• McMaster
  • McMaster A-Z Index
• Academics
  • Undergraduate Studies/Programs
  • Graduate Studies/Programs
  • Part-Time Studies & Continuing Education
  • Departments & Faculties
• Alumni
  • About the Alumni Association
  • Alumni Events
  • Services & Benefits
  • Programs for Alumni
  • Alumni Networking
  • Keep in Touch
  • Homecoming
  • Alumni Weekend
  • Students & Young Alumni
  • Giving to McMaster
• Discover McMaster
  • About the Campus
  • Fast Facts
  • Governance
  • History of McMaster
  • How to Get to McMaster
  • Policies, Procedures & Guidelines
  • President's Message
  • Provost & Vice-President (Academic)
  • Strategic Plan
  • Teaching and Learning at McMaster
• Future Students
  • Undergraduate
  • Graduate Studies
  • MBA Program
  • Continuing Education
  • Parents
  • Student Services
  • Virtual Tour
• Library
  • About the Libraries
  • Contact Us
  • Course Reserves
  • Library Catalogue
  • Library Services
  • My Account / Book Renewal
• Research
  • Canada Research Chairs
  • Endowed & Industrial Chairs
  • Ethics in Human Research
  • McMaster Innovation Park
  • Office of International Affairs
  • Partnership Opportunities
  • Research Centres & Institutes
  • Research Policies & Procedures
  • Science in the City
• Current Students
  • Student Affairs
  • Student Resources
    • Chaplaincy
    • Human Rights & Equity
    • Information Technology
    • Office of Academic Integrity
    • Ombuds
    • Parking & Transit
    • Registrar
    • Safety & Security
    • Student Financial Aid & Scholarships
    • Student Accounts
  • Student Government
    • Graduate Students
    • Part-time Students
    • McMaster Students Union
  • Campus Life
    • Clubs
    • Events

University Technology Services

• Security And Policies
• IT Security
  • Administrative Data
  • Desktop Computer
    • Policies
    • Good Computing Practices
    • Disposal of Equipment
  • MAC ID
  • Passwords Best Practices
  • Server System Security
  • Secure Connections from External Sources
• Policy and Procedures
• Photo ID
• Virus Information
• UTS Home

Administrative data and licensed computer software are valuable University resources that must be protected from loss or disclosure, accidentally or through the determined efforts of a clever computer hacker.

Additional information can be found at Microsoft's Protect Your PC website.

Policies

The Policy on Information Integrity and Security, states that the University will ensure that information is kept safe from loss, and secure from interference of unauthorized or improper access. You should consider this responsibility in your role as custodian for any data that may be stored on your local hard drive.

Of course, maintaining privacy of personal information is of utmost importance. The Board of Governor's Guidelines on Access to Information and Protection of Privacy, creates policies governing access to information and the protection of privacy applying the relevant government legislation in a manner appropriate to the University setting.

Good Computing Practices

There are a number of recommended computing practices that will help to protect data that is created or stored on your local computer:

• Use logon and screen saver passwords to prevent unauthorized access to data on your computer when you are away from your desk
• Do not share your passwords with anyone.
• Do not write your passwords down and leave them where they can be found readily on sticky notes attached to the bottom of your keyboard or side of your monitor or in an unlocked desk drawer
• Use Virus Protection software to prevent damage to or loss of data on your computer. Keep the Virus definition files up-to-date. For information on computer viruses and virus protection software see the UTS Virus page
• Use a personal firewall to protect your computer from hacker attacks. Use the built-in firewall provided with your operating system or one from a third party supplier.
• Encrypt sensitive files and folders. If you use the NTFS file system under the Windows XP or Windows 2000 operating system, encryption of selected folders and files is simple to activate. Encryption can be enabled for an individual file or an entire set of folders and sub-folders at the click of a mouse. Encryption is provided automatically through your Windows logon and is transparent to the user that encrypted the file. This means that you do not have to decrypt the encrypted file before you can use it. You can open and change the file as you normally do. However, an intruder who tries to access your encrypted files or folders will be prevented from doing so. www.truecrypt.org provides free open-source disk encryption software for Windows XP/2000/2003 and Linux.
• Limit access to shared files and folders. If you use the NTFS file system under the Windows XP or Windows 2000 operating system, you can select the type of access Read, Write, Modify, Execute and specify the user or groups of users with that access
• Make a backup copy of data that cannot be easily recreated. Windows provides a backup and restore utility. Windows online help has instructions for its use
• Make sure that data and licensed software are removed completely from the hard disks before the computer is sold, transferred to another department, or disposed. See below for additional information

Disposal of Equipment

Purchasing Policy P-160, entitled "Disposal of University Surplus Assets", outlines the responsibility of the user/department for the proper removal of all university and/or personal files from the hard disks before sale, transfer or disposal of surplus computer equipment. The policy, available at the Department of Purchasing Resources website strongly recommends and encourages owners to contact UTS for assistance to ensure that these files are properly removed.

It is not enough to delete files from the hard drive of a computer that is being transferred to another person. When you delete a file, the information is not actually erased from the hard drive, but rather the entry pointing to the file is removed from the index. Even writing zeroes over the entire hard drive is not sufficient to completely remove traces of a file. Technically, a zero written over top of a 0 is distinguishable from a zero written over top of a 1. There are numerous companies offering data recovery services and/or utility programs that have the ability to recover data from files that have been deleted or from disks that have been damaged in some way. Someone with the knowledge and the incentive could retrieve the information.

Where there is sensitive data on the hard drive, some conservative security experts suggest that hard drives should be destroyed rather than risk the contents being read. Others offer various suggestions as to the number of passes that writing random patterns of 0's and 1's would sanitize a disk for all practical purposes. Of course, this process can take hours. Client Services offers a service to properly clean a hard disk before disposal or transfer. For more information contact the UTS Service Desk.