Now Viewing Information for: Students
Show me information for Employees
Mercer's IT department has implemented industry-standard network and system security measures to ensure our faculty, staff, and students are protected from computer security breaches and vulnerabilities. We have also compiled a list of security best practices to help you help yourself. By familiarizing yourself with - and acting on - the information on this page, you will go a long way towards ensuring you don't become a victim of identity theft or suffer a catastrophic loss of data. We urge all Mercer employees and students to follow the security best practices outlined below.

In this section:

Use a strong password

A strong password is the best way to protect yourself against identity theft and unauthorized access to your confidential information. Passwords for every website or service you use, including non-Mercer sites, should be changed periodically.

Password for Mercer's systems must meet the following requirements:

  • The password must be at least 15 characters long
  • Use at least 1 uppercase letter, 1 lowercase letter, 1 number, and 1 special character (e.g. $, &, @, !)
  • Your password cannot containing 3 consecutive characters present in your name or ID (e.g., If your ID is smith_j, your password cannot contain 'smi' or 'mit')

To create a password that may be easier for you to remember, we recommend creating a passphrase which has some meaning to you, such as:  

  • EveryDayIsAnAdventure4Me:)     
  • My2KidsAreBen&Jerry     
  • Superbowl44Champs!

If you have not changed your Mercer password, visit the Password Self-Service information page.


Do not reuse Mercer passwords

If your username and password to any system is discovered, attackers may try to log in to many other popular websites using the same username and password. Creating a unique password for every website you use minimizes the damage that can be done after a security breach. We especially recommend that your passwords for any Mercer systems are not reused for any other websites or services.

If you have not changed your Mercer password, visit the Password Self-Service information page.


Keep your software and mobile devices updated

Software updates are usually released to fix programming bugs and to fix security vulnerabilities. If you are prompted to install updates for any software, including the software on mobile devices such as iPads and smart phones, we recommend that you install the updates as soon as possible to minimize security risk. Most programs and devices have an automatic update feature which, if enabled, will help keep your systems secure.


Protect your personal information

Personal information such as passwords and student ID numbers should never be shared. If asked to provide personal information, never provide it if you are unsure why it is needed, especially if you did not initiate the request. For example, if you receive a call asking to verify your ID number, a good practice is to ask what office the caller is calling from, and call that office yourself to verify that they actually need the information.


Be cautious of software downloaded from the Internet

Software provided by Mercer can be trusted, but any programs downloaded from the Internet should be treated with caution. Many programs secretly install malicious software that aims to steal personal information and possibly trick you into purchasing unwanted/unnecessary software. If you are unsure about whether a program can be trusted, contact the IT Help Desk.

Be wary of unsafe email

Phishing Scams

Phishing scams are attempts to trick you into releasing your email, bank, credit card, or other private information to an unidentified individual. These emails are sometimes disguised to appear as they are from a reputable source.  The “From” address may even appear as though it is from Mercer University or your bank. These emails will frequently ask you to log in to a website to verify your account information and may threaten that your email will be disabled if you do not submit the requested information. Mercer will never solicit password information from you, and you should never respond to these types of emails. Take this Phishing IQ Test from Dell to see how well you can spot a phishing email.

Visit this website to learn more about phishing scams.


Do not open any attachments that you were not expecting to receive, or from a sender you don't know. Our email server will block many types of attachments that are known security risks, but no security system can be 100% effective.

Junk email

Do not move email found in your junk or spam folders unless you are 100% certain of the sender.

Links in email

If you receive an email with a link to a website, and you don't know the sender, or are suspicious that the email may not be legitimate, do not click the link. Contact the IT Help Desk for further examination.


Be careful with portable backup drives

Thumb drives and external hard drives should only store backups of your files – they should never store the only copy of any data. USB thumb drives are inherently prone to failures due to the nature of their construction and usage. It’s also best to avoid storing any confidential information on external devices since they may be lost or stolen.

Back up your data

If your computer becomes infected or the hardware fails, you may be unable to retrieve important information. Therefore, it is a good practice to back up your data regularly and periodically test that the data can be accessed. External hard drives and USB thumb drives can be purchase through any electronics retailer.


Protect information in all its forms

Protecting your digital data is important, but paper and the human voice remain important elements of the security mix. Keep confidential printed information out of public view. If you're talking about confidential information on the phone, take appropriate steps to ensure you're not overheard.

If you're unsure about something - ask!

In addition to this website, the IT Help Desk is always willing to review any email, website, program, etc. to help determine if there is a security risk.
(478) 301-7000