In addition to using these ideas when conducting UofM business, all of these best practices can (and should!) be adopted in your personal digital life. Please feel free to share these ideas with your family and friends to keep them secure while online. (... Just don't share your passwords!)
... are the keys to your digital kingdom. Protect them as you would the keys to your house or auto.
Don't share your passwords with anyone. (By the way, ITS will never ask for your password in assisting you with an issue.)
Long = strong. Create a passphrase rather than a password.
- String together 3 or 4 random words.
- Add a couple of numbers and special characters.
- Then add a couple of characters to remind you what website it is for.
Avoid the obvious, like parts of your name, address, phone number, names of kids, spouse or pets.
Use a different password for each website.
Use a password manager app to keep track of them.
For more guidance about password security, including password requirements for UUID accounts, visit the ITS Password Security page.
Multi Factor Authentication (MFA)
Provides an extra layer of security on your account in case the password is stolen or guessed.
MFA requires an additional means of identifying yourself like a text sent to your phone with a one-time code, a token with a passcode or a biometric signature like facial recognition or fingerprint. If your password should be cracked, the hacker still wouldn't be able to access your account unless he/she also has your phone, your fingerprint or your face ... which is quite unlikely.
It's a good idea to enable MFA on all accounts that offer it but especially on accounts involving any kind of financial transactions like banking, shopping, retirement accounts, brokerage accounts, Social Security, PayPal, Venmo etc.
MFA is your best friend in keeping your accounts secure. Consider this: without MFA enabled, the only thing between a crook and your money is the strength of your password!
Access to several computer resources are limited the University network. Remote access to the University network requires a secured and encrypted protocol.
Secure options to access the University network remotely include:
- LogMeIn Rescue is a tool that provides encrypted access to computers remotely and can be requested by a Faculty or Staff member.
- umApps provides secure, web-based access to a variety of applications. University students and faculty can access the service from any PC or Mac, on and off campus.
- Virtual Private Network (VPN) provides secure access to restricted University data and systems using an off-campus computer.
Working From Home
Personal devices can be used for University business but it is the user's responsibility to make sure they are properly protected.
Properly protected devices must have:
- Operating System (OS) and apps updated to latest version (Windows, MacOS, Office, Java, Flash, Acrobat etc.).
- Security patches installed as soon as possible.
- Updated anti-virus software running in the background. Some examples of anti-virus software are Windows Defender, Norton, McAfee, Kaspersky and Trend Micro. And YES, Macs need protection too! Macs are not immune to being hacked.
- Windows 7 and Office 2013 are no longer being patched by Microsoft and therefore should not be used. If your devices can't accept newer software, then time to upgrade!
- Catalina is the latest version of Mac OS. If your Mac can't accept the update to Catalina, time to upgrade!
If you're using a UofM issued device, don't let anyone else use it or load any software on it.
If you're using your own computer, log out of all applications and close all browser windows before allowing anyone else to use it.
Always use a VPN when off campus (while wired or wi-fi). UofM provides Cisco AnyConnect to use while conducting UofM business. Instructions and downloads can be found here: https://www.memphis.edu/umtech/solutions/vpn.php.
Ensure your home Wi-Fi network is securely configured:
- Change the default network name. Use a unique name that can't be identified as belonging to you or your house. Don't use your family name or address.
- Change the default password. The usual password rules apply.
- Use WPA3 (If available) or WPA2 security protocol. Don't use WEP or WPA protocols.
Look for the lock icon or https in the URL line to indicate secure browsing.
Just as important as protecting your digital accounts and data is taking steps to keep data and devices safe in the physical world.
- Keep a clean desk. Be sure no sensitive information in your area is visible or accessible to visitors or unauthorized people. Secure any documents or devices in locked storage when you're away from your desk or workstation.
- Never use found USB drives or any other unfamiliar devices. They could contain dangerous ransomware or other malware. Report any found devices to the IT Service Desk.
- Be careful not to store restricted data on external devices that could be lost or stolen. External storage should be encrypted in compliance with Data Storage Guidelines. Devices that contain restricted data should be inventoried, regularly audited and stored in a secure location.
- No tailgating allowed! Each authorized person entering any area requiring authorization, such as a keycard scan, should enter separately. Do not allow others to follow behind you to prohibit unauthorized access to secure areas. Report any unfamiliar visitors in secure areas.