If you are permitted to access or maintain sensitive institutional data using your personally owned computer or self-managed university-owned computer, please meet the minimum expectations below.
See Your Responsibilities for Protecting University Data When Using Your Own Devices for a complete list of your responsibilities when using your own devices to work with sensitive U-M data.
By meeting the minimum expectations below, you also protect your personal data.
Expand All Content
Set your screensaver to activate after 15 or fewer minutes of inactivity, and require your password to unlock it.
Run the Microsoft Fix it tool for security settings
- Turn on your Windows Firewall.* It is normally turned on by default.
- Check your anti-virus protection status
- Turn on Automatic Update to keep your version of Windows updated.
- Check whether you have the latest version of Internet Explorer installed.
Use BitLocker Drive Encryption (for laptops) to encrypt your computer's hard drive.
Install U-M VPN (Virtual Private Network) software if you expect to use untrusted networks.
Turn on the VPN if using untrusted wireless networks.
Turn off optional network connections like Wi-Fi and Bluetooth when you're not using them.
Review wi-fi sharing settings and limit sharing to the minimum needed.
Be aware that Wi-Fi Sense, which is part of Windows 10, may share access to your networks with others and connect you to open networks automatically. Do not use the Express settings. Customize your settings and uncheck the options you don't want. See the Microsoft Wi‑Fi Sense FAQ.
Keep your applications updated to take advantage of security updates and other improvements.
Only install applications from reputable software providers.
Be aware of where data is being stored and store sensitive university data only in approved locations.
- Check the Sensitive Data Guide for services approved for use with sensitive data.
- Many Microsoft applications let you share files using OneDrive (Microsoft cloud storage). Do not do this if you work with sensitive university data.
Be aware that certain types of sensitive data cannot be accessed or maintained outside the U.S.
Detailed Security Instructions
Microsoft offers more detailed Windows security info and instructions:
* If you purchased a different anti-virus and/or security program with its own firewall that you use instead of the Windows firewall, that's okay. Just make sure that the firewall and anti-virus protection are turned on and that the software is regularly updated. We recommend that you use only one security program.
Additional Best Practices
Consider these additional options for enhanced security for your computer and the data maintained on or accessed from it.
- Back up your data. Always keep a backup copy of files you do not wish to lose. Hard drives wear out and fail. Devices can be lost or stolen. The university offers several file storage options you can use. Check the Sensitive Data Guide to see which services are appropriate for certain types of sensitive institutional data.
- Choose web browser security settings that protect your privacy and enhance security.
- Be safe online. Learn about strong passwords, how to protect your identity, how to avoid phishing scams, and more.
- Put a sticker on your computer with your name and contact information. This low-tech, practical step enables somebody to contact you if they find your lost computer.
- Register your devices. The U-M Police Department offers a free laptop and personal electronics registration program to members of the U-M community to deter theft and assist in the recovery of stolen property.
- Travel safely with technology. Take precautions when you are away from home to protect your privacy and the university's sensitive data.
U-M Policies and Standards
- Responsible Use of Information Resources (SPG 601.07)
- Security of Personally Owned Devices that Access or Maintain Sensitive Institutional Data (SPG 601.33)
- Unit-Specific Requirements for Self-Management of Personally Owned Devices that Access Sensitive Institutional Data (DS-07)
- Tech Tools: Cell Phones and Portable Electronic Resources (SPG 514.04)