• Report an IT Security Incident
  • Request Help
  • Help & Support
    • Working/Learning Remotely
    • Request Help
    • Live Chat
    • Track a Ticket
    • Knowledge Base
    • Getting Started
    • Contact Us
    • ITS Alerts Sign Up
  • Service Catalog
    • Accounts & Access
    • Communications & Collaboration
    • Computers & Software
    • Data, Reporting & Analytics
    • Network & Internet Services
    • Professional Services
    • Research Computing
    • Teaching & Learning
    • University Applications
    • Web, Servers & Hosting
  • About ITS
    • Our Team
    • Strategic Plan
    • Annual Reports
    • Awards
    • Student Employment
  • Working with ITS
    • Technical Business Solution Intake Request Process
    • Architectural Standards Review Board
    • Projects & Project Management
    • Technology Investment Request Lifecycle
    • Business Intelligence
    • Enterprise Data Integration Services (EDIS)
    • GMU-TV
    • IT Security Office
  • Alerts & Bulletins
    • 2023-2024 Technology Updates
    • Unplanned Outages
    • Phishing Alerts
    • Maintenance
    • Bulletins
    • Spotlights
    • After Action Reports
    • Archives
George Mason University
  • Report an IT Security Incident
  • Request Help
X Hide

Information Technology Services

Skip to content
  • Help & Support
    • Working/Learning Remotely
    • Request Help
    • Live Chat
    • Track a Ticket
    • Knowledge Base
    • Getting Started
    • Contact Us
    • ITS Alerts Sign Up
  • Service Catalog
    • Accounts & Access
    • Communications & Collaboration
    • Computers & Software
    • Data, Reporting & Analytics
    • Network & Internet Services
    • Professional Services
    • Research Computing
    • Teaching & Learning
    • University Applications
    • Web, Servers & Hosting
  • About ITS
    • Our Team
    • Strategic Plan
    • Annual Reports
    • Awards
    • Student Employment
  • Working with ITS
    • Technical Business Solution Intake Request Process
    • Architectural Standards Review Board
    • Projects & Project Management
    • Technology Investment Request Lifecycle
    • Business Intelligence
    • Enterprise Data Integration Services (EDIS)
    • GMU-TV
    • IT Security Office
  • Alerts & Bulletins
    • 2023-2024 Technology Updates
    • Unplanned Outages
    • Phishing Alerts
    • Maintenance
    • Bulletins
    • Spotlights
    • After Action Reports
    • Archives

Knowledge Base

Home > Help & Support > Knowledge Base > Security > Highly Sensitive Data FAQ > What are the user’s responsibilities in protecting Highly Sensitive Data on the system?

What are the user’s responsibilities in protecting Highly Sensitive Data on the system?

Understand the common risks to computers that could result in a data breach

  • Use the computer responsibly
  • Do not respond to a malicious request for your personal authentication credentials, such as passwords, PINs, or account numbers. No legitimate entity will request your authentication credentials via email or through any other channel. Authentication credentials, such as passwords, must never be shared.
  • Avoid high-risk behavior by following simple guidelines:
    • Avoid visiting a questionable website
    • Do not use Peer-to-Peer file sharing
    • Do not download files through online chat programs
    • Do not open suspicious or mysterious email attachments
    • Do not access applications or links embedded in social networking sites (Facebook, Twitter, etc.)
    • Do not attach questionable removable media, such as a USB flash drive found in a parking lot, to the system
  • Do not download, install, or use any application that has questionable integrity
  • Avoid clicking directly on an embedded URL link in a document, email, or high-risk website; instead, type out the URL in a browser such as Firefox or Chrome because links that appear legitimate may mask a malicious address, also known as "URL spoofing"
  • Learn how to view the email header which shows the true sender's email address and the sender's system IP address or contact an authoritative source to confirm legitimacy. An email may appear to come from a known, trusted source, but the sender's "FROM" address may mask a malicious address, also known as "email address spoofing."

Keep current with system updates, antivirus software, and host-based firewalls

  • Ensure that the computer and applications are updated regularly. Users must NOT block installation of security patches for the system and Microsoft applications in MESA.
  • Ensure that the computer has university-supported antivirus software. Users must NOT block or otherwise disable current versions of university-supported antivirus software in MESA.
  • Maintain a host-based firewall if the computer is not in MESA, as MESA configurations include a firewall.

Follow good password security practices

  • Never share passwords
  • Always use strong passwords
  • Change passwords as required by University Policy 1301: Responsible Use of Computing
  • Do not write down passwords

Apply proper system configurations

  • Use a password-protected screen saver
  • Turn off your computer, if possible, when left unattended for a substantial amount of time (e.g. at lunchtime, at end of the day, on vacation) as Whole Disk Encryption only protects data when the system is off
  • Avoid, if possible, the use of an administrator equivalent account on the computer. Some departments provide support where users do not need an administrator account on a computer; check with your department.
Last modified: May 3, 2023

Previous

What is Highly Sensitive Data?

Next

What university policy governs permission to access or store Highly Sensitive Data?

Related articles

  • When must Highly Sensitive Data be protected by encryption?
  • What are some examples of encryption “in transport?"
  • What is encryption “at rest?"
  • Who are “Data Owners” and what are their responsibilities?
  • How does someone begin the process of obtaining authorization to store Highly Sensitive Data?

Get Started at Mason

Whether you are a student, faculty, staff member, or a guest visiting the Mason campus, we have resources to help get you started.

Read More

Quick Links

Patriot Pass Password Reset
Submit a Ticket
Track a Ticket
PuTTY
Cisco AnyConnect VPN

Read More

Explore IT Services

A B C D E F G
H I J K L M N
O P Q R S T U
V W X Y Z #

© 2022 George Mason University
4400 University Drive
Fairfax, Virginia 22030

ITS Support Center
703-993-8870
support@gmu.edu
live chat
@GeorgeMasonITS
Innovation, Room 226
Hours of Operation

Monday – Thursday, 8 a.m. – 9 p.m.
Friday, 8 a.m. – 5 p.m.
Saturday, Closed
Sunday, 1 p.m. – 9 p.m.
(closed Thursday 3 p.m. – 4 p.m. for a team meeting)

  • Webmaster