Perelman School of Medicine at the University of Pennsylvania

Security

User Responsbilities

Network Access

University systems and data are for use only by the individual granted access. Shared access is strictly prohibited.

Passwords

  • User accounts on both Windows and Macintosh computers MUST be protected with passwords.
  • Avoid storing cleartext passwords and unencrypted private keys.
  • Avoid scripting IDs and passwords.
  • Disable auto-complete logins on your web browser.

PMACS Passwords Recommendations:

  • At least 8 characters long
  • Use both upper and lower case letters
  • Should include a mix of alphabetic, numeric, and special characters
  • Avoid using words directly derived from any language

Sensitive Data

As a user it is your responsibility to know if your computer has Sensitive or Confidential Data stored on it.

If it does, you must take the necessary steps to ensure its protection, for example, installing PGP Whole Disk Encryption.

Transmitting Sensitive Data

It is your responsibility to take the necessary precautions when transmitting any data that is considered Sensitive or Confidential in nature.

E-mail is NOT a secure means of transmission. NEVER send sensitive data through e-mail. Whether it is contained in the message or as an attachment, such information is at great risk to be intercepted.

Consider using Secure Share, a web-based application for secure file exchange available to Penn faculty and staff.

Mobile Devices

It is highly recommended that all mobile devices have anti-theft / recovery software installed.

See our Laptop Security page for more information about getting ComputracePlus for your device.

Home Computers

Avoid using insecure home computers to gain remote access to confidential University data, especially if that computer is shared with others.

If you have an absolute need to access sensitive data from your home, request support to find out how to take the necessary steps to encrypt and protect that data.

Secure Data Deletion

When data are no longer necessary for educational, research, service or operational needs they should be securely deleted as soon as possible.

Methods of Secure Deletion include:

  • PGP Shred function (WINDOWS & MAC)
  • Heidi Eraser (WINDOWS)
  • Finder: Secure Empty Trash (MAC)
  • Disk Utility (MAC)

Request support for assistance with secure data deletion.

Software Licenses

Users must abide by the terms of all software licenses.

For more information, check out:

For more information, contact Bob DeSilets at medsecurity@mail.med.upenn.edu or 215-746-5578.

Penn Medicine Academic Computing Services (PMACS) at the Perelman School of Medicine

Links of Interest

Job Opportunities