What are the rules?

• Information technology is available to every student, faculty and staff member in support of the essential mission of the University.

• We are each responsible for protecting these resources.

• Being careless with university resources can put your work, your research, your job, even your career at risk.

What are the rules?• The Acceptable Use Policy (AUP) contains

official guidelines for the responsible use of information technology resources at the University.

• The AUP describes your rights and responsibilities when using and accessing university resources.

• Acceptable Use Policy: www.utexas.edu/its/policies/aup

IT Compliance Training

I. Securing your computer

II. Complying with federal copyright law

III. Protecting sensitive data

IV. Safe electronic communications

I. Securing Your Computer

• Create strong passwords

• Protect your UT EID

• Install security software

• Log off or lock your computer

Strong Passwords• Use a combination of upper and lower case

letters, numbers and symbols.

• Use between 8 to 20 characters.

• Consider using a phrase, such as: “mYdoghA$fLe&s2” .

• Use different passwords for your different accounts—especially your university accounts.

Unsafe Passwords• Your name, birth date, social security number, address or

anything that can personally identify you.

• Any word found in a dictionary, even spelled backwards.

• Words using numbers in place of letters (“mym355ag35” or “mymessages”).

• Keys found next to each other on the keyboard (asdfghjkl).

• Repeating patterns (aaaaaa or 4444).

Password Guidelines

• Don’t give them out or share with anyone.

• Don’t write them down and keep them near your computer.

• Change your passwords regularly – every 6 months or so.

• Don’t enable the “Save Password” option if you are prompted to do so.

Protect your UT EID• Every student, faculty and staff member is

provided with their own UT electronic identification, or EID.

• The UT Electronic ID Agreement.

• Your EID acts as your legal signature on university materials.

Don’t share it!Don’t trade it!Don’t abuse it!

Installing Security Software• Install security software to protect your

computer from:Viruses SpywareSpam

• Update often or set to “auto update”• “BevoWare” provides security software

licensed by the university for your use• Download it at no cost

www.utexas.edu/its/bevoware

Log Off or Lock Up Your Computer

• Log off or lock up your computer when away for any length of time.

• Physically lock up your computer at the end off the day.

• Lock access to your office, lab, or work area to prevent theft.

• It only takes a moment for a thief to steal your computer—and years of your work!

II. Complying with Federal Copyright Law

• It is against federal law to illegally download copyrighted materials, including:

MusicMoviesSoftware

• It is a violation of university policy to use campus resources to illegally download or otherwise infringe on copyrighted materials.

Complying with Federal Copyright Law

• The university complies with all legal requests regarding copyright infringement.

• Consequences for employees infringing on copyrights can be very serious:

University disciplinary actionLarge monetary finesPrison terms

III. Protect Sensitive Data

• All data stored on university resources must be classified into one of three categories based on the need to maintain the data’s

ConfidentialityIntegrityAvailability

Category-I Data• Considered restricted and confidential.• Protected by state or federal law.• Never disclose or use Category-I data

without proper authorization.• Includes:

Social security numbers (SSN).Personal information for students,

donors or employees.Business data, such as contract terms

or status.

• Unauthorized disclosure of Category-I data may result in:

Cancellation of network access.Criminal prosecution.

• Category-I data is protected by directives from: UT System, The State of Texas, and Federal Legislation.

• More information about Category-I is found online at: www.utexas.edu/its/policies

Category-I Data

Category II & III Data

• Category-II Data: data subject to an “open records” request, per the Texas Public Information Act.

• The Texas Public Information Act provides public access to state business and affairs, including work at the University.

• Category-III Data: data not requiring special protection.

IV. Safe Electronic Communications

• E-mail and instant messages (IM) are not private.

• Never send a message you wouldn’t want to see in the newspaper.

• Never send sensitive information, such as account numbers, credit card numbers, passwords, or SSN, via e-mail or IM.

Safe Electronic Communications• Be suspicious of urgent messages asking for

personal information.

• Delete attachments you aren’t expecting and be cautious if referred to a Web site; viruses and spyware are often spread this way.

• Only IM with people you invite and never click on a link in an instant message.

• If you are unsure, contact the sender off-line. But don’t use the contact information provided.

IT Compliance Training

Acceptable Use Policy

• www.utexas.edu/its/policies/aup

Information Security Office (ISO)

• 512/475-9242 • abuse@utexas.edu

Review Your Knowledge

The University of Texas at AustinGeneral Compliance Training Program