Tufts University Logo SITE_NAME

Search  GO >

this site tufts.edu people
SITE_NAME SITE_NAME SITE_NAME  
 
SITE_NAME SITE_NAME 6

IT Data Security

This section contains information on IT security and includes links to internal Tufts websites about the subject. Visit the Tufts Technology Services website under Information Security for more  information.

What should I know about safe computing and data security?
Tufts invests significant resources to ensure the security of electronic data and desktops and wireless devices connected to the Tufts network. The University strives to implement appropriate security control measures to reduce the risk of unauthorized access to confidential and proprietary information. For questions, additional information, or to request a security consultation for your organization, go to the TTS Security Consulting  website, email it@tufts.edu or call (617) 627-3376.

What can I do to reinforce secure and safe computing practices at Tufts?
In the Tufts computing environment, the most important actions to promote IT data security and integrity is user information security awareness and communication. A user should be familiar with the signs of unmanaged risks to data security  such as: using weak/easy to guess (or visibly displaying) or sharing passwords,  failing to install or update virus protection, responding to “phishing” schemes, leaving computer screens containing sensitive data visible while unattended, failing to log-out of systems when no longer in use and installing programs from untrusted sites. If you believe your computing environment has been compromised or need advise on how to better secure your computing assets contact the TTS Office of Information Security.

What should I know about user password management and best practices?
Passwords used to access sensitive applications and data should be private, not shared with others and meet minimum basic standards that reduce the likelihood of their compromise. Adoption of a password that is not readily “guessable”, not a commonly used term (e.g., last user name, sports teams, Tufts-related words such as Jumbos, elephant) or generic (e.g., password, guest, student, etc.), is a “non-dictionary” term and includes eight (or more) alpha-numeric characters in length is the most effective control we have to control access to Tufts’ applications, systems and confidential data.

Default passwords shipped with certain IT hardware and applications should always be changed or disabled when installed. Passwords should not be displayed or affixed to the side of terminals, under keyboards/mouse-pads or other common “insecure” areas. Refer to the TTS Password Security guidelines for more information.

Has Tufts established specific guidance related to my responsibilities as a user of Tufts’ computing IT resources?
The University has established two important communications regarding the appropriate use of University information technology resources at the following websites:

 

Return to top