Please click each section below for general information for Faculty when using technology on and off campus.

To request support or ask questions about what is available on campus to assist with these suggestions, please visit the Enterprise Service Desk site at

Desktop and Laptop Security

Due to the continued attacks on the Georgia Tech infrastructure as well as the importance of securing the endpoints that access the Georgia Tech network, OIT has implemented several initiatives to provide campus Units with the necessary tools to help manage end user laptops and desktops. 

Ultimately, the units are responsible for the devices in use on the network.  However, OIT can and will assist where necessary. 

Endpoint Management and Protection Service offers a suite of products to enable the campus IT community to effectively manage and protect Institute owned endpoint devices. For information about the tools available from the Endpoint Team, please visit The Endpoint Management Platforms Page.


Knowing how to and where to back your data up will help you be ready for the day when something unfortunate happens, whether that is a hard drive that goes bad, or ransomware that encrypts your files.

Learn more about Georgia Tech’s selected backup solution and what you can do to be prepared for a computer disaster.


Your username and password help to keep your data and devices safe. Use the guidelines on the Securing your Password page as well as the guidelines below to assist you with protecting your credentials.

  • Use two-factor authentication
    • Two-factor authentication keeps information safe by requiring you to provide a second layer of security, usually in the form of a generated number, to a login screen before accessing a protected application. Because that second authentication is independent of your username and password, a web application using two-factor authentication is safe from hackers that may have stolen your credentials. 
    • Learn about using two-factor authentication with your GT Account.
  • Use strong passwords and hints 
    • It is important that you create passwords and password hints that are hard for a computer to guess. Modern password cracking programs can usually guess passwords that are based on a word or name, even those based on uncommon or non-English words.
    • Georgia Tech passwords must meet the Georgia Tech Password Policy, and we recommend the policy’s parameters for personal passwords as well.
  • Use a password manager
    • A Password Manager program can store your usernames and passwords for all the websites that you use, encrypting them with a single, “master” password.
    • Many password managers include the ability to log you into your websites automatically and sync your passwords between devices. Georgia Tech has licensed LastPass for Faculty and Staff.
    • Learn more about using LastPass for password management.
  • Don’t share your password
    • Your username and password is for your use and your use only.
    • Ramifications of sharing your password are detailed in the Georgia Tech Password Policy.
Email Security
  • Georgia Tech email is housed on Office 365. Your campus email account should be used to communicate between yourself and other Georgia Tech users on campus.
  • We recommend other ways to send sensitive information instead of direct email. For example, share links to where you’re storing your data in the cloud instead of sending sensitive data in attachments.
  • Keep a look out for Phishing attempts


Software Requests

Per the USG IT Handbook, software used to store, process, and transmit Georgia Tech data must be acquired from reliable and safe sources.

Should you wish to request software, please use the Services Security Checklist to do so.

Approved Software

Please see the Approved Endpoint Software for the list of software required to be installed on Georgia Tech endpoints. For information about the implementation of the Approved Endpoint Software and the tools associated with them, visit The Endpoint Management Platforms Page.

If you have questions about whether a software can be used for certain types of data, please refer to the Regulated Data by Service Page.

Copyright and Intellectual Property

Sharing copyrighted works can be a contentious subject.  The subject of using Peer-to-Peer (P2P) has been widely debated in the news, law-making bodies, and in our community.  While using P2P technologies to obtain legally available content is accepted and encouraged, we would like to remind our users that Georgia Tech and Georgia Tech users are obligated to follow and obey the laws surrounding the use and distribution of copyrighted works.  Downloading or distributing copyrighted works without permission from the copyright owner is against the law and a violation of the Georgia Tech Cyber Security Policy.

When Cyber Security receives a copyright infringement complaint, the Copyright Infringement Complaint Response Procedures outlines our response.


Georgia Tech is subject to various regulations for which personnel must comply. Georgia Tech Cyber Security’s role is to assist with review of the implementation of controls to meet requirements of said regulations, and can assist with recommendations for how to meet controls. However, Georgia Tech Cyber Security does not assist with implementation of controls for regulations, as that is the responsibility of the IT Staff supporting the users and equipment in question.

Should you have work that relates to any of the following regulations specifically, the sites listed below have more information about the regulation/requirement and who to contact. Please note that this is not an exhaustive list, and is subject to additions based on Georgia Tech’s compliance requirements.

Regulation/ActivityPrimary Website for Information
Human Subjects ResearchGeorgia Tech Research Integrity – Institutional Review Board (Main Page)
DFARS 7012 ResearchOffice of Sponsored Programs (Main Page)
Controlled Unclassified Information (Information Page)
FERPAGeorgia Tech Registrar (Main Page)
GDPRGeorgia Tech EU General Data Protection Regulation (GDPR) Compliance Policy
Export ControlGeorgia Tech Research Integrity – Export Control (Main Page)
(Note: IPaT should be your first contact for HIPAA research)
Georgia Tech Institute for People and Technology (IPaT)
PCI DSSGeorgia Tech PCI DSS Program (Information Page)
Georgia Tech Credit Card Processing Policy
Business Continuity Requests

Should there be a need to request data held in Georgia Tech Resources assigned to a terminated Employee, please review the Business Continuity Requests page.