User Account Best Security Practices

Secure Your Account

  • Do not write down your account password or store it in an insecure manner.
  • Avoid using the same password for multiple accounts.
  • Do not share your user account and passwords with others.
  • Do not log into or remain logged into systems so that others are able to utilize your credentials.

Secure Your Office

  • When leaving, lock the door and keep unauthorized users away from systems.
  • Keep all media containing confidential information in a secure, physical place. For example, in a locked file cabinet.
  • Keep any paper records of passwords in a secure place.

Secure Your Computer

  • When changing your password, make sure you change it everywhere you may have your credentials stored.
  • Reboot your computer at least once a week. For example, on Fridays, when you leave for the day.
  • Close applications and log out or lock the screen of your computer when you leave your desk.

Secure Your Data

  • Keep all media containing confidential information in a secure place. For example, T Drive, or SharePoint. Please refer to the Data Privacy Policy.
  • Do not save sensitive information to portable drives.

Secure Your Email

  • Verify the contents of any email attachment before opening and never open attachments from unknown persons.
  • Never send high-risk confidential information via email or respond to any email requesting confidential information. Includes but not limited to (username, password, social security number, etc.). Legitimate businesses will never ask for this information via email.
  • Delete messages that you no longer need - some common practices include emptying your trash and outgoing mail folders.
  • If you receive an electronic communication or email that seems out of context given the sender, directing you to click an embedded link, delete the email. Learn more about phishing.
  • When emailing high-risk confidential information or personal data, please ensure that you encrypt the email. Learn more about email encryption.
  • Report phishing and spam to the ITS Cybersecurity team using the Outlook "Report" button.