Computing Security Tips

Sophos Home is the University's supported antivirus product for Windows and Mac OS operating systems. The software is licensed through Penn and is available free of charge to all members of the Penn community. Read more on getting Sophos downloaded and installed here: Sophos Home.

We suggest creating both a Standard and Administrator account on your computer. The Standard user account will be used for day-to-day computing, and you will only need to use the Administrator account to make any necessary changes to your computer (such as installing new programs). Should your computer become infected with any malicious software, having these two separate accounts will help minimize any harm to your machine.

Please note: if you are setting up a brand new Windows machine, DO NOT choose the option to create a user account with Microsoft Live. We have seen students run into problems when they use Microsoft Live email accounts as their computer user accounts.

• Windows instructions (Links to an external site.)
• Mac instructions (Links to an external site.)

The University and the Weitzman School offer two VPN options for accessing both University and Weitzman School resources when working remotely. Read more about getting access to and setting up both VPN clients on our Remote Access page.

• University of Pennsylvania VPN Getting Started Guide
• Weitzman School of Design VPN (FortiClient) Instructions

Here are some quick tips on creating a secure password:

• Don't use the same password for every login or application
• Do not use part of your real name, date of birth, etc. as these can be used by sophisticated scammers to phish your account login. Read more on the dangers of phishing here.
• While not all services require the same level of complexity for passwords, for a secure password we recommend: at least 12 alphanumeric characters, upper and lower case characters, and at least one symbol. Note: these are the password requirements for your Weitzman School account.

As mentioned above, avoid using passwords you can memorize - use a password manager instead, like Lastpass:

LastPass offers a secure vault for storage of your passwords, and other secure information, allowing users to create stronger, and more varied passwords for their various accounts, ultimately leading to a more secure environment. Read more here.

Encryption protects your data if your hard drive is lost/stolen/tampered with, upon which a recovery key is needed to unlock the drive. If you lose your recovery key and become locked out of your computer, there is no way to access/recover data – you must re-install your operating system.

• Windows allows you to save your BitLocker recovery key to a file or a Microsoft account. Students must not use their PennO365 Microsoft Account for this purpose. It’s recommended to save the key to a personal Microsoft Account, or to an external drive. More Info here (Links to an external site.).
• macOS allows you to save your FileVault2 recovery key to a file, or use an iCloud account. It’s recommended to use an iCloud Account. More Info here (Links to an external site.).