6.Use encryption for viewing and exchanging sensitive data
You should always use encryption to view web sites containing sensitive data. You can tell if a web site is using encryption if the web address begins with "https".
If you have created a web site that collects sensitive data, you should be sure that the site forces users to use encryption when submitting data and that the data, once submitted, is being stored securely.
Remember, email is not encrypted and therefore should not be used to exchange sensitive data. If you have need to transfer sensitive data via email, the information should be sent in a password-protected zip file attachment. Tell the recipient the password in person or via telephone, not via email. For a corollary caution see #8.
Finally, remember that when using wireless connections, they are not secure. Any data you may be accessing can be captured someone using similar technology. When accessing data and information that is confidential, you should only use a connection that is hardwired to your machine.

7.Do not install unapproved software
Only the programs found in Start > USM Apps > Install have been approved for installation on University computers. If you feel you need to install a piece of software not found there, you must get the approval of DoIT staff first.
Do not install free software found on the Internet. These programs often present a great security risk. To avoid this, be very wary, when surfing the Internet, of pages that offer anything for free by just “clicking here”. If unexpected pop up messages are displayed while surfing the Internet, use the “X” in the upper right corner of the message to close it.

8.Think before opening email attachments
Be suspicious of emails with attachments that you were not expecting to receive, even if they appear to be from someone you know. If it appears to be from someone you know, before you open it, contact them and confirm that they intended to send you the attachment. For a corollary caution see #6

9.Schedule an antivirus scan of your computer
Most of us have a weekly staff meeting. At these times your computer is usually sitting idle in your office. That is a perfect time to schedule an antivirus scan of your computer to run. These can run while your computer is locked. If any viruses are detected, please report them to the HelpDesk.

10.Be careful using Internet Explorer
We feel it is best to only use Internet Explorer for those websites that require it (i.e., PeopleSoft) and use a different browser for all other web activity. The Internet Explorer web browser that comes with Microsoft Windows seems to have a new security flaw almost every month. While we apply patches for these flaws as quickly as possible, DoIWeb Browser. You need to get approval before installing any other browse.