• Report an IT Security Incident
  • Request Help
  • Help & Support
    • Working/Learning Remotely
    • Request Help
    • Live Chat
    • Track a Ticket
    • Knowledge Base
    • Getting Started
    • Contact Us
    • ITS Alerts Sign Up
  • Service Catalog
    • Accounts & Access
    • Communications & Collaboration
    • Computers & Software
    • Data, Reporting & Analytics
    • Network & Internet Services
    • Pilot Services
    • Professional Services
    • Research Computing
    • Teaching & Learning
    • University Applications
    • Web, Servers & Hosting
  • About ITS
    • Our Team
    • Strategic Plan
    • Annual Reports
    • Awards
    • Student Employment
  • Working with ITS
    • Architectural Standards Review Board
    • Projects & Project Management
    • Technology Investment Request Lifecycle
    • Governance Committees
    • Business Intelligence
    • Enterprise Data Integration Services (EDIS)
    • GMU-TV
    • IT Security Office
  • Alerts & Bulletins
    • Unplanned Outages
    • Phishing Alerts
    • Maintenance
    • Bulletins
    • Spotlights
    • After Action Reports
    • Archives
  • Report an IT Security Incident
  • Request Help
X Hide

Information Technology Services

Skip to content
  • Help & Support
    • Working/Learning Remotely
    • Request Help
    • Live Chat
    • Track a Ticket
    • Knowledge Base
    • Getting Started
    • Contact Us
    • ITS Alerts Sign Up
  • Service Catalog
    • Accounts & Access
    • Communications & Collaboration
    • Computers & Software
    • Data, Reporting & Analytics
    • Network & Internet Services
    • Pilot Services
    • Professional Services
    • Research Computing
    • Teaching & Learning
    • University Applications
    • Web, Servers & Hosting
  • About ITS
    • Our Team
    • Strategic Plan
    • Annual Reports
    • Awards
    • Student Employment
  • Working with ITS
    • Architectural Standards Review Board
    • Projects & Project Management
    • Technology Investment Request Lifecycle
    • Governance Committees
    • Business Intelligence
    • Enterprise Data Integration Services (EDIS)
    • GMU-TV
    • IT Security Office
  • Alerts & Bulletins
    • Unplanned Outages
    • Phishing Alerts
    • Maintenance
    • Bulletins
    • Spotlights
    • After Action Reports
    • Archives

Knowledge Base

Home > Help & Support > Knowledge Base > Security > Highly Sensitive Data FAQ > What are the user’s responsibilities in protecting Highly Sensitive Data (HSD) on the system?

What are the user’s responsibilities in protecting Highly Sensitive Data (HSD) on the system?

Understand the common risks to computers that could result in a data breach

  • Use the computer responsibly
  • Do not respond to a malicious request for your personal authentication credentials, such as passwords, PINs, or account numbers. No legitimate entity will request your authentication credentials via email or through any other channel. Authentication credentials, such as passwords, must never be shared.
  • Avoid high-risk behavior by following simple guidelines:
    • Avoid visiting a questionable website
    • Do not use Peer-to-Peer file sharing
    • Do not download files through online chat programs
    • Do not open suspicious or mysterious email attachments
    • Do not access applications or links embedded in social networking sites (Facebook, Twitter, etc.)
    • Do not attach questionable removable media, such as a USB flash drive found in a parking lot, to the system
  • Do not download, install, or use any application that has questionable integrity
  • Avoid clicking directly on an embedded URL link in a document, email, or high-risk website; instead, type out the URL in a browser such as Firefox or Chrome because links that appear legitimate may mask a malicious address, also known as "URL spoofing"
  • Learn how to view the email header which shows the true sender's email address and the sender's system IP address or contact an authoritative source to confirm legitimacy. An email may appear to come from a known, trusted source, but the sender's "FROM" address may mask a malicious address, also known as "email address spoofing."

Keep current with system updates, antivirus software, and host-based firewalls

  • Ensure that the computer and applications are updated regularly. Users must NOT block installation of security patches for the system and Microsoft applications in MESA.
  • Ensure that the computer has university-supported antivirus software. Users must NOT block or otherwise disable current versions of university-supported antivirus software in MESA.
  • Maintain a host-based firewall if the computer is not in MESA, as MESA configurations include a firewall.

Follow good password security practices

  • Never share passwords
  • Always use strong passwords
  • Change passwords as required by University Policy 1301: Responsible Use of Computing
  • Do not write down passwords

Apply proper system configurations

  • Use a password-protected screen saver
  • Turn off your computer, if possible, when left unattended for a substantial amount of time (e.g. at lunchtime, at end of the day, on vacation) as Whole Disk Encryption only protects data when the system is off
  • Avoid, if possible, the use of an administrator equivalent account on the computer. Some departments provide support where users do not need an administrator account on a computer; check with your department.
Last modified: December 11, 2018

Previous

What is Highly Sensitive Data?

Next

What university policy governs permission to access or store Highly Sensitive Data (HSD)?

Related articles

  • How do I secure my computer?
  • What university policy governs permission to access or store Highly Sensitive Data (HSD)?
  • What type of data might appear highly sensitive, but is not subject to the Data Stewardship policy?
  • When must Highly Sensitive Data (HSD) be protected by encryption?
  • What are some examples of encryption “in transport?"

Get Started at Mason

Whether you are a student, faculty, staff member, or a guest visiting the Mason campus, we have resources to help get you started.

Read More

Quick Links

Patriot Pass Password Reset
Submit a Ticket
Track a Ticket
PuTTY
Cisco AnyConnect VPN

Read More

Explore IT Services

A B C D E F G
H I J K L M N
O P Q R S T U
V W X Y Z #

© 2022 George Mason University
4400 University Drive
Fairfax, Virginia 22030

Latest tweet

George Mason ITS Follow

The official Twitter page for George Mason University's Information Technology Services

GeorgeMasonITS
George Mason ITS @georgemasonits ·
23 Jan

After October 14, 2025, Microsoft will no longer provide security updates or support for Windows 10 systems. As a result, all Windows 10 systems must be upgraded to Windows 11 or removed from the Mason network. Learn more ⬇️

https://its.gmu.edu/bulletins/microsoft-windows-11-announcement/

Reply on Twitter 1617560494176620547 Retweet on Twitter 1617560494176620547 Like on Twitter 1617560494176620547 Twitter 1617560494176620547
View All
ITS Support Center
703-993-8870
support@gmu.edu
live chat
Monday – Thursday, 8 a.m. – 9 p.m.
Friday, 8 a.m. – 5 p.m.
Saturday, Closed
Sunday, 1 p.m. – 9 p.m.
(closed Thursday 3 p.m. – 4 p.m. for a team meeting) Modified Winter Hours Monday –Thursday,
8 a.m. – 7 p.m. Friday, 8 a.m. – 5 p.m. Saturday & Sunday,
Closed Normal business hours will resume on Sunday, January 22 at 1:00 p.m.
  • Webmaster