Where to start?
This is such a big topic. Everything IT does has a security component. Everything you do on your computer has a security component. Is your laptop encrypted in case it gets stolen? Do you have backups of data in case of CryptoLocker? Is your computer secure enough to prevent hackers coming in from the outside? Is it secure enough to prevent a script you accidentally open from hacking you from the inside? Do you leave your office door open with your laptop in plain site? Do you like to click on every link in every email?
Metro IT configures every computer that touches our wired network (inside our network firewall). Personal computers, those not owned by the department, and non-faculty laptops (owned by the department or not), use the campus Eduroam wifi.
Most people use their campus account to log into their computer. This is a user-level account. To install software, ask Metro IT and we'll bop by and handle it (or remote in, etc).
Some people have a second account with administrator access.
More information in Policies.
The Very Basics
Never give your password to anyone. Anyone. We don't want to know it. IT Express doesn't want to know it. Anyone who asks you for your password is either evil or doing it wrong. My password is "No".
Never let anyone else work on your department owned computer until you've contacted Metro IT. Especially people from 1-800 web pop-ups. My IP address is "No".
Know where your data is. Did you just put student records in your email? Did you store your Social Security Number on Box.com? Depending on the data type, you can't just store it anywhere per all sorts of university, state, and federal policies. The thing is you *can* store it anywhere, but you have to know where you're breaking policies so you don't.
Keep your system and software up to date. Most of that is automated by Metro IT but whether it's here or at home, if your system doesn't have a particular security patch, then it's a target for a particular hack.