IT Security

Best Practices for Information Security

Best Practice #1: Stay abreast of your security responsibilities

  • Meet with your supervisor to review your responsibilities for information security and to identify the laws, policies, standards and practices that are relevant to your work at ECU.
  • Consult the appropriate ECU compliance offices as needed on the proper handling of regulated data.
  • Work with your supervisor to identify opportunities to develop the knowledge and skills you need to carry out your information security and compliance responsibilities.

Compliance and regulations | ECU policies | FERPA

HIPAA | IT policies | IT security training | Sensitive data | Sensitive data storage

Best Practice #2: Report Security Issues Promptly

  • When you encounter a security issue or concern, promptly report it through the appropriate reporting channels.
  • If you are unsure if an issue should be reported or to whom it should be reported, ask your supervisor for guidance.

Report a security incident

Best Practice #3: Use Mobile Devices Thoughtfully and Securely

  • Do not store sensitive information on your smartphone or other mobile device without prior approval. Check with your supervisor on the approved uses of mobile devices for your work.
  • If you store sensitive information on a mobile device, you must ensure the information is encrypted, password protected and transmitted only over secure networks.
  • Immediately report a lost or stolen device to your supervisor and the IT help Desk.

Email encryption | AirWatch mobile device management

Best Practice #4: Remove ECU Data from devices before disposal or trade in

  • It is almost a certainty your devices contain information about you or your work that should not be shared with others.
  • Disk Sanitation Policy | Identity Finder

  • Before you sell, give away or dispose of electronic devices or media, contact the IT Help Desk for current guidance on data sanitization and device disposal.

Identity Finder | Disk Sanitation policy

Best Practice #5: Use different passwords for ECU and personal accounts

  • Use passwords for your ECU accounts that are different from those for your personal accounts.
  • Select passphrases that are easier to remember, and just as secure as shorter, complex passwords.
  • Do not share your password with others, even as a favor to a coworker.

Passphrase guidelines