Information Security FAQ

Are there policies concerning remotely accessing my desktop?

The policies state that you must use a secure method to connect to the network, Citrix or VPN clients are currently the approved methods of access.  Please check with your local IT support on the department approved method of connecting.

Can I use Google Apps to store information?

We do not have a signed Business Associates Agreement (BAA) with Google.  In addition, Google is not HIPAA compliant.  This is not an approved vendor.

Can I use remote desktop software?

These tools are non-compliant with the Information Security Policies.  These tools provide random access into the environment to bypass authorized remote access mechanisms.

Please contact WashU IT or the Office of Information Security at infosec@wustl.edu for approved solutions.

Can I use my personal laptop?

Prior to connecting to the network, personal devices must adhere to their departments procedures whether it is allowed or not.  The personal device needs to be verified by WUIT or the departments IT group that the laptop is current with the anti-virus, anti-spyware and personal firewall.   If the device will be storing protected health information (PHI) the device will need to be encrypted.

How can I send or receive files 32 MB or larger?

Use WUSTL Box:

  1. Upload a new file or create a new folder that you intend to transmit to your external collaborator.
  2. Next to the file or new folder, click the Share button then click the Create shared link slider button.
  3. Next click “Invited people only” and change this value to “People with the link”
  4. Next click “Link Settings” and enable Require password. This password should be shared in a separate communication from your email containing the shared link. 
  5. Click Save
  6. You can now copy the shared link and paste it into your email client or use the send shared link option (envelope icon) in box to send the link to your intended recipient. This option allows easy download for non-BOX user enabled recipients.

Note: If you know your recipient is already a BOX user you might choose to use the Invite People field.

How do I dispose of a hard drive that contains confidential or protected information?

You can work with EH&S

I need an encrypted USB drive. What vendors provide this?

Please check out the secure USB drives from Kanguru, they are available to purchase through MarketPlace.

I received a notice that a complaint about copyright infringement has been traced to my computer, what is this? What do I need to do?

The Recording Industry Association of America (RIAA) represents the U.S. recording industry. The RIAA monitors piracy and illegal downloading of songs without approval.

For more information on the RIAA click here.

Washington University receives complaints when user’s accounts on our network may have used to reproduce and/or distribute the unauthorized copies of one or more copyrighted sound recordings.  The materials are to be immediately removed.  If further incidents occur the appropriate people will be notified.  Please see the University Computer Use Policy for more information.

I think my computer has been hacked, what should I do?

If you think your PC may have been hacked please contact WashU IT or your Departmental IT to advise them of the issue.

How do I reduce the risk of identity theft?

Review your monthly statements

Shred documents

Use caution when sharing personal or financial information

Keep systems secure – update and patch

Review your credit report annually

Use strong passwords