I. STANDARD STATEMENT

The University authorizes the use of personal computing equipment to individual users and they are in turn charged with complying with published policies and standards and with taking responsibility for their appropriate use of the equipment.

II. RATIONALE

This standard supports HOP Policy 8-12 Information Resources Use and Security Policy

III. SCOPE

This standard applies to all UTSA faculty, staff, and students.

IV. CONTACTS

The Office of Information Security
informationsecurity@utsa.edu

V. PROCEDURES

  1. The following practices are required for each user of UTSA’s computing resources:
    1. Becoming familiar with the Acceptable Use Policy.
    2. Utilizing strong passphrases.
    3. Installing only legally licensed software.
    4. Keeping virus protection current.
    5. Not removing or rendering inactive software loaded onto the computer by University Technology Solutions (UTS).
    6. Identifying and protecting confidential data on the computer so that special protection can be applied to protect the data.
    7. Not using e-mail to transmit confidential data – e-mail is not always safe.
    8. Not allowing unauthorized persons to use university-owned computers or accounts.
    9. Taking care in not clicking on unfamiliar links to e-mails. Phishing, “social engineering” viruses and other scams are prevalent.
    10. Taking special care with laptops and portable devices – the user is responsible for protecting them from theft.
    11. Encrypting UTSA-owned laptops with a product that provides for whole disk encryption.
    12. Following the University’s destruction procedures for storage media that are no longer in use.
    13. Backed up data in a manner that provides for full restoration in the event of a disaster or outage. Backup media should be kept separate from the computer and the user must be able to restore data from the backups.
    14. Reporting concerns about information security threats to a computer to the Office of Information Security at informationsecurity@utsa.edu or to techcafe@utsa.edu.
    15. OneDrive is the free, limited, and personal version of Microsoft’s cloud storage tool. OneDrive for Business, on the other hand, is the business and full-scale version which UTSA uses. OneDrive is best for personal storage. OneDrive for Business is used with SharePoint, syncs data across different devices, provides corporate access, co-author files, and allows users to work at home or on the road. The two are not the same tool. Using the limited version of OneDrive for university business is expressly forbidden. Users must take special care to use OneDrive for Business to conduct university business using only UTSA provided credentials. Storage of any files or documents created as Incidental Use by a User must be nominal (less than 5% of data user’s allocated OneDrive space).

OIS 27 – Standard for Personal Computing Security
Effective Date: January 5, 2011
Last Revised: August 4, 2020