Information Security

Tools we use to keep you secure:

• Bitlocker:  encrypts the files on your Windows PC to protect them from unauthorized disclosure. Even if your device is lost or stolen, criminals cannot access the content on your device.
• Crowdstrike: monitors for suspicious events and activities that indicate possible attacks and blocks known viruses and malware.
•  Windows Defender Firewall: a firewall is a security software that helps protect your network by filtering traffic and blocking outsiders from gaining unauthorized access to the private data on your device.
• SSL/HTTPS: when browsing the internet, look for either a padlock icon or “https://” at the beginning of the address for the site you’re visiting to ensure the site is secure.
• Sensitive Data Discovery: helps ensure that sensitive and regulated data are not being stored unnecessarily.

Virus & Malware Device Protection

• Crowdstrike Antivirus Software
• Antivirus Options for your Personal Devices

Be aware of your virtual surroundings

1. Turn on Two-Factor Authentication (2FA) for Weblogin. 2FA provides an extra layer of security that stops criminals from using a stolen password to compromise your account.
2. Check before logging into websites and opening email attachments. Know what you’re clicking:
   1. Check the address or URL on login screens before entering your password.
   2. Check the shared document and email attachment links before clicking them.
   3. Check QR codes before clicking them from your mobile device.
3. Please consult Look Before You Log In for more information on maintaining security while online.

How am I protected?

We utilize CrowdStrike Falcon, an advanced endpoint protection for Windows PCs and Macs. Among its many roles, it serves as traditional antivirus/anti-malware that detects and prevents potentially malicious activity. If you received your device from Ross IT, critical updates and security settings are set automatically.

How to Encrypt a USB Flash Drive

Ross IT recommends encrypting any USB flash drive before using it in classrooms. This action will help ensure your data remains safe even if you lose the drive.

1. Please refer to the section “How to encrypt a flash drive” on the following page: How to encrypt a USB flash drive—and why you should.
2. Note in the instructions:
   • Under step 3, you may need first to select “Show More Options” before you see the Bitlocker option.
   • Important: If you forget your drive’s password and lose your recovery key, Ross IT will be unable to recover the files on the drive.

What about protecting my personal devices?

For more information and suggested security applications for personal devices, please check out Antivirus for Personal Computers.

Keep your Device Secure

• Utilize online services for storage (Google Drive or Dropbox at U-M) rather than your desktop. This way your data is not lost, even if your device is.
• Make a habit of locking your screen when you step away from your device. Ctrl+Alt+Del (Windows) or Control-Shift-Power (Mac) when you’re away from your device.
• Keep applications updated and patched. Ross devices automatically receive critical updates to applications.

Use Strong Passwords

• A strong password contains 9 or more characters, a mix of uppercase and lowercase letters, along with numbers and/or symbols. Select something that’s easy to remember, yet not easy for others to guess.
• Change your password yearly at a minimum. However, the more often the better. Ross IT suggests setting up a recurring calendar task to remind yourself to change your password.
• Do not share your password with anyone. No member of Ross IT will ever ask for your password.
• If you feel as though your password has been compromised or exposed, change it.

Password management relies on you. We do not recover passwords. Rather, we will reset your password so that you can regain access. This ensures that not even network administrators can view your password.

Privacy

Protect and Respect Privacy

Don’t talk to strangers. Make sure you know who’s contacting you.

Learn about privacy and how to you can protect your privacy with the Protect and Respect Privacy curriculum on the Safe Computing website.

Protect your Data

• Beware of Phishing: Phishing is used by criminals who use malicious email and websites to try to trick you into revealing your password or other sensitive information or to infect your computer with malware
• Examples of Phishing
• Tips on recognizing Phishing
• Vishing: Vishing—or voice phishing—is the use of fraudulent phone calls to trick people into giving money or revealing personal information.
• Phishing and Visihing are two of several online threats. This page offers a vast amount of information and tips on keeping your data secure.
• Did you receive a threatening, harassing email? Or did you find someone misusing email groups? Forward the email to: abuse@umich.edu.

Last Updated on August 11, 2025