Protecting Your Computer and Sensitive Data

Audience: Faculty and Staff

Assuming: Mac 10.6+, Win7+

Updated: Tue, 18 Mar 2014 11:05 AM

Choose a Secure Password

SFU IT Services provides some standards for choosing a strong password.  They suggest using a minimum of 8 characters with at least three of the following:

  • Capital letters (A-Z)
  • Lower case letters (a-z)
  • Numbers (0-9)
  • Special characters (!#$%^&*()_+={}|”:?/;’\][><,)

Don't use:

Just as important as having a strong password, keep it secure. 

  • Never reuse your SFU password on services such as Twitter, GMail or Facebook.
  • Do not write down your password and leave it unprotected.
  • Do not share your passwords with anyone.

Experiencing password fatigue?  Consider using a password management tool.  Typically these are encrypted systems that rely on setting a master password to access all other passwords.

  • LastPass
  • DashLane
  • RoboForm
  • KeePass
  • OnePassword

Disable Auto-Login

Password protecting your computer at login is a first line of defence in securing data.

By default, Windows and Mac disables auto-login.  If you have enabled automatic login, it is highly recommended that you reverse the process.  Here's how.

Mac OS X

System Preferences --> Users & Groups

--> Click the lock to make changes --> fill in Username and Password

--> click Login Options

--> ensure Automatic Login is set to Off

Windows 7

Click the Start button --> type netplwiz

 --> uncheck the box Users Must Enter A User Name And Password To Use This Computer


(If you do not see the checkbox and label, then auto-login is disabled. )

Set Your Computer to Logout When Not in Use

Mac OS X

Mac OS X

    System Preferences --> Security & Privacy --> General tab

    --> Check Require password immediately after sleep or screen saver begins



Windows 7

    Click Start button --> Type Change screen saver --> Press Enter to launch --> Select a screen saver --> Check On resume, display logon screen

Click Start button --> Type Change screen saver --> Press Enter key

Select a screen saver from the drop-down menu --> Check On resume, display logon screen  --> Save settings by pressing OK

Install Anti-Virus

SFU IT Services provides Trend Micro, an enterprise level anti virus program for staff and faculty.  Versions are available for both Windows and Mac.  You will need to contact your department's lan administrator to download and install TM.

Turn-on Firewall (Especially for laptop users)

Mac OS X

    System Preferences --> Security & Privacy --> Firewall --> Turn On Firewall

Windows 7

    Start --> Control Panel --> System and Security --> Windows Firewall --> Turn Windows Firewall on or off

Update Your System Regularly

To protect yourself against the latest online threats, turn-on automatic updates.

Mac OS X:

    System Preferences --> App Store --> Select the following items

Automatically check for updates

Download newly available updates in the the background

Install app updates

Install system data files and security updates

Windows 7:

    Control Panel --> System & Security --> Windows Update --> Turn automatic updating on or off


Don't Go Phishing

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

How to avoid it?

  • Be suspicious of all unsolicited electronic correspondence (asking for personal information)
  • IT Services will never contact you requesting your account information
  • Report phishing attempts to IT Services (SFU Connect --> Report Phishing)
  • Never email personal, financial or account-related information
  • Go directly to the site rather than clicking on an email link


Lock-Down Your Hardware, Secure Your Portable Media

Especially if you work near a high-traffic area, secure your PC using a cable and lock.  Locking down a computer with a cable is not a failsafe against theft. Rather it's a deterrent against the opportunistic thief.

Portable media such as USB keys, Cds/DVDs and external hard drives can be easily lost or stolen. If you need to store sensitive data on portable media, ensure that it is securely destroyed when you are finished with it, or that it is locked away in a safe place.

Turn Off Unnecessary File Sharing

Mac OS X

    System Preferences --> Sharing --> De-select check from File Sharing

Windows 7

    Start --> Control Panel --> Network and Sharing Center --> Change advanced sharing settings --> Home or work --> Check the following

Nework Discovery: Off

File and Printer sharing: Off

Public Folder Sharing: Off

           File Sharing Connections: Use 128-bit encryption.

            --> Save Changes1


Back Up Your Data (To A Secure Network Drive)



Ask your department's lan administrator to discuss backup strategies.

Create a Separate Admin Account, Use a Standard Account for Daily Work

Why use a standard user account?

The standard account can help protect your computer by preventing users from making changes that affect everyone who uses the computer, such as deleting files that are required for the computer to work. We recommend creating a standard account for each user.

When you are logged on to Windows with a standard account, you can do almost anything that you can do with an administrator account, but if you want to do something that affects other users of the computer, such as installing software or changing security settings, Windows might ask you to provide a password for an administrator account.1


1. (

Turn on Encryption

[Contact your department's lan admin]

File encryption ensures that in the event your computer is stolen, the thief cannot access protected data. Windows and Mac OS X have built-in encryption software, Bit Locker and FileVault respectively.

Mac OS X:

    System Preferences --> Security & Privacy --> FileVault tab


    Start --> Control Panel --> Security --> Bit Locker Drive Encryption

Consolidate Old Accounts

If your have old accounts that are no longer being used, save any important data then delete the account.