Secure Your Working Environment

Northwestern provides the University community with a robust network and access to an array of information assets critical to the business and operations of the University.

Due to the sensitivity and regulations associated with much of this data, it is essential that every member of the Northwestern community work to protect it and minimize the occurrence of security incidents.

It is your responsibility to read, understand, and comply with University policy, and to use Northwestern’s security resources – tools and support organizations that assist faculty staff, students, schools and departments – to help ensure the safe and secure operation of the network and conduct of University business.

You can also help by following the security practices outlined below. Always check with your local technical support staff before implementing changes.

1. Protected Data

Treat all sensitive data as a highly valuable asset and minimize the chance that it is released to unauthorized users:

Identify sensitive data inputs, location, and sensitivity
Do not use Social Security numbers as an identifier, use employee or student ID instead
Encrypt private data sent across the network; see your local technical support staff
Save sensitive data files to a network drive, not personal computer
Restrict access to sensitive data to those who "need to know"

2. Careful Disposal

When you no longer need sensitive data, it is better to dispose of it than continue to account for it. Ensure data cannot be recreated and follow careful disposal best practices:

Only store necessary data
Shred papers containing sensitive data
Follow the Disposal of Northwestern University Computers Policy
Sanitize hard drives of disposed computers to remove sensitive data
Dispose computers through University Services' Computer and Peripherals Recycling Program

3. Safe Connections

Sensitive data is more easily stolen when it is being shared between users, so take note of the connection you use. Unapproved wireless networks, e-mail, and public computers are particularly vulnerable to security breaches.

Use only Northwestern-approved networks and wireless access points
Do not e-mail private data, as messages can be intercepted
Use Virtual Private Network (VPN) when off-campus for a secure connection
Find out more about University policy regarding Security Risks of Network Extentions

4. Be Prepared

In the event of a disaster or a security incident, do you know what to do? These events occur unexpectedly, so find out in advance how to respond:

Report any known or suspected security incident to your management, your local technical support staff, and NUIT's Network Operations Center at (847) 467-NNOC (6662). You can also e-mail security@northwestern.edu
Learn about your school or department's business continuity plans from your dean or department chair
Make regular system backups and test your system restore function; check with your technical support staff for details

Support Contact

NUIT Information and Systems Security/Compliance

security@northwestern.edu

Last Updated: 08 June 2007


		Services \| Get Connected \| Support \| Academic Resources \| About NUIT Students \| Staff/Faculty \| Visitors/Media \| Site Map \| Online Directory Northwestern Home \| Northwestern Calendar: Plan-It Purple \| Northwestern Search Information Technology 1800 Sherman Avenue Evanston, Illinois 60201 E-mail: it-feedback@northwestern.edu World Wide Web Disclaimer and University Policy Statements © 2007 Northwestern University