Security and Backup


Data Backup

Computers configured through the Helpdesk will be configured for backup using the CrashPlan application. As the CrashPlan backup server is behind a firewall, backups only take place while the computers are connected to the campus network (wired or wireless on any campus). From home, backups only take place if you're connected to either UTSC or UTORVPN systems.

The CrashPlan backup software checks for newly created files or changes made to existing files on your computer every 30 minutes and backs them up. The retention period of your backup data is dependent on how long CrashPlan has been installed and may exceed a year.


The following table details the frequency and the versions captured by the CrashPlan backup system. The term version describes new changes saved to an existing file. This would be for events where changes are saved to a file but need to be reverted back to the original version later.

Backup Frequency Versions Kept
Up to 1 week Every 4 hours
1 week - 90 days Everday
90 days - 1 year 1 month
Over 1 year 6 months

Files/folders deleted from your computer will be removed from your CrashPlan backup set after 30 days and cannot be restored.


The time to complete data restore from CrashPlan will depend on the volume of files and speed of the network connection. For optimal restore time, IITS recommends performing large data restores on campus while the computer is connected to the wired network.


Files stored in the following folders will not be backed up:

  • Personal
  • Downloads
  • Temp
  • Dropbox
  • Skydrive
  • Google Drive
  • Virtual Box

Should you have any files you don't wish to backup (personal files), please create a folder named Personal anywhere on your computer (Desktop, My Documents) to store your personal pictures, videos and documents. The backup software has been instructed to skip backing up any folders named Personal.

Deleted files are retained for 2 weeks then purged permentantly.

The following folders are setup for CrashPlan backup on PC and Mac computers :



Desktop Desktop
Documents Documents
Pictures + Vidoes Pictures + Movies (vidoes)
Outlook Local Mail Library —> Address Book
Outlook Signatures Library —> FireFox Profile (bookmarks)
Office Auto Recovery Library —> Chrome Profile (bookmarks)
FireFox Bookmarks Library —> Office 2011 AutoRecovery folder
Internet Explorer Favorites Library —> Local Calendar (if not on Exchange)
Google Chrome Bookmarks Library —> Office 2016 AutoRecovery folder
Thunderbird Local Mail Library —> Outlook 2016 local Mail
  Library —> Safari Profile (bookmarks)
  Library —> Thunderbird (local mail)
  Library —> Mac Mail local mail

Disk Encryption

The University of Toronto's guideline for data encyrption requires that personal and other confidential information in electronic form be protected by properly implemented encryption unless it is kept in a secure server environment with appropriately restricted users rights.

View the University of Toronto Provost's Office guideline regarding security and personal information.

Limited Administrative Access

User accounts created by IITS have limited access to minimize the the chance for malware infection. Please contact IITS to install required work-related software or updates.

Windows and Software Updates

Staff computers have been configured to receive updates for the following software on weekly basis:

  • Adobe Flash Player
  • Adobe Acrobat Reader
  • Adobe Shockwave
  • Mozilla Firefox
  • Internet Explorer
  • Microsoft Office
  • Windows 10 & 7

 A Dell Kace message will pop up when reboot is required to complete the installation of a software update. 

Advanced Threat Protection (ATP): SafeLinks For Email and Documents and Attachments

As part of an ongoing initiative of the University to secure email accounts, new advanced security features will be applied to the University of Toronto Microsoft 365 (M365) accounts as part of the rollout of Secure U (of T) advanced threat protections. These new features use advanced analytics to proactively identify cyberattacks in order to protect you and your account. This is a phased rollout and groups/individuals will be contacted in advance to notify them of their enrollment.

What advanced security features will be applied to my account?

As part of this update, Secure U (of T) will apply the following security features to your account.

  • Safe Links for Email and Documents will check URLs found in your emails and documents to verify that the links are safe to view.
  • Safe Attachments will check to see if an attachment is safe to be delivered to your inbox. If the attachment is found to be unsafe, you will receive the email but not the attachment.
  • Safe Documents will help you detect unsafe Office documents. When you open a Word, Excel or PowerPoint file, the file will launch in Protected View and automatically verify the document against the latest known risks and threats before allowing you to leave the protected container (e.g. in order to edit the document).
  • Anti-phishing and impersonation will alert you to possible phishing attempts by displaying safety tips in the body of suspicious emails that you receive. Spoofed messages (where the From address in an email message doesn't match the domain of the email source) will also automatically be moved to your Junk Email folder. 

These features will be applied to your account automatically when enrollment takes place. Once enrolled in the policy, there will be no impact on your account..

Copier/Multifunction Printer Security

Copiers have a built-in hard drive which stores a digital copy of jobs printed, scanned or photocopied. If you have an end-of-lease copier, please ask the vendor to either secure wipe the hard drive or take it out so IIT may delete the data. 

IITS also helps departments ensure that their new replacement copier has all the new security features such as encryption or on-demand secure wipe.

IT Support