Security Tips & Best Practices
Keeping your system and data secureby following good security practices can help others in the University community benefit from decreased risk. The following security best practices have been sorted based on your needs.
Visit the policies section of the Information Technology reference guide for more information about other guidelines.
How to be secure
Secure Your Office
- When leaving, lock the door and keep unauthorized users away from systems.
- Keep all media containing confidential information in a secure place.
- Keep any paper records of passwords in a secure place.
- Avoid applications that use excessive bandwidth.
- Turn computers off when leaving for the day or during extended periods of inactivity unless a special need requires that they are left on.
Secure Your Computer
- Password-protect your screen saver in high traffic or insecure areas and on mobile devices. When changing your password, make sure you change it everywhere you may have your credentials stored.
- Close applications and log out when away from your computer.
- Install and maintain anti-virus and anti-malware software, and update the definitions regularly. Scan all removable media for viruses before using them. Free anti-virus software is available for UIT students, faculty and staff.
- Mac and Windows computers come with built-in firewalls. Home users may wish to download and use Zone Alarm personal firewall software for Windows from Zonelabs, Inc. This is free for personal use.
- Keep systems updated with all of the current security patches. Where possible, turn on automatic updates to apply operating system security updates. When using images to support multiple systems, be sure the image is updated regularly with all applicable patches and virus definitions. Check regularly for updates to third party applications such as Adobe, Flash, Java, etc. or consider using an automated patching solution. Automatic updates offered by Windows and Macs do not always patch these applications.
Secure Your Data
- Back-up systems thoroughly and often, and store your back ups in a separate secure location. UIT provides Tivoli Storage Manager, a free backup service, for faculty and staff computers.
- Do not save sensitive information to portable drives. Be sure to encrypt sensitive data wherever it is stored.
Secure Your E-mail
- Verify the contents of any email attachment before opening with the sender and never open attachments from unknown persons.
- Do not respond to any email with confidential information (username, password, social security number, etc.). Legitimate businesses will never ask for this information via E-mail.
- Delete messages that you no longer need - some common practices include emptying your trash and outgoing mail folders.
- Report spam or suspect messages to firstname.lastname@example.org.
- Change your password at least once a month using strong password guidelines.
Tips for IT Administrators
- Llimit the use of administrator privileges. Restricting access rights in this way will help prevent the potential installation of malware and other unwanted software by unsuspecting users.
- Keep systems updated with all of the current security patches. Where possible, turn on automatic updates to apply operating system security updates. When using images to support multiple systems, be sure the image is updated regularly with all applicable patches and virus definitions.
- Delete all data from computers before they are sent to property management.
- Enable computer firewalls. Mac and Windows computers come with built-in firewalls.
- Ensure that all users complete Security Awareness Training.
- Enforce policies to prevent the installation of unlicensed/unapproved software.