Search Google Appliance

Information Technology

Security Checklist for University-Owned Computers

Find answers to your technology questions in the new IT Knowledge Base!

For the most up-to-date information, see our new Knowledge Base.
Support articles on the IT website are being retired, and may not be updated.

Find an updated version of this article

Continue to check the IT website ( for news and updates about technology at UMass Amherst.

Note: Microsoft Defender for Endpoint has replaced Sophos Intercept X Advanced endpoint protection at UMass Amherst. More information about the transition to Microsoft Defender.
For questions about Microsoft Defender, contact your area's IT Administrator, or get in touch with IT User Services.



Faculty and staff can protect their University-owned computers by checking off all items on this list. Some computers are centrally-managed by the department, but in other cases, faculty and staff are responsible for individually adhering to the University's data security policies. If applicable, check with the IT professional in your department before making changes to your computer. Your department may also have other internal security policies you need to adhere to and some checklist items may have already been completed on your behalf. For personal computing devices, see our Security Checklist for Personal Computers.

1. Use anti-virus software.

University-managed computers are already protected with Microsoft Defender for Endpoint anti-virus software. 
For the best protection:

Use Anti-virus Software 
Beware of fake anti-virus software and other rogue programs. Always download software from reputable sources. 

2. Update your computer's operating system.

Enable automatic updates and receive critical patches as soon as they are released. To keep your computer's operating system up-to-date, go to:

  • Windows:
  • Macintosh: System Preferences > Software Update...

3. Update your computer's software.

Always update third-party software and plugins, especially your Web browser, Java, and Adobe products. Download software security patches and updates when prompted to do so.

Secunia CSI for departmentally-managed Windows computers | Secunia PSI for unmanaged Windows computers | Macintosh Software Update

4. Create a Restricted User Account & an Administrator Account for your computer.

Create a Restricted User Account for everyday use and keep the Administrator access for special tasks (e.g., software installation). Learn how to set up a User Account.

5. Use eduroam for wireless on campus.

Used a wired connection for Internet access whenever possible. When you must use wireless, choose eduroam. It is fast, convenient, and more secure. Use our setup wizard to configure your computer, then connect automatically from any wireless coverage area on campus.
Wireless Network Access

6. Use the Virtual Private Network to access the campus network remotely

The Virtual Private Network (VPN) provides a secure, encrypted connection between your off-campus computer and the campus network. The VPN should be used if you are remotely connecting to your workstation from off-campus. 

7. Clear your browsing data.

Web browsers often store information from Web sites you visit (e.g., cookies). Clear this information often or set up your browser to do it automatically, especially if you use SPIRE or other University applications containing sensitive data. Check the browser’s help guide for instructions. We do not recommend saving passwords in a Web browser. 

8. Choose strong, unique passwords.

Your UMass IT Account password should be different from your other passwords. Build your passwords using UMass IT’s Rules for Passwords and remember to change them at least twice a year (with daylight savings).

9. Use a password-protected screen saver.

‘Locking’ the screen or using a password-protected screen saver allows you to lock your computer without shutting it down when stepping away from your desk. Press the Windows key + L to lock your Windows computer. To protect your cell phone data, enable a passcode and set it to auto-lock. 

10. Know what constitutes sensitive data.

Familiarize yourself with the data classification model in use at UMass Amherst. Learn more about sensitive data in practice and think about the types of University data you work with on a regular basis. Discuss your responsibilities when working with sensitive data with your supervisor.
Understand Sensitive Data at UMass Amherst | Storing & Handling Guidelines

11. Use Identity Finder to keep track of sensitive data.

Download and install Identity Finder software, then scan your University-owned computer at least twice a semester. Identity Finder helps you locate sensitive data (e.g., grades) on your computing devices. Back up important files to a secure location and delete the files you no longer need.
Identity Finder at UMass Amherst

12. Do not store sensitive data on USB drives.

Any portable storage device can be easily lost or stolen. For sensitive data, use a more secure storage space, such as a departmental server or Box, UMass IT's secure file storage system. Be sure to talk to your supervisor about recommended storage. 
Box: Secure Online Storage

13. Do not leave your devices unattended.

Purchase a security cable for your University-owned laptop. Register your laptop and mobile devices with the UMass Amherst Police to help identify them in case they are lost or stolen.
UMass Amherst Police Department

14. Keep track of all your devices.

Record the make, model, and 12-character identifier (a.k.a. MAC Address) of your University-owned computing devices. This may help locate them faster if they are lost or stolen. To find a device’s MAC Address, check the below instructions, the product manual, or packaging.
Find Your MAC Address

15. Report any lost or stolen University-owned devices.

If your University-owned computing device or any device containing University data is lost or stolen, fill out the Report a Lost or Stolen University-Owned Computing Device form.