On This Page:
- 1. Use anti-virus & anti-malware software
- 2. Update your computer's operating system
- 3. Update your computer's software
- 4. Create a Restricted User Account & an Administrator Account for your computer
- 5. Use eduroam for wireless on campus
- 6. Use the Virtual Private Network to access the campus network remotely
- 7. Clear your browsing data
- 8. Choose strong, unique passwords
- 9. Use a password-protected screen saver
- 10. Know what constitutes sensitive data
- 11. Use Identity Finder to keep track of sensitive data
- 12. Do not store sensitive data on USB drives
- 13. Do not leave your devices unattended
- 14. Keep track of all your devices
- 14. Report any lost or stolen University-owned devices
Note: Microsoft Defender for Endpoint has replaced Sophos Intercept X Advanced endpoint protection at UMass Amherst. More information about the transition to Microsoft Defender.
For questions about Microsoft Defender, contact your area's IT Administrator, or get in touch with IT User Services.
Faculty and staff can protect their University-owned computers by checking off all items on this list. Some computers are centrally-managed by the department, but in other cases, faculty and staff are responsible for individually adhering to the University's data security policies. If applicable, check with the IT professional in your department before making changes to your computer. Your department may also have other internal security policies you need to adhere to and some checklist items may have already been completed on your behalf. For personal computing devices, see our Security Checklist for Personal Computers.
1. Use anti-virus software.
University-managed computers are already protected with Microsoft Defender for Endpoint anti-virus software.
For the best protection:
- Reboot university-managed computers regularly.
- Connect to Virtual Private Network (VPN) regularly if working off-campus.
Use Anti-virus Software
Beware of fake anti-virus software and other rogue programs. Always download software from reputable sources.
2. Update your computer's operating system.
Enable automatic updates and receive critical patches as soon as they are released. To keep your computer's operating system up-to-date, go to:
3. Update your computer's software.
Always update third-party software and plugins, especially your Web browser, Java, and Adobe products. Download software security patches and updates when prompted to do so.
Secunia CSI for departmentally-managed Windows computers | Secunia PSI for unmanaged Windows computers | Macintosh Software Update
4. Create a Restricted User Account & an Administrator Account for your computer.
Create a Restricted User Account for everyday use and keep the Administrator access for special tasks (e.g., software installation). Learn how to set up a User Account.
5. Use eduroam for wireless on campus.
Used a wired connection for Internet access whenever possible. When you must use wireless, choose eduroam. It is fast, convenient, and more secure. Use our setup wizard to configure your computer, then connect automatically from any wireless coverage area on campus.
Wireless Network Access
6. Use the Virtual Private Network to access the campus network remotely
The Virtual Private Network (VPN) provides a secure, encrypted connection between your off-campus computer and the campus network. The VPN should be used if you are remotely connecting to your workstation from off-campus.
7. Clear your browsing data.
Web browsers often store information from Web sites you visit (e.g., cookies). Clear this information often or set up your browser to do it automatically, especially if you use SPIRE or other University applications containing sensitive data. Check the browser’s help guide for instructions. We do not recommend saving passwords in a Web browser.
8. Choose strong, unique passwords.
Your UMass IT Account password should be different from your other passwords. Build your passwords using UMass IT’s Rules for Passwords and remember to change them at least twice a year (with daylight savings).
9. Use a password-protected screen saver.
‘Locking’ the screen or using a password-protected screen saver allows you to lock your computer without shutting it down when stepping away from your desk. Press the Windows key + L to lock your Windows computer. To protect your cell phone data, enable a passcode and set it to auto-lock.
10. Know what constitutes sensitive data.
Familiarize yourself with the data classification model in use at UMass Amherst. Learn more about sensitive data in practice and think about the types of University data you work with on a regular basis. Discuss your responsibilities when working with sensitive data with your supervisor.
Understand Sensitive Data at UMass Amherst | Storing & Handling Guidelines
11. Use Identity Finder to keep track of sensitive data.
Download and install Identity Finder software, then scan your University-owned computer at least twice a semester. Identity Finder helps you locate sensitive data (e.g., grades) on your computing devices. Back up important files to a secure location and delete the files you no longer need.
Identity Finder at UMass Amherst
12. Do not store sensitive data on USB drives.
Any portable storage device can be easily lost or stolen. For sensitive data, use a more secure storage space, such as a departmental server or Box, UMass IT's secure file storage system. Be sure to talk to your supervisor about recommended storage.
Box: Secure Online Storage
13. Do not leave your devices unattended.
Purchase a security cable for your University-owned laptop. Register your laptop and mobile devices with the UMass Amherst Police to help identify them in case they are lost or stolen.
UMass Amherst Police Department
14. Keep track of all your devices.
Record the make, model, and 12-character identifier (a.k.a. MAC Address) of your University-owned computing devices. This may help locate them faster if they are lost or stolen. To find a device’s MAC Address, check the below instructions, the product manual, or packaging.
Find Your MAC Address
15. Report any lost or stolen University-owned devices.
If your University-owned computing device or any device containing University data is lost or stolen, fill out the Report a Lost or Stolen University-Owned Computing Device form.