If you are permitted to access or maintain sensitive university data using your personally owned computer or self-managed university-owned computer, please meet these minimum expectations.
See Your Responsibilities for Protecting Sensitive Data When Using Your Own Devices for a complete list of your responsibilities when using your own devices to work with sensitive U-M data.
See additional general best practices for securing your computer at Secure Your Personal Computer.
By meeting minimum expectations below, you also protect your personal data.
Expand All Content
Require the password when your computer sleeps or the screen saver is activated. Do not allow automatic login. In System Preferences, choose Security & Privacy, then the General tab. Follow these guidelines for a strong password. Remember that you are also setting your Keychain Password when you set your login password.
For more about passwords on Mac OS, see OS X El Capitan: Understand Passwords
In System Preferences, choose Desktop & Screen Saver, then set activation time.
In System Preferences, choose Security & Privacy, then the FileVault tab. For details, see Use FileVault to encrypt the startup disk on your Mac (Apple).
For general information about encryption, see Encrypt Your Data.
In System Preferences, choose Security & Privacy, then the Firewall tab.
Untrusted networks include guest wireless in a hotel or coffee shop. Members of the U-M community can download and install the appropriate U-M VPN—Virtual Private Network— for their campus (Ann Arbor, Health System, Dearborn, or Dearborn) for a more secure computing experience on untrusted networks.. See Use a Secure Internet Connection.
Use Time Machine (built into Mac OS X) or a reliable backup utility. Be sure your backups are kept in a secure place. Secure external drives in a locked location, or choose a good cloud service backup provider.
Set your Gatekeeper settings to limit software installs to more secure sources.
Under the Apple menu, choose System Preferences, and Security & Privacy. In the General tab, set the allowed app downloads to be from Mac app store and identified developers.
VPNs—Virtual Private Networks—provide a secure computing experience when accessing a U-M network from a remote location or when using an untrusted wireless connection. See Use a Secure Internet Connection.
We recommend that people avoid connecting to U-M networks from machines running Mac OS 10.5 (Leopard) and older.
- Check the Sensitive Data Guide for services approved for use with sensitive data.
- Do not store files in the cloud with iCloud Drive if you work with sensitive university data. With OS X 10.10 "Yosemite," use of iCloud for syncing Documents & Data is enabled automatically. Turn this off in System Preferences > iCloud; uncheck the Documents & Data checkbox.
- Many Microsoft applications let you share files using OneDrive (Microsoft cloud storage). Do not do this if you work with sensitive university data.
Additional Best Practices
Consider these additional options for enhanced security for your computer and the data maintained on or accessed from it.
- Back up your data. Always keep a backup copy of files you do not wish to lose. Hard drives wear out and fail. Devices can be lost or stolen. The university offers several file storage options you can use. Check the Sensitive Data Guide to see which services are appropriate for certain types of sensitive institutional data.
- Choose web browser security settings that protect your privacy and enhance security.
- Be safe online. Learn about strong passwords, how to protect your identity, how to avoid phishing scams, and more.
- Put a sticker on your computer with your name and contact information. This low-tech, practical step enables somebody to contact you if they find your lost computer.
- Register your devices. The U-M Police Department offers a free laptop and personal electronics registration program to members of the U-M community to deter theft and assist in the recovery of stolen property.
- Travel safely with technology. Take precautions when you are away from home to protect your privacy and the university's sensitive data.
Related U-M Policies and Standards
- Responsible Use of Information Resources (SPG 601.07)
- Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33)
- Unit-Specific Requirements for Self-Management of Personally Owned Devices that Access Sensitive Institutional Data (DS-07)
- Tech Tools: Cell Phones and Portable Electronic Resources (SPG 514.04)