How to Secure Your Information

First Steps

Your first step in ensuring your own computer security on the Stanford University Network should be proper setup and prevention. Here's how to set up:

  • Your laptop and/or desktop:
    • Visit http://ess.stanford.edu to install essential anti-virus and anti-spyware software.
    • Encrypt your computer and any external devices (external hard drives, USB drives, etc). All computers with access to the Stanford network must be encrypted.
  • Your phone or mobile device: Visit our page on Mobile Computing for tutorials on securing your phone. And if you'd like to use your device to access Stanford information (including email and calendar), check out our page on Mobile Device Management (MDM) to see if your device is approved.
  • Your server: If you're running your own server, make sure you see our page about servers to make sure it's properly secured.

Next Steps: Forming Good Computing Habits

Be proactive in protecting your information; starting good habits now can mean averting disaster later. Here are some easy (and necessary!) things you can do now, without waiting for an emergency.

Back up your computer EVERY DAY.

Use a passcode lock on your phone or mobile device—whether or not you access Stanford information with it.

Use Stanford Secure Email to send emails discussing prohibited, restricted, or confidential information

Use MedSecureSend (MSS) to securely send files up to 100GB, to colleagues at Stanford and elsewhere

Use cloud computing services responsibly; make sure you know which services are approved for what levels of sensitive information.

Maintain good security practices at home and in the office.

Make every day Information Security Day. Learn to be your own hero.

Stanford Information and Research

As we are at a School of Medicine, we have two kinds of information which must have extra layers of security: student/university information, and health/patient information. Be aware of how to deal with these special categories of information.

Know your Data Classification: Learn what kinds of information belong in which categories: Prohibited, Restricted, and Confidential information.

Properly handle Stanford Information: As a member of the university, you are personally liable for data breaches. See what's at stake, and how you can reduce your risks.

Research and Security help: If you are applying for a grant, are trying to budget for computer security, or are looking for other help with research and data management, we've got resources for you.

HIPAA: Visit our page to learn about HIPAA rules and regulations, and find out how to properly anonymize data for publication.

Questions?

If you have any other computer security questions or concerns, see our Information Security Services FAQ, or contact the IRT Service Desk at 5-8000.