Best Practices for Information Security
Best Practice #1: Stay abreast of your security responsibilities
- Meet with your supervisor to review your responsibilities for information security and to identify the laws, policies, standards and practices that are relevant to your work at ECU.
- Consult the appropriate ECU compliance offices as needed on the proper handling of regulated data.
- Work with your supervisor to identify opportunities to develop the knowledge and skills you need to carry out your information security and compliance responsibilities.
Best Practice #2: Report Security Issues Promptly
- When you encounter a security issue or concern, promptly report it through the appropriate reporting channels.
- If you are unsure if an issue should be reported or to whom it should be reported, ask your supervisor for guidance.
Best Practice #3: Use Mobile Devices Thoughtfully and Securely
- Do not store sensitive information on your smartphone or other mobile device without prior approval. Check with your supervisor on the approved uses of mobile devices for your work.
- If you store sensitive information on a mobile device, you must ensure the information is encrypted, password protected and transmitted only over secure networks.
- Immediately report a lost or stolen device to your supervisor and the IT help Desk.
Best Practice #4: Remove ECU Data from devices before disposal or trade in
- It is almost a certainty your devices contain information about you or your work that should not be shared with others.
Disk Sanitation Policy | Identity Finder
- Before you sell, give away or dispose of electronic devices or media, contact the IT Help Desk for current guidance on data sanitization and device disposal.
Best Practice #5: Use different passwords for ECU and personal accounts
- Use passwords for your ECU accounts that are different from those for your personal accounts.
- Select passphrases that are easier to remember, and just as secure as shorter, complex passwords.
- Do not share your password with others, even as a favor to a coworker.
Information Security Manuals