• Departments
  • Academic Technology
  • Enterprise Computing
  • Finance & Planning
  • Information Technology Security & Preparedness
  • Project Management Office
  • Strategic Technology
  • Client Services
• Signals
• UNH IT Guide
• Blackboard
  • Blackboard Help and Information
  • Blackboard System Data Policies
  • Blackboard Upgrade
  • Courses/Training
  • Documentation
  • Go To Blackboard
  • Logging In / Password Reset
  • Module Request
  • Organization Requests
  • Plagiarism
  • Reporting a Problem
• Email
  • Directed Communication
  • Directories
  • Getting An Account
  • Mailing Lists
  • Microsoft Lync
  • Outlook Exchange
  • Outlook Web Access
  • Privacy
  • WildcatsMail (student email)
• Equipment
  • Classrooms
  • Computer Service Center
  • Equipment Reservations Request
  • Phones
  • Public Computing Clusters
  • Safe Electronic Equipment Disposal Program
  • UNH Computer Store
  • Video Conferencing
• Network
  • Custom Secure Networks
  • Internet
  • On Campus
  • Security
  • Videoconferencing
  • Wide Area (NH)
  • WiFi Wireless
• Software
  • Download Software
  • Help
  • Training
  • UNH Computer Store
  • Virus Protection
  • VPN
• Support
  • Accounts
  • Audiovisual
  • Banner
  • Blackboard
  • Business Service Center
  • Change Password
  • Computer Service Center
  • Document Imaging
  • Information regarding Java Vulnerabilities at UNH
  • IT Service Desk
  • IT Support Center
  • Mobile Devices and Applications
  • Questions for UNH IT
  • SharePoint
  • Training
  • Software & Hardware Guide
  • UNH IT Guide
  • Web Pages
  • WEBI
• Telephones
  • Authorization Codes
  • Directories
  • Making Calls at UNH
  • Repair
  • Services & Rates
  • Telecom Account Access
  • Telecom Account Manager
  • Voicemail

Good Practices & Procedures

"A chain is only as strong as its weakest link."  

It's an old saying but still true in our efforts at UNH to protect information and IT resources.  Each of us has a role in information protection and your use of  IT Good Practices - often called 'best' or  'recommended' practices - enables you to insure that you are armed with the knowledge to avoid the most basic and common risky behaviors in the use of IT resources... to avoid being the weakest link.

Our Good Practices pages provide information, recommendations, checklists, templates and procedures for both IT Service Consumers and Service Providers.

Passwords

University policy requires you to change your passwords at least every six months and use strong passwords; your password must be at least 7 characters in length and include at least one of each of the following: upper case letter, lower case letter, digit (number) and special character (%*+_-.,:;/\|=?![]^~). Passwords must not be reused or be based on dictionary words, names or your personal information. We encourage you to use passwords with more than 7 characters as longer, strong passwords have been demonstrated to be significantly more difficult for attackers to break.

To change your passwords, go to accounts.unh.edu If you require assistance, contact the UNH IT Service Desk.

For more information:

• Read the IT Security Password Security Explained pamphlet for information, FAQ and 'How To' guide.
• Account Management's Password Best Practices shows how to create strong passwords 
• IT Signals has published the helpful How To Painlessly Change Your AD Password

Protected Computing 

A wide variety of lists of recommended practices to protect information and your computer are available and it is often confusing to know which to follow.  Reduce the risk of an information breach by following these Protected Computing Good Practices 

Reducing Your Risk When Internet Browsing

Use our recommended practices when browsing the Internet to protect  your information and computer: Reducing Your Risk

Administrator's Account

UNH IT Security recommends that all UNH computer users access the Internet only when using a non-administrative account.  This provides additional protection against downloading of malicious software such as viruses and trojans, but does not replace an up-to-date antivirus program.  For assistance with creating your non-administrative user account, contact the IT Service Desk or use following documents which provide guidance for a non-administrative account on your PC:

• How to remove your users account from the administrator's account
• How to logon to the adminsitrators's account
• How to provide administrator's credentails when downloading software
• How to change the administrator's password

Social Media Guidelines and Good Practices

If you use social media, such as Facebook, in representation of the university or your department read the UNH Social Media Guidelines provided by University Communications and Marketing and IT Security. 

Email and Communications

Both IT Service Consumers and Service Providers can reduce the risk from malicious emails or other communications by using these Email Good Practices.  When sending personally identifiable information (PII) in emails, protection should be provided as recommended in PII in Email.

Servers

Good practices for computers servers can vary depending on the type of server and services in question, as well as the type of information the server stores or processes. Some basic concepts apply to all servers and this list describes some of these commonly used basic tenets. 

Printers and Copiers

Good practices for printers and copiers can vary depending on the type and manufacturer of the device, as well as the type of information the device stores or processes. This list describes good practices that apply to the installation and operation of most of these devices.   

Backup Media

Read the UNH minimum standards for handling and storage of backup media.

Mobile Device Protection

If you use a mobile device, such as a smartphone or tablet computer, to access UNH services or information, it is critical that you protect the device and the information accessed by, or stored on, the device:  

• Security:  
  • Go to the UNH IT Mobile Devices and Applications page for the latest configuration and security information. 
  • Use our Security Basics For Mobile Devices as a guide to purchasing devices with, and activating, security features. 
  • Read IT Signals: Using a Stronger Password on Your iPad, iPhone or iPod touch.
• Mobile Applications: Developers should read  8 Security Questions to Ask Before Building Mobile Apps from CIO.com.
• NIST: The National Institute for Standards and Technology provides these Guidelines for Cell Phone and PDA Security.

Confidentiality Template (Employee Non-Disclosure Agreement)

It is a good practice for persons who handle restricted or sensitive information, or who operate IT systems that store, transfer or process such information, to sign a confidentiality agreement. Doing so helps educate those persons about protecting the systems and information, and helps to establish expectations. In some situations, the signing of a confidentiality agreement is required by policy or contract.

The confidentiality agreement template provided here is available for your use or adaptation as appropriate. Where the use of such agreement has legal implications, it is recommended that you seek legal advice to verify that your intended use is appropriate for your situation.  Download a copy of the Confidentiality Agreement Template (PDF) 

Return to IT Security Homepage

Page last updated 4/8/2013