By following good security practices we can help others in the University community benefit from decreased risk. "Good neighbor" security practices help others for the common good. Technology should be reviewed for conformance to industry and University policies, practices, and guidelines prior to deployment rather than after a problem or incident. Members of the University community can help themselves and others by increasing the visibility and support for security within their department or work-group. The following security best practices have been sorted into 3 sections, Resources for Everyone, for Faculty and Staff and for System Administrators and IT Managers. Click on the section heading or "more" button below each heading to get to the full resources.

Resources for Everyone

Computer Security Protections Checklist

Enterprise Information Security Program

Guidelines for Classifying Institutional Data - A guide to assist Business Owners to determine institutional data's relative sensitivity. Based on that sensitivity level, certain information security controls are required to appropriately secure the data.

Site Licensed Publications
The "pdf" document resources below have been purchased for general use by the University of Iowa community. All faculty, staff, and students affiliated with The University of Iowa are licensed to download, view, and/or print these reference documents. The license for these documents does NOT allow sending them to others via electronic mail, printing or photocopying the documents and giving or mailing them to others, or otherwise sharing them with anyone who is not affiliated with The University of Iowa.
NOTE: Adobe Acrobat Reader version 5.0 or later is recommended for viewing these documents. See Adobe for a copy of this software.


Resources for Faculty and Staff

Discovering Personally Identifiable Information with Identity Finder

E-Discovery - What is E-Discovery and ESI?

Encryption GuidelinesĀ - Encryption is required for level 3 highly sensitive institutional data stored on mobile devices and external network transport.

Hawk IRB -Information Security Guidance for researchers

Health Insurance Portability and Accountability Act of 1996 - HIPAA Security Regulations Compliance

The Uiowa System Registry (USR for short) - A helpful web-based application which allows system administrators to register their system(s) with the Information Security and Policy Office.


Resources for System Administrators and IT Managers

Iowa Computer Security Incident Response Team - I-CSIRT Program

SSL Server Certificates Service

UI Disaster Recovery and Business Continuity Planning Resources

UI Network Security Scanning Service