Skip to main content
Give
Office of Information Services
Offices of the DeanOffice of Information ServicesSecurity

Security

The School of Medicine takes computer and network security very seriously. We work closely with campus, FPI and UMMC to defend against threats. Our Policies comply with federal, state and University System requirements.

  • Some security steps are yours alone to take.
    • Select strong passwords.
    • Never share passwords with others.
    • Do not allow others to use your login accounts.
     
  • Some measures are ours.
    • Manage antivirus software updates.
    • Manage critical operating systems patches.
    • Monitor the network for signs of malicious data traffic
     
  • A few things we do together.
    • You contact the SOM Help Desk when a new computer arrives.
    • You determine if the computer is behind the SOM firewall.* 
    • We configure it to comply with current security policies. 

For questions about computer or network security, call the SOM Help Desk (6-3998).

*Determine if your computer is behind the SOM firewall.

Smartphone & Mobile Security

What is sensitive information?

Information is considered sensitive in this context if it contains the identity of individuals, HIPAA protected health information (i.e., health information connected to any of 18 personal identifiers), or data which if released to the public would cause harm to the School of Medicine.

What is my responsibility to protect sensitive information?

Because of your employment and role in the School of Medicine, you have been entrusted by this organization or by other organizations to work with collections of sensitive information. It is your personal responsibility to take necessary precautions to keep that information confidential and secure when it is in your possession.

What precautions are necessary to protect sensitive information on portable devices?

Portable devices such as laptop or notebook computers and SmartPhones are easily lost or stolen. Portable devices containing sensitive information must remain under your control at all times. All portable devices must have a complex password and be encrypted. Contact the Help Desk (6-3998) for assistance with encryption.

Consult your local IT support provider or Help Desk (6-3998) for assistance to ensure your laptop/notebook computer is protected by power-up password-protection.

When these devices are not in use or in your personal possession, they must be physically secured to discourage theft. Examples of acceptable physical security for a laptop computer includes securing it via a metal tether cable to a desk or other substantial piece of furniture, placing it in a locked desk drawer or putting it in an in-room hotel safe.

There are many types of metal security cables available to tether laptop/notebook computers. To review the choices and to order one that best suits your needs, visit Awareness and search for "security lock".

What is mobile media?

Mobile media refers to any form of data storage that can be readily removed from a computer and moved to another computer or location. Examples of commonly used mobile media are CD/DVDs, USB memory sticks and external disk drives.

What precautions are necessary to protect sensitive information on mobile media?

Physical security measures are helpful here as well. Take responsibility for the protection of your mobile devices; keep them under your control at all times. When not in use, keep them locked up and out of sight. All laptops must be encrypted. Contact the SOM Help Desk, 6-3998, to arrange to have your University issued, or personal laptop, if used for University business, encrypted. Enable password protection and encryption on all mobile devices, especially SmartPhones.

How can I get more information about data privacy?

See the Center for Information Technology Services’ (CITS) for additional information on data privacy.

How do I get more information on security awareness for work and personal use?

See the FPI/SOM Information security Office (http://fpinet.fpi.umaryland.edu/iso) for additional information on security awareness, security policies, and the services offered.