An end user is an individual who accesses and/or utilizes IT resources.
Everyone who has access to University information is an end user.
Being an end user of University information means taking responsibility for the security of that information. The role of the end user formalizes the existing job responsibility of every University employee to safeguard IT resources. End users are broadly responsible for complying with their unit's information security requirements and procedures.
Guidance for end users
You already access University information or use other IT resources, such as the University network or University computers, to fulfill your daily responsibilities. Being an end user of IT resources means being aware of your responsibility to follow your unit's procedures for protecting those IT resources.
Secure UD clarifies and formalizes your duty to protect the IT resources, including University information and IT devices. Although some of the procedures and requirements may be new, many of them are not new. For example, securing your devices with a password or passcode has always been standard practice.
Secure UD is not designed to interfere with your everyday job responsibilities. Whether you're a faculty member who teaches courses or conducts research, a staff member who manages the University's information systems, or an executive officer who makes administrative decisions for the University, your primary concern is your work.
Secure UD is here to help you accomplish your workplace goals and fulfill your existing job responsibilities more safely and securely. Being conscious of security issues, such as encryption for sensitive data or the physical security of your laptop computer, may take you only a few moments per day, but it may potentially save the University millions of dollars in breach costs and protect your personal information as well. Through our shared efforts, we can protect the University as we would protect ourselves.
Secure UD, and particularly the Secure UD Data Governance & Security Program (Secure UD DGSP), has specific requirements for the protection of University information and IT resources. Examples include encrypting sensitive information, physically securing laptops and tablets, and keeping anti-virus software up to date.
Unless you're a unit head or a local support provider, you won't be expected to read technical documents like the Secure UD DGSP. Your unit head will develop a security plan specific to the needs of your unit by using the Secure UD DGSP as a guide. Unit administrative and technical staff will have implementation responsibilities for Secure UD at the unit level. As an end user, your primary security responsibilities are to understand and follow your unit's security procedures and plan.
Most information security requirements are actually fairly common in the workplace. If you haven't already done the following, do so soon. If you need help, contact your unit's IT staff or the IT Support Center.
- Sign up for two-factor authentication for your UDelNet account.
- Ask your unit or central IT about computer management services to automate basic security tasks.
- Take Secure UD Training to improve your awareness of security issues.
- Lock all of your devices—both work and personal—with secure passwords or passcodes if possible.
- Enable whole-disk encryption on your laptops, tablets, and smartphones.
- Ensure that McAfee VirusScan is installed on your computer and kept up to date. Run a scan once a week when you get to the office or go on your lunch break. If you work with sensitive data, request advanced anti-virus software be installed on your computer.
- Contact IT for advice or help with security.
Work toward achieving the essential security practices as they apply to you.
Responsibilities according to policy
End users' primary information security responsibilities include:
University Data Management and Governance Policy
- Understanding and adhering to policies, standards, and guidelines for data management.
- Recognizing the consequences of improper management of University information.
- Acknowledging annually through the Secure UD End User Acknowledgement their responsibility to appropriately manage the IT resources in their care.
University Information Security Policy
- Adhering to unit procedures for implementing security controls.