This article explains requirements related to the use of institutional IT resources based on the University System of New Hampshire Written Information Security Program (“WISP”). The WISP consists of security policies and standards intended to protect USNH data and are in alignment with applicable laws and regulations.

This article provides USNH community members an introduction to the Federal Privacy law entitled Children's Online Privacy Protection Act (COPPA). COPPA is a law that establishes a strict set of guidelines for online operations to protect the privacy of children under the age of 13.
Intended Audience: This article is intended for USNH administrators of websites or online services wherein a child under age 13 is providing personal information.

Explanation and steps for requesting a cybersecurity exception

This article explains how to report a cybersecurity incident for students, faculty, and staff. Reporting a cybersecurity incident is everyone's responsibility. Please be sure to report to your manager so that they can contact the Cyber Ops team via the relevant helpdesk at your campus or directly via It.security@unh.edu .

This article contains information for the USNH community of procedures involving electronically stored information: information stored, processed, and/or transmitted with USNH technology resources.
Intended Audience: This article is intended for information technology service providers, data stewards, and persons authorized to access certain restricted and sensitive information.

This article contains information regarding illegal file-sharing for all USNH community members who access USNH information technology resources.  This article specifically covers laws related to distribution of copyrighted materials through peer-to-peer file sharing.

This article provides information regarding good security practices to adopt at work, school, and at home.

This article provides information on handling University data with care.

This article provides steps to take if your USNH Account was compromised, after it has been secured and recovered. If you believe your USNH Account has been compromised, call the USNH Technology Help Desk immediately at https://www.usnh.edu/it/need-it-help for assistance in securing and recovering your account. This is an important step as it is not always enough for you to simply change your password.

Mobile device health and security is explained in this article, including the purpose, why mobile security is needed, and some of the best practices to use.

This article explains what password managers are and what they do.

Payment Card Industry Data Security Standard (PCI DSS) is explained in this article, including who must comply, the merchant responsibilities, and the employee responsibilities.

Phishing is an attempt to acquire confidential information such as account passwords, identification numbers or credit card details by pretending to be a trusted entity in electronic communications including email, texting and instant messaging. This article is for students, faculty, and staff.

This article contains information regarding identity theft prevention and the Federal Trade Commission Red Flags Rule at USNH.

Signs that your account is compromised and related information are included in this article. In today’s information security threat landscape, the creativity, ingenuity, and perseverance of the cybercrimimals who want to steal your credentials seem to have no limits. Unfortunately, with threats coming from so many directions, even the most careful users can end up with compromised credentials.

This article contains information regarding storing restricted, protected, and sensitive information at USNH using SharePoint and OneDrive.

This article contains information regarding Tenable Nessus, including an outline of data elements collected by Tenable Nessus agents, and serves as a privacy policy and justification for deployment. This article is for users and administrators of servers or endpoints that store, process, or transmit sensitive or restricted information.

This article provides information for USNH employees regarding the best practices of use of e-mail communication with personally identifiable information (PII).

This article contains tips for keeping your devices secure.

This is a list of frequently asked questions regarding the USNH Computer Quarantine effort to help keep the data of all USNH employees secure.

Vendor contract language is reviewed in this article.

This article contains information about vendor information security, privacy considerations, and security assessment review (SAR) for USNH community members engaged with vendors involved with USNH information technology resources. The purpose is to guide USNH community members regarding vendors and/or third-party partners that provide products or services that integrate with the USNH network.

This article contains information on automated management of a computer.

This article contains information on IT risk assessments.

The following FAQ is intended to address the most common questions received from users whose accounts have been secured because their university credentials were posted publicly.