Your MIT identity gives you access to authorized information on the MIT network, so it's important to protect these access privileges from abuse.
Personal information protection starts with your own actions, because once sensitive information (educational, employment, and medical records, Social Security numbers) is in the hands of others, you have little to no means of controlling it.
One of the potentially weakest links in computer security is your password. Despite the MIT's efforts to keep hackers out of your personal files and away from MIT-only resources, easily guessed passwords are still a big problem.
LastPass Enterprise is a free password management system that removes the inconvenience of remembering all of your passwords and increases security.
Spam and phishing
Many malware attacks occur through a combination of spam and compromised web pages or phishing emails. Don't open email from unsolicited sources or unknown email addresses. Reduce the amount of spam in your inbox. IS&T recommends using Microsoft O365, a free service provided by MIT to filter unwanted emails.
MITnet is an open network. There are no network firewalls or filter restrictions. In this environment, an unprotected computer is especially vulnerable to online attacks.
Secure authentication methods help protect your identity as well as authenticate communication between computers.
When working off campus, use MIT's Virtual Private Network (VPN) to securely and reliably access MIT resources. A VPN makes a tunneled network connection through the internet which securely connects you to remote sites.