Basic Information Security for Instructors and TAs

As instructors, you have privileged access to sensitive private information; especially, student names and grades. Federal law requires you to protect the privacy of this information. Therefore...


  • Don't post grades in public places, including websites.
    (You can securely post grades in Canvas's Gradebook.)
  • Don't save sensitive data (grades, social security numbers) on lab computers.
  • Don't let web browsers store your password.
  • Log out of computers when you leave them.
  • Avoid putting sensitive information on flash drives. (They're easy to lose!)

If you use email...

  • Never give anyone your password. Don't let con artists deceive you.
    Legitimate computer administrators never ask you to email your password.
  • Remember email is about as secure as mailing a postcard. Avoid sending sensitive information in unsecured email.

If you have a laptop, it is vulnerable to thieves and hackers.

  • Protect your laptop from physical theft. Secure it or take it with you.
  • Protect your laptop from hackers:
    • Get Penn's supported virus protection software for your laptop (see supported products)
    • Enable your firewall
  • If you leave sensitive data on your laptop, encrypt it.

Protect your intellectual property from loss.

  • Back up your teaching materials and research files on a regular basis.

If you suspect your computer has been hacked, seek help immediately.


More detailed information about information privacy and security is available in the brochure, Taming the Beast: Keep Control of Your Computer and Your Data, also available online in PDF format.