The University of Texas at San Antonio

Office of Information Technology

Office of Information Security (OIS) Standards


OIS 27 – Standard for Personal Computing



The University authorizes the use of personal computing equipment to individual users and they are in turn charged with complying with published policies and standards and with taking responsibility for their appropriate use of the equipment.



This standard supports HOP Policy 8-12 Information Resources Use and Security Policy.



This standard applies to all UTSA faculty, staff, and students.



If you have any questions about OIS 26 – Standard for Personal Computing contact the following office:


The Office of Information Security



  1. The following practices are required for each user of UTSA’s computing resources:
      1. Becoming familiar with the Acceptable Use Policy.
      2. Utilizing strong passphrases.
      3. Installing only legally licensed software.
      4. Keeping virus protection current.
      5. Not removing or rendering inactive software loaded onto the computer by OIT.
      6. Identifying and protecting confidential data on the computer so that special protection can be applied to protect the data.
      7. Not using e-mail to transmit confidential data – e-mail is not always safe.
      8. Not allowing unauthorized persons to use university-owned computers or accounts.
      9. Taking care in not clicking on unfamiliar links to e-mails. Phishing, “social engineering” viruses and other scams are prevalent.
      10. Taking special care with laptops and portable devices – the user is responsible for protecting them from theft.
      11. Encrypting UTSA-owned laptops with a product that provides for whole disk encryption.
      12. Following the University’s destruction procedures for storage media that are no longer in use.
      13. Backed up data in a manner that provides for full restoration in the event of a disaster or outage. Backup media should be kept separate from the computer and the user must be able to restore data from the backups.
      14. Reporting concerns about information security threats to a computer to the Office of Information Security ( ).



Effective Date: January 5, 2011

Last Revised: May 15, 2015