Safe Computing: Keep NIU's and Your Data Secure
If you receive an email message asking for your NIU Account ID or password, do not respond.
IT professionals at NIU will never ask you for your password.
- Windows 10 is recommended and supported. The Division of Information Technology (DoIT) will also support the two previous versions: Windows 7 and Windows 8.1.
- Apple OS 10.13 (High Sierra) is recommended and supported. DoIT will also support two previous versions: Sierra (10.12) and El Capitan (10.11).
- DoIT staff manage the deployment of all Windows updates to its managed devices. This includes all supported operating systems as well as important software patches for critical programs.
Anti-Virus / Anti-Malware Software
- DoIT staff recommend and support Microsoft Endpoint Protection to protect Windows devices against viruses and malware. The software and its threat definitions are automatically updated for any network-connected machine.
- Windows SmartScreen provides additional security.
- DoIT does not currently support Apple anti-virus software.
- Windows: Microsoft's built-in local firewall is enabled by default. DoIT has customized the default policies for additional security and for essential software access.
- Apple: The Mac OSX firewall is not enabled by default. DoIT recommends users enable the firewall. DoIT does not actively enable or monitor local Mac firewall policies.
- Windows: Policies have been created for Microsoft BitLocker implementation on NIU-owned mobile devices, but there is no NIU-wide enforcement of these policies.
- Apple: When desired, the built-in FileVault should be used to encrypt Mac laptops.
- Support from DoIT and administration of recovery keys is available for both BitLocker and FileVault.
- Hard-lined devices and those on authenticated NIU Wireless adhere to strict security standards on both the network and client side. No NIU-owned devices should be connecting to NIU Guest wireless when it is possible to connect to NIU Wireless.
NIU Data Storage
- Every NIU employee has access to secure cloud storage with Microsoft OneDrive. Individual departments may also have access to network drives that are secured and maintained by DoIT.
- NIU data should never be stored on a personal device.
- Users are not local admins on their machines by default. Users who require administrator access must have their supervisor's and DoIT's approval.
BYOD (Bring Your Own Device) practices are becoming common at many workplaces and NIU students have been bringing their own devices for decades. Following common-sense guidelines from the US Computer Emergency Readiness Team (US-CERT) and NIU's guidelines for NIU-owned devices can help the NIU community protect their personal data and their personal devices.
- NIU does not provide any kind of backup support or recovery of lost data from non-university owned machines. Rather, it is the responsibility of the employee to secure all data on personal devices.
- Sensitive NIU data may not be stored on any local device.
- Personal devices may be used for work-related activities, but users should not:
- map NIU shared drives to their personal device;
- auto-synchronize personal devices with NIU's Microsoft OneDrive implementation;
- install NIU-owned or NIU-purchased software; or
- leave personal devices unlocked or unattended.
- Any device that is used for work related activities should be secured with some form of authentication. A PIN, password, fingerprint, pattern, or other forms of biometric verification are all acceptable forms of device security.
- Use the same best practices for software installation as you would on an NIU-owned device. Do not install software from unidentified sources.
- When on campus, NIU employees should connect to the authenticated NIU Wireless network with all of their devices. When off-campus and using the device for work-related activities, NIU employees should authenticate to the NIU's VPN service at https://secure.niu.edu.