How to Protect Your Data

Published on: November 25, 2013

Security concept: data security on digital backgroundNotice to Faculty and Staff Computer Users re Data Encryption

Committed to protecting its information resources, the University has issued a “Guideline regarding security for personal and other confidential information.” The guideline requires that personal and other confidential information in electronic form be protected by properly implemented encryption unless it is kept in a secure server environment with appropriately restricted users rights.

This means that staff or faculty who need to put personal or other confidential information on a device other than a secure server, such as a desktop computer, laptop, or portable storage device (e.g. flashdrive, or external disk), MUST encrypt such data to mitigate the risk of unauthorized access. For complete information about this encryption requirement and the PC, Mac and LINUX resources available to comply can be found at the Information Technology Services encryption website. Contact your local IT support unit to have data encryption software installed.

Encryption only works if you apply it carefully, with common sense.

For example:

Use long, hard-to-guess passwords, like a phrase that you are likely to remember,
  • Never keep passwords on or around the computer.
  • Update your operating system and software frequently.
  • Use and regularly update anti-virus software, or better – a suite of security software that includes anti-virus, local firewall, and anti-spam software. See the Antivirus page for university licensed resources.
  • Backup data to a secure server environment.

Attacks on information evolve to keep pace with new technology – protect yourself from attempts to trick you into divulging sensitive information, and take steps to secure your smart phone in the event it’s lost or stolen: 

  • Phishing‘ attacks are attempts to improperly solicit personal or other sensitive information (such as bank account login information) by way of forged emails that direct you to fraudulent web sites. Learn here how you can identify if a web site is fraudulent.
  • If you lost your mobile phone or device, would you be confident that whomever found it could not read your private email or your contact list? Learn here how to configure your iPhone, BlackBerry, Android, or Windows phone to protect the data it carries if it’s ever lost or stolen.

Protecting your data with encryption is like defensive driving – it can only do so much good if your car is in poor repair.

Again, more information on the tools available to help you comply with the encryption requirement is available on the U of T Encryption website. Contact your local IT support unit to have data encryption software installed.

Additional Resources:

  1. Information Technology Services has a Facebook photo album with examples of phishing messages and how to identify common phishing and e-mail scam attempts.  We always share these photos via Facebook and Twitter.  Follow us!