UC Santa CruzInformation Technology Services
  Home About ITS Services ITS News Policies Governance ITS Staff Site Jobs Find An Answer Feedback

Top 10 List of Good Computing Practices

Home > IT Security Awareness > Top 10 List of Good Computing Practices

This is the full Top 10 List. For a quick overview, please see the short version.

  1. Use cryptic passwords that can't be easily guessed, and protect your passwords.
    • Don't share your passwords and avoid writing them down.
    • Characteristics of good, cryptic passwords:
      • At least 8 characters in length
      • Contain a mixture of upper and lower case letters, numbers, and symbols
      • Difficult to guess (e.g. don't include real words or personal information like user name, names of family members, places, pets, birthdays, addresses, hobbies, etc.)
      • Easy to remember (so you don't have to write them down)
    • For additional information and tips, see the UCSC Password Strength and Security Standards.
  1. Be cautious when using the Internet.
    • Don't provide personal or sensitive information to Internet sites, surveys or forms unless you are using a trusted, secure web page.
    • Also, just opening a malicious web page can infect a poorly protected computer. Be aware of where you are going before clicking on a web link. When in doubt, instead of clicking on an unknown or unsolicited link, look up the web site on your own and go there independently.
    • Be extremely careful with file sharing software. There is a limit to the amount of bandwidth any given machine may use in a 24-hour period at UCSC. Violators risk being disconnected from campus networks. If you share copyrighted files, you also run the risk of serious legal consequences.
  2. Practice Safe Emailing.
    • Don't open email attachments or click on web site addresses in emails unless you really know what you're opening.
    • Delete spam and suspicious emails; don't open, forward or reply to them.
  1. Secure your area before leaving it unattended.
    • Lock windows and doors.
    • If you are an employee, be sure to lock up portable equipment and sensitive material before you leave your work area (take keys out of drawers), and never share your access code, card or key.
  1. Secure laptop computers at all times: keep it with you or lock it up securely before you step away.
    • At all times: in your office or dorm room, at coffee shops, meetings, conferences, etc. - Remember: laptops get stolen from cars, houses, and offices all the time.
    • Make sure it is locked to or in something permanent.
    • Laptop lockdown cables are available at the Bay Tree Bookstore and most computer or office supply stores.
  1. Shut down, lock, log off of, or put your computer to sleep before leaving it unattended, and make sure it requires a password to start up or wake-up.
    • <ctrl> <alt> <delete> or <Windows><L> on a PC; Apple menu or power button on a Mac.
    • Talk to your computer support person or the ITS Support Center (459-HELP) for assistance if it doesn't.
  1. Make sure your computer is protected with anti-virus and all necessary security "patches" and updates, and that you know what you need to do, if anything, to keep them current.
    • Talk to your computer support person or the ITS Support Center (459-HELP) for assistance.
  1. Don't keep sensitive information or your only copy of critical data, projects, files, etc. on portable devices (such as laptop computers, CDs/floppy disks, memory sticks, PDAs, data phones, etc.) unless they are properly protected. These items are extra vulnerable to theft or loss.

  1. Don't install unknown or unsolicited programs on your computer.
    • These can harbor behind-the-scenes computer viruses or open a "back door" giving others access to your computer without your knowledge.
  1. Make backup copies of files or data you are not willing to lose -- and store the copies very securely.


Reporting computer security incidents...

...because sometimes it seems like you can do everything right and things still happen.

  • Report any suspected compromise (hacking, unauthorized access, etc.) of computing systems or data to your supervisor and the ITS Support Center.
  • Report lost or missing University computing equipment to your supervisor and the Campus Police (and to the local authorities if the incident occurred away from campus).

For questions relating to any of the information contained on this page, please contact itpolicy@ucsc.edu.

Rev. 1/28/08