IT Security is everyone's business. The following basic guidelines may help you to keep your devices, systems and accounts secure.
Keep Software Up-To-Date
- Out of date software and operating systems can be subject to vulnerabilities which can compromise the security of your device. Regularly check for and install updates on your device for both the operating system (Windows, Mac, Android, etc.) and software on your devices.
Never Share Your Password
- Always be cautious of those who ask for personal or sensitive information; the University and other legitimate organisations and institutes will never request your password. Keep this safe and secure at all times.
Use Secure Passwords and MFA
- For your university account, use a password with sufficient complexity which aligns with password guidelines, available to view here. Also, avoid using the same password for multiple accounts. MultiFactor Authentication (MFA) is an extra layer of security for your University account, in addition to your password. This additional security involves the verification of your identity using an additional factor, e.g. one factor may be something you know, such as a password or PIN, and the additional factor may be something your have, such as a smartphone. This prevents others from accessing your account, even if they know your password. For more information, click here.
Avoid Working with Administrator Rights
- While working with full administrator rights on your device, malicious programs will have unrestricted access to your system. For everyday use, work with your standard account with limited rights to make changes to your system. If administrator rights are required to make changes or install software on your device, review the detailed guides and information provided on Admin By Request.
Backup Your Data
- Avoid saving data on your local hard drive, USB or other removable devices. Instead, save your data to OneDrive and Teams. For more guidance, review the information available to view here.
Be Aware of Phishing
- Phishing emails present in many forms, e.g., as links to documents, warnings to reset your password, or invitations to scan a QR code within the email. Following any of these links or scanning the code can bring you to what appears at first glance to be a genuine MU Office 365 login screen but is in reality a false copy of a login screen, or even a false imitation of MFA authentication. This is designed to unlawfully capture your email address and password, or to trick you into authorising illegal access to your account. For more information on phishing, click here.
Take Care when Sharing your Screen
- During an online meeting, if you wish to share your screen, close anything you don't wish others to see and ensure that notifications and pop-up alerts are disabled. See the following information if you require further guidance:
Don't Keep Data if Not Required
- Deleting data that you no longer require with free up storage space and this will also mean that you have less personal information at risk if you suffer a personal data breach.
Dispose of old IT Equipment
- If you have MU hardware that is no longer required, ensure to dispose of this in a responsible and secure manner. To do this, please click here and raise a service request via the 'Equipment Return' request.