Body
Securing Personal Computers
In recent years, several high-profile security breaches have occurred not due to sophisticated hacking or malware, but because of something far more basic physical theft. In some cases, thieves didn’t even steal the entire computer; they removed just the hard drive. Unfortunately, these stolen devices often contained highly sensitive and confidential information.
Think Before You Save
Before storing private or confidential data on your computer or portable storage devices (such as USB drives), consider the potential consequences of that data being stolen or accessed by malicious software like Trojan horses. Ask yourself:
- What would happen if this data were exposed?
- Is my computer the most secure place to store this information?
- Should this data be encrypted or stored elsewhere?
If the answer to any of these questions raises concern, consider alternative storage solutions such as secure cloud services with encryption or institutionally approved data repositories.
Backup and Data Hygiene
Regularly back up important files and store them in a secure, separate location preferably offsite or in the cloud with strong encryption. Periodically review the files stored on your devices and securely delete those that are no longer needed, especially if they contain sensitive information. Use secure erase utilities to ensure deleted files cannot be recovered.
Important: University policy strictly prohibits storing Social Security Numbers (SSNs), credit card information, or other personally identifiable information (PII) on portable computing devices or removable media.
Keep Software and Security Tools Updated
Laptops, especially those used for travel or remote work, are frequently connected to various networks, increasing their exposure to threats. To mitigate risks:
- Install and regularly update antivirus and anti-malware software.
- Enable automatic updates for your operating system and applications.
- Use a personal firewall to monitor and control incoming and outgoing network traffic.
- Ensure your device is configured to receive security patches promptly.
University-owned laptops can be brought to the IT Help Desk in the JSSB for maintenance and security checks.
Physical Security Matters
Preventing theft is just as important as digital security:
- Never leave laptops, tablets, or smartphones unattended in public or unsecured areas.
- Store devices out of sight when not in use, especially in vehicles or shared spaces.
- Use cable locks or secure storage cabinets when possible.
- Label your devices with contact information and consider using tracking software.
Access Control and Encryption
All portable computing devices should be configured with:
- A boot-up password to prevent unauthorized startup.
- A secure login process using strong passwords or biometric authentication.
- Full-disk encryption to protect data in case the device is lost or stolen.
University-issued Windows laptops are equipped with whole-drive encryption by default. If you use a personal device for university work, ensure it meets similar security standards.
Evaluate Additional Security Tools
There are many security tools and devices available, such as hardware tokens, biometric scanners, and encrypted USB drives. While these can enhance security, their quality and effectiveness vary. Research and compare options carefully before purchasing.