Nine Tech Security and Compliance Things You Need to Know

Everyday we are faced with technology and computer use decisions that affect us both personally and professionally. The list below illustrates a few "best practices" for technology use. We hope you'll find these useful.

1. Most attacks arrive in email – be on watch for phishing emails, validate requests, and immediately report any suspicious emails with the Report Phish button.
2. Store university data only in approved locations based on the type of data (more info).
3. Set up your computer biometrics and enroll them in Duo for faster and more secure logins.
4. Don’t save passwords in your browser and use unique passwords everywhere– use a password manager like 1Password (more info).
5. When considering the use of AI tools, consider the data involved, and follow the university guidelines from the “Artificial Intelligence Memo from OIT.”
6. Compliance standards for research and administrative computing are constantly evolving. Use your managed computer and applications for accessing university data (especially High Risk data) or ask OIT Security for help. 
7. The OIT Security Research Cyber Support program can assist with your System Security Plans – reach out for assistance.
8. Thinking about a new system or application for the university?  Before you begin looking at systems, contact OIT through the IDEA form to kick off the process.
9. If you notice any potential cybersecurity threats or data-related incidents, please take action: report suspicious activity, unauthorized access attempts, lost devices, or compromised data immediately to our OIT Security Team.