Security Best Practices

Passwords

Maintain a complex password that only you know.  Do not share passwords.  Sharing your University passwords is a violation of University policy UM1535 - Acceptable Use of Information Technology Resources.  Guidelines and additional information can be found on ITS's Password Security website.

Anti-Virus Software

Viruses can corrupt data and slow down entire computer networks. To protect your computer from infection, install anti-virus software, and update when prompted.

SafeConnect, the University's Network Access Control (NAC) system, requires anti-virus software to be installed and up-to-date in order to run on the University's network. SafeConnect recognizes a variety of Anti-Virus software.

University owned computers/laptops can get anti-virus software installed at no cost. Contact the umTech Service Desk at 901.678.8888 to request this service by your Local Support Provider (LSP).

Spyware and Malware

Spyware or malware (malicious software) is software installed on your computer without your knowledge. It may be installed while you are downloading an application, browsing websites, reading emails, opening email attachments, or using a file sharing program online. It is recommended to use an approved SafeConnect Anti-Spyware product as mentioned above.

Operating Systems

New security concerns develop frequently. The best way to protect your computer's operating system is to install updates to the operating system. Mac and Microsoft updates are FREE to download.

Windows: http://update.microsoft.com/
Mac: http://www.apple.com/support/downloads/

SafeConnect, the University's Network Access Control (NAC) system, requires a supported operating system in order to run on the University's network. 

Report a security Incident 

Individuals should report potential security issues such as lost/stolen devices, potential data breach or exposure, compromised University account credentials, and malicious network activity. Fill out the Security Incident Report Form and provide as much information as possible for appropriate follow-up.

REPORT INTERNET/SECURITY ABUSE

ITS will never ask you to send personal information such as usernames, passwords or social security numbers via email. Additionally, you may occasionally receive unsolicited emails (spam) or phishing emails specifically designed to trick you into clicking inappropriate links. These types of emails may be forwarded to the University of Memphis Internet/Security Abuse group via email at abuse@memphis.edu.

Confidential Data Best Practices

Storage

Encrypt all confidential data that is stored on a laptop or other portable media. You can encrypt the entire hard drive of your laptop or an entire USB drive to ensure that the data cannot be viewed by anyone else.

University owned laptops and portable media devices must be encrypted. Local Support Providers (LSPs) in each department are responsible for assisting faculty and staff with this process. See the ITS Security Policies and Guidelines page for more information.

Delete/Erase

Deleting files from your computer, portable laptop or electronic storage media does not permanently remove the data. The data must be overwritten before disposal. See the ITS Security Policies and Guidelines page for more information.

Data Encryption STANDARDS

ITS has developed standards for encryption to ensure confidential data is protected from disclosure. Local Support Providers (LSPs) are responsible for assisting their users in encrypting University owned laptop hard drives and portable devices or media used to store University confidential data.

Additional information can be found within the University of Memphis Campus Data Security Policy.

ITS has the following recommendations for encryption software: