a relay or proxy in a communication between parties. The culprit can eavesdrop, impersonate one of the involved parties, or alter the communication, all while everything still seems normal to the users.
-
Man in the Browser is a similar approach to Man in the Middle, but instead there is a Trojan Horse (a type of malware) that manipulates web pages while still appearing as normal, thus possibly gaining access to the users’ transactions in said web page.
-
-
-
Be reminded that the University will never ask for your username, password, or any other access credentials.
Strengthen Passwords ◊ Use Two-Factor Authentication
Two-Factor Authentication
Please turn on two-factor authentication to protect your UP Mail accounts (see how). Follow the security guidelines in UP's Email Policy Infographic and Infographic 2.
Password Strength
- Strengthen their passwords, especially by using passphrases with a combination of alphanumeric charactices. See examples here.
- Take care of your phone/laptop that has ready access to your UP accounts. Always log out of your UP mail account when not in use
Email safety
View this infographic on UP's email policy. Here is another infographic containing general tips on safety and safety.
Google Drive and One Drive
As much as possible, please set all Google Drive/Docs files—especially those containing sensitive information (See Privacy Tab)— you share to "Restricted" access: sharing them only to those who need to see/edited them. Also, please turn off the abilities of "Editors" to edit sharing permissions. Then once the event is done or the document has already served its purpose, please unshare it immediately. The general idea is that the fewer the people who have access, the less security risks there will be.
Acceptable Use Policy
Software resources of the University, including online services registered under UP (such as Zoom, the UP Mail, cloud storage), must only be used for OFFICIAL academic and administrative purposes.
The Acceptable Use Policy (AUP) of the University states “Users may not use the IT System for personal activities not related to appropriate University functions except in a purely incidental manner. Violators shall suffer a penalty ranging from suspension for one month to one year.”
Included in said policy are categories of use of our ICT resources that are allowed and prohibited. We encourage everyone to read and review the University's Acceptable Use Policy.
