Security Checklist for University Computers

Faculty and staff can protect their University-owned computers by checking off all items on this list. Most computers are centrally-managed by UMass Dartmouth CITS, but in some cases, faculty and staff are responsible for individually adhering to the University's data security policies. If applicable, check with the IT professional in your department or CITS before making changes to your computer. Your department may also have other internal security policies you need to adhere to and some checklist items may have already been completed on your behalf.

1. Use anti-virus & anti-malware software.

Download and install Sophos anti-virus software on your University-owned computer (it's free!). Make sure you have the latest version of the software, your virus definitions are set to update automatically, and on-access scanning is enabled. We recommend that you run a full scan of your computer at least once a month.

Note: Please do not use the personal version of Sophos anti-virus software on University-owned computers.

Beware of fake anti-virus software and other rogue programs. Always download software from reputable sources.

2. Update your computer's operating system.

Enable automatic updates and receive critical patches as soon as they are released. Computers that have been built by CITS automatically receive all security updates. Otherwise, to keep your computer's operating system up-to-date, go to:

Windows:        update.microsoft.com

macOS:           System Preferences > Software Update...

3. Update your computer's software.

Always update third-party software and plugins, especially your Web browser, Java, and Adobe products. Computers that have software installed and managed through SCCM (Windows) and Self-Serivce (macOS) will receive updates automatically. Download software security patches and updates when prompted to do so. 

4. Use a restricted account for your computer.

Most university-owned computers are connected to the UMassD Logon as a restricted user account for everyday use.

UMass Dartmouth CITS provides a self-service, temporary account elevation mechanism on both Windows and macOS computers to perform basic configuration tasks (e.g. to install printer drivers). All activities while using the elevated account privileges are audited. Locally created admin accounts will automatically be removed.

If you have a legitimate reason for a longer-term elevated account, please contact UMass Dartmouth CITS at 508.999.8900 or submit a case using the IT Help form.

5. Use eduroam for wireless on campus.

Used a wired connection for Internet access whenever possible. When you must use wireless, choose eduroam. It is fast, convenient, and more secure.

For more informaton, see network and wireless access.

6. Use the Virtual Private Network to access the campus network remotely.

The Virtual Private Network (VPN) provides a secure, encrypted connection between your off-campus computer and the campus network. The VPN should be used if you are remotely connecting to your workstation and university systems from off-campus. 

7. Clear your browsing data.

Web browsers often store information from web sites you visit (e.g., cookies). Clear this information often or set up your browser to do it automatically, especially if you use COIN or other University applications containing sensitive data. Check the browser's help guide for instructions. CITS does not recommend saving passwords in a Web browser.

8. Choose strong, unique passwords.

Your UMassD Logon password should be different from all of your other passwords. Build your passwords using UMassD Logon account standards and rules for passwords. 

9. Use a password-protected screen saver.

"Locking" the screen or using a password-protected screen saver allows you to lock your computer without shutting it down when stepping away from your desk. Press the Windows key + L to lock your Windows computer. To protect your mobile device data, enable a passcode and set it to auto-lock.

10. Know what constitutes sensitive data.

Familiarize yourself with the data categorization model in use at UMass Dartmouth. Learn more about sensitive data in practice and think about the types of University data you work with on a regular basis. Discuss your responsibilities when working with sensitive data with your supervisor. 

11. Use Spirion (formerly Identity Finder) to keep track of sensitive data.

Spirion software comes pre-installed on all CITS managed computers. Scan your University-owned computer at least twice a semester. Spirion helps you locate sensitive data (e.g., grades) on your computing devices. Back up important files to a secure location and delete the files you no longer need.

12. Do not store sensitive data on USB drives.

Any portable storage device can be easily lost or stolen. For sensitive data, use a more secure storage space, such as a university file share or OneDrive. Be sure to talk to your supervisor or UMass Dartmouth CITS about recommended storage.

13. Do not leave your devices unattended.

Lock your office, use a security cable for your University-owned laptop, or lock it in a drawer / cabinet. University-owned computers are covered by CompuTrace for the anticipated lifespan (3-4 years for laptops).

14.  Keep track of all your devices.

Record the make, model, and asset tag number (UMass Dartmouth barcode label) of your University-owned computing devices. This may help locate them faster if they are lost or stolen.

15.  Report any lost or stolen University-owned devices.

If your University-owned computing device or any device containing University data is lost or stolen, report it to the UMass Dartmouth Campus Police and CITS.

16. Related Documents

The UMass campuses strive to maintain consistent IT policies. The Information Security Policy and related documents have been adopted with permission from UMass Amherst.