Staff - Admin

Cybersecurity image on left hand side featuring locks and people in the background. Photo of Marc Denoncourt on right hand side.

Chief Information Officer Marc Denoncourt discusses the importance of strengthening our cybersecurity posture.

Cybersecurity is about safeguarding McGill’s privacy and information.

Protecting University data and creating a cybersafe space for all activities at McGill enables us to support the McGill community while meeting our legal and regulatory responsibilities.

Each of us has a role to play in meeting this objective. Here are some guidelines and resources to help you adopt cybersecure habits and achieve our goal. 

Protect your identity

  • Learn to recognize phishing scams that attempt to steal your personal information.
  • Strengthen your Password: 
    • Create a strong password that is unique to  your McGill account.
    • Use a different password for each platform or system.
  • Enable two-factor authentication on your McGill account. Two-factor authentication (2FA) is required on all McGill accounts because it helps verify that you are the person who is signing into your account. Don’t delay, enroll now at *New staff are automatically enrolled

Secure your devices

Follow some basic safety tips to keep your devices safe: 

Access McGill's systems safely

  • McGill's Virtual Private Network (VPN) allows you to connect to restricted sites and resources. Some key systems require VPN to access remotely because they store sensitive information accessible only to authorized users. 
  • To learn more about which systems require VPN, see When to use VPN and Remote Desktop (RDP) 
  • Ensure your device is secure when connecting to McGill remotely (see Secure your devices)

Safeguard McGill's data

Only use McGill-approved storage and collaboration solutions for storing McGill organizational data. All software solutions must comply with the McGill Cloud Directive .

For more information, see IT Policies, Regulations, Directives & Standards.

Software: considerations

See McGill's cloud services website for details, such as: 

  • Cloud solution approval process
  • Types of data and what can be stored in the cloud 

Protect websites and users' data

If you design or manage a website at McGill, ensure that it is secure and that your visitors' privacy is protected. 

Prevent fraud

Be aware that hackers often study an organization, learn its financial approval processes, and target approvers. Some signs of attempted fraud may include: 

  • An urgent email asking you to approve a request without going through the standard process
  • The email address of a message appears to be from McGill but is not - see Learn to recognize phishing scams in the IT Knowledge base.

For more information, the following resources are available: 

IT Security Awareness: online training and workshops

Learn about key threats and behaviours that create risks to our organization and how to protect against these. Register online through myCourses or request a customized training session for your team.

IT Security Awareness Training

Report security incidents 

Remain vigilant against cyber threats by staying informed and reporting any suspicious activity to the IT Service Desk. 




Back to top