University of Michigan - Flint

University of Michigan-Flint

Safe Computing: Data Privacy and Protection

Faculty/Staff:

As a UM-Flint faculty or staff member you most likely have access to sensitive information that is protected by such federal and state regulations as FERPA, FOIA, HIPPA, GLBA and others.  It is of the utmost importance that you have a clear understanding of what information needs to be protected, and how to protect it.  For a quick lesson on what information is considered sensitive, check out the link "MAIS Online Course for Data Protection/Privacy" on the right.  The links listed below can give you a few tips on how to keep sensitive information safe.

Students:

As a UM-Flint student you may or may not have access to sensitive information that is protected by federal and state regulations, but you do have access to your own information.  You probably don't want someone signing you up for classes you don't want, erasing your H: drive, or sending embarrassing emails out to everyone you know from your account.  To keep these things from happening the number one most important thing you can do is keep your password private, and to make sure  you log out from the computers in the open computer labs when you are done.  For more tips check out the links below.

Threats to Your Data Privacy and How to Protect Sensitive Information

Disposing of old computers or hard drives

Properly erasing information from a computer is just as important as logging out.  Before you dispose of a computer, or replace a hard drive, make sure that you clean it with special software to make sure that future owners of the equipment can't access your information.  Even if you think it's just going in the garbage, completely wipe all of the information.  Remember, your trash may be a criminal's treasure.

You need to do more than just delete your files—you need to sanitize your hard drive. You can purchase low-cost software for this purpose; check out some good choices at http://safecomputing.umich.edu/tools/clean_drive.html. For more information, check out the data removal policy and procedures on the University’s Property Disposition Web site: http://www.umich.edu/~ofa/PropDisp/html/compprocedure.html

Google Desktop - Possible Threat to Sensitive Information

ITCS at the University of Michigan - Ann Arbor has recommended that university employees do not use Google Desktop. Google Desktop’s “Search Across Computers” feature places potentially sensitive information in a situation where it may be vulnerable to theft. If you feel that you need to use Google Desktop, please make sure that you configure it appropriately to minimize the risk of information theft.

Keeping Your Virus Scan Up-to-date

Keeping your computer virus and spyware free is a great start to protecting private information.  If you don't have a virus scanning software, UMF students/faculty/staff can get it free from ITS.  See Quicknote #26 for more details.  Once you have the most recent version of anti-virus software make sure you keep it up to date.

Lock Your Computer

Whenever you step away from your office computer, even if it's just to run to the bathroom, you should always lock it.  Locking your computer prevents people from using your computer while you are away, accessing your information, or accessing other people's personal information if you have access to programs such as Banner.  To lock your computer simply press Ctrl + Alt + Delete and select "Lock Computer" from the menu.  Remember: YOU are responsible for all actions executed under your uniqname, even if it's something you didn't do. 

Picking a Secure Password

By picking a secure password you are reducing the chance that someone can guess your password, and gain access to your account (with all of the accesses and privileges that you possess).  Check out the Password Security Campaign for more tips on selecting secure passwords, and a list of prohibited passwords.

Using computers in open computer labs

Using the computers in the open computer labs (or the instructional computer labs) is really convenient; however, it can be dangerous if not done properly.  If you forget to log out of a computer in the labs after you're finished using it, then the person after you may decide to send an email to everyone in your address book saying what a dork you are (or worse!).  In addition to this risk, when you use a computer in the labs you may also unknowingly leave behind sensitive information (such as your name or address) in the form of cookies from websites you have visited.  To safely use the computers in the open computer labs always follow the steps below:

  1. Log out of the computer when you are done.  This step is the easiest and most important to keeping your account safe. 
  2. Clear out the internet browser's cache and history.  While it is unlikely that someone will just stumble upon something important in the cache/history it could still happen (especially if you were just doing some online shopping!).  To clear out Internet Explorer's cache select "Tools" --> "Internet Options" and then "Delete Cookies", "Delete Files", "Clear History". 
  3. Never leave the computer logged in when it is out of your sight.  If you're going to run down the hall to use the restroom, log out of the computer.  Five minutes is all it takes for someone to send inappropriate emails from your account, erase your H: drive, and/or sign you up for a few extra classes next semester.

ITS Home