IT Security

ICIT is committed to providing a secure computing environment for students, faculty and staff. ICIT provides various resources to keep our community secure both on campus and at home:

To report an IT security incident or concern, please contact the TSC Helpdesk at 262-472-HELP(4357) or via email at

ICIT Security Initiatives

To help maintain the highest levels of network security, ICIT employs multiple methods of educating and warning members of the campus community of new and potential threats.

IT Security Training: Security awareness training is available to any UW-Whitewater employee who wishes to learn more about potential IT security threats. If you are interested in receiving IT security training, please email

Malicious Email Warning System: UW-Whitewater utilizes an automated system that scans incoming mails for words, phrases, and file types associated with malicious emails and scams. If something triggers the warning system - such as the phrase "you've won" or "network administrator" - then an automated warning message will be inserted into the email warning the user that the message may be a scam or malicious. The email message will not be modified other than to having the warning inserted, so if you see this warning, watch out! 

Phishing Email Awareness Campaigns: While ICIT maintains an anti-spam service that blocks thousands of spam messages each week, however, the tactics being used to disseminate phishing scams and malicious email attachments are becoming increasingly complex, allowing some messages that evade the anti-spam filters. For that reason, ICIT will occasionally perform phishing assessments that involve sending out mock phishing and scam emails to the campus community, similar to those targeting  the campus in the past. The intent of this effort is to assess campus vulnerabilities to these types of attacks, and so the campus community can better prepared to spot fraudulent messages. These messages will not be harmful in any way, and if you fall victim to one of these mock phishing messages you will be notified immediately and will be taken through a brief training exercise to help you learn how to identify fraudulent messages.

Reporting suspicious emails to ICIT

If you receive a suspicious email - DO NOT OPEN ANY ATTACHMENTS OR REPLY TO THE EMAIL. The best way to combat malicious emails is to report them so they can be blocked from the campus email server and reported to appropriate watchdog agencies.

Using the methods below helps retain forensic information that helps combat phishing and other types of malicious emails. If you are unable report suspicious emails using the methods described below, you can also forward the message to:

For assistance with reporting suspicious emails, please contact the Help Desk at or Ext. HELP (4357).

Information Security Awareness Training

Security awareness training is a required course for any UW-Whitewater employee. The training can be accessed through D2L:

  • Log on to D2L using your NetID and password.
  • Under "My Courses", click OTHER-MISC-Information Security Awareness - OTHER-MISC-1806-01
  • Navigate through the right side menu bar to complete the training

This training is organized into several topics - General Security Awareness Training contains information that is relevant to all users, including netid and password security, email security, and information about how to stay safe on the web and while using social media. The remaining modules deal with information security issues that are particular to the various types of records that we handle as a campus.

Please review the training materials in the course content and select those that are most relevant to your work or activities on campus. Thank you for taking the time to review these materials and please let us know at if you have any suggestions for improving our information security awareness program.

IT Security Tips

  2. Use strong unique passwords and change them often.
  3. Keep your software versions up to date.
  4. Use anti-virus software
  5. Lock your computer or device when you are away from it.
  6. Don’t click on links in emails from unknown senders.
  7. Beware of unknown browser pop-ups or links. They often contain malicious software downloads.

Phishing Email Traits

  1. Misspelling and bad grammar
  2. Suspicious links within the email
  3. Threats or rewards - e.g. your account will be closed or you’ve won a prize
  4. Spoofing popular websites or companies
  5. An urgent call to action – e.g. you must act now

Mobile Device Tips

  1. Password protect your phone
  2. Read vendor privacy policies before downloading apps
  3. Don’t store sensitive data that isn’t needed. This includes confidential data in your email account that auto-syncs with your phone
  4. Do not auto-login or store passwords on your phone
  5. Encrypt your phone
  6. Be wary of wireless networks and service connectivity
  7. Try mobile antivirus software or scanning tools
  8. Use GPS tracking wisely
  9. Be physically aware of your mobile device

Safe Computer Installation, Configuration and Disposal

It is very important that all computers on campus be installed, configured, and disposed of in a safe manner. Improper installation, configuration, or disposal of computers can lead to serious security problems and data breaches, some of which may lead to violations of federal or local regulations.

The proper procedures for these activities are handled by the Helpdesk, and can be found at the Technology Support Center Helpdesk under the "Services Offered" section. Also, users can contact the Technology Support Center Helpdesk directly at 472-4357 for computer installation, configuration, and disposal.

Desktop Security Practices

  1. Backup important data regularly to a network share or CD-ROM.
  2. Keep your operation system up to date with current patches and service packs. Windows Update works well for Windows systems.
  3. Lock your desktop when not in use. Set your screensaver to lock your workstation after 15 minutes of inactivity.
  4. Use only programs that are necessary to do your work and that are provided by iCIT. Installing and using unknown programs can compromise the security of your workstation.
  5. Run your workstation as a regular user instead of an administrator, if possible. Using a regular user will result in safer operation.
  6. If the business practice in your office permits listening to music during the work day, it is recommended that you use CDs. If you choose to listen to Internet radio, be aware that certain Internet radio programs can create a large amount of network traffic and also allow other people to connect to your computer to access the same radio stream. To prevent your computer from being compromised, we recommend the following players for Internet Radio: Windows Media Player, Real Player, Netscape Radio or iTunes.
  7. ICIT distributes anti-virus software and critical OS security updates to office computers through network login or connectivity. If you require any other type of operating system maintenance, contact the Technology Support Center Helpdesk to request assistance.
  8. Restart your computer once a day or at least once a week to ensure updates are being applied.

Facebook, MySpace, LinkedIn, and other social networking sites make it easy for you to connect with others based on shared personal and/or professional interests. They help you exchange information about yourself via postings, pictures, videos, email, or instant messaging. Depending on how you set up your account, this information can be shared within a small community of friends or broadcast to the world.Socializing online encourages openness, but it also challenges us to think about how we define privacy and what we consider personal. Consider how parents, university officials, future and current employers, or worse, online predators, may interpret your profile. The tips below will help keep you and your information safe.

Social Neworking

1. Know how the site works before you join.  Social networking sites are each set-up differently and offer a range of options. Some allow you to post to a small group of users, while others allow anyone to view your personal postings. Look at the different features and think about what level of openness you really want. Consider whether setting viewing restrictions can help control who sees your information.

2. Keep personal information to yourself. Your full name, Social Security number, address, phone number, bank or credit card account numbers (and that of others) do not belong on these sites. By posting them, you open yourself up to identity theft or stalkers.

3. Information lasts forever. Only post information you are comfortable with others seeing, including your professors, parents, current or future employers, coworkers, or the police. Even if you change your mind and delete what you posted, the information is still out there. Older versions may exist on someone else's computer and social networking sites can never fully remove these files.

4. Think before you share. Photos, videos, stories, blogs can all be used to form opinions of you or can be shared with others. Before posting, consider who will see these and whether you can share them with a smaller audience. Be considerate when passing on photos of friends - ask whether they would want that information shared.

Store Your Data Safely

Storage of your important data on your local (or C:) drive does not protect you from data corruption or loss! In order to protect your important data, use your network drive. Your network drive is backed up regularly and can be recovered in the event of data loss, your local drive, in many cases, cannot. UW-Whitewater provides network storage for all students, faculty and staff.

If you are, or have been using your local drive to store your data, then please copy your important documents and data to your network drive and start using your network drive to store and retrieve this data. More information about your network storage options is available on the File Storage Options page.

If you have any questions about using your network drive, please contact the Technology Support Center Helpdesk at 472-4357.

Safe Network and Internet Usage

Use virus protection software & keep it updated.

All computers connected to the campus network must be using up-to-date anti-virus software. McAfee 8 is the current PC antivirus solution on campus and is installed on all UWW provided computers.

Students: McAfee is available from ResNet for students living in the Residence halls. Please visit the ResNet website for more information.

Use an anti-spyware program.

  • Users should not install software that can compromise their machines.

  • Use one of the campus-wide solutions to remove spyware include Spybot and Spykiller.

  • UW-Whitewater has an automated warning system to let you know if a message has the potential to be malicious, so if you see the warning, watch out!

Internet Security Practices

  1. Don't click on links sent to you through e-mail. Instead open your browser and type in the address of the sites that you wish to visit.

  2. Do not send confidential data over unsecured links. Unsecured links start with http and secure links start with https.

  3. Clear your web browser cache and delete your "cookies" after each use of your web browser.

Related Policies & Agreements

Related Services