Search Information Security site

 

Information Security Basics

Follow these basic steps to protect your data and identity

Delete unsolicited email messages that request your personal information or UVA protected information, such as login and password, credit card number and password, SSN, etc., even if the request appears to be from the University of Virginia, a bank, or other company with whom you do business. Legitimate organizations do not ask for personal information via email. If you get email appearing to come from someone you asking for such information, call them to confirm before responding.

  1. Change your ITS passwords at http://its.virginia.edu/accounts/wizard.html

  2. Check UVA's Security Alerts resource routinely so you get a sense of what phishing messages tend to look like. You can also send any suspicious messages you receive to abuse@virginia.edu

  3. Never share your passwords with anyone.

  4. On UVA NetBadge pages, use your certificate to login. Learn how to do this on the ITS Netbadge webpages.

  5. Protect devices and accounts with a strong passworda) Learn what constitutes a strong password, b) create ones you can remember, c) never share your password with anyone, and d) use unique passwords for your UVA accounts and any other accounts with access to important or sensitive information.  If you have reason to believe someone has learned one of your passwords, change it immediately.
  1. Use two-factor authentication:  Configure two-factor authentication for all accounts that offer the capability, such as for UVA accounts, bank accounts, personal email accounts, etc.
  1. Lock your screen even if you step away from your desk for only a few minutes.
  2. Keep your computers patched and updated.

  3. Install antivirus on all your devices and keep it updated. Running antivirus software doesn't slow your computer down nearly as much as a virus does.

  4. Use both passcode and auto-lock to secure your phone.

  5. Protect your money: When banking and shopping, check to be sure the site is security enabled, like "https://" or "shttp://".

  6. Turn off the Wi-Fi auto-connect feature on your phone.

  7. Regularly use the Identity Finder tool to find and clean up highly sensitive data.

  8. Limit the amount of personal and work information you post on the web (particularly on social media) about yourself, your colleagues, friends, and family.

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form