Quick Tips for Securing Personal Computers

Below OIT offers some tips for keeping your personal computers secure and up to date.  All campus owned computers maintained by OIT are automatically set to update and are configured with the proper security settings.  However, users should still use commonsense security practices to prevent security issues.
 

Critical Updates
Of all the actions you can take to safeguard your computer, none is more important than constantly updating your software to eliminate emergent security threats:

Use up-to-date anti-virus software
Install antivirus software on your computer if it is not there already, and turn on the feature that allows the software to monitor all incoming files, so your machine is protected continually from attack. Establish an automated schedule for updating your antivirus software daily, so it can continue to recognize new virus types as they emerge.

Keep your computer's operating system up to date
It is essential that you keep your computer's operating system (OS) up to date. The web site of the OS manufacturer (e.g.; http://microsoft.com) should be checked regularly for the availability of new critical updates. Updates that correct security-related defects should be downloaded and installed immediately. Most recent operating systems allow the update process to be automated.

Keep your application software updated
Web browsers, word processors, and other application software present some risks of exposure. Software manufacturers regularly provide updates to their products. Updates that correct security-related defects should be downloaded and installed.

Setting Up Your Computer
Follow these guidelines whenever you set up a new computer or reconfigure the setup on an existing one.

Turn off file sharing
The file sharing capability of your computer should be enabled only if it is essential that others be able to access files on that computer. Check file sharing and system access settings for Windows, Macintosh, or UNIX/Linux operating systems. Also, make sure your machine is physically secured to prevent tampering.

Turn off or delete unneeded software features
The more software packages there are on a computer, the more opportunity there is for exposure. Products that are not used should be removed. Also, products often include features that can be turned off or on. Computer users should read the software manuals, paying particular attention to such features, and should turn off features not used to reduce vulnerabilities.

Use strong password protection
DO NOT SHARE YOUR COMPUTER PASSWORD(S) WITH ANYONE.  Some types of exploits are not possible if the attacker cannot guess the computer's logon password. Learn what constitutes a good password, create ones you can remember, and change your passwords if you have reason to believe they have been compromised.

Some  password guidelines:

Don't:

• use your login name in any form (as-is, reversed, capitalized, doubled, etc.).
• use your first or last name, maiden name in any form.
• use your spouse's or child's name.
• use your pet's name.
• use other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the brand of your automobile, the name of the street you live on, etc.
• use a password of all digits, or all the same letter. This significantly decreases the search time for an intruder.
• use a word contained in (English or foreign language) dictionaries, spelling lists, or other lists of words.
• use a password shorter than six characters
• write your password down

Do:

• use a password with mixed-case alphabetic.
• use a password with non-alphabetic characters, e.g., digits or punctuation.
• use a password that is easy to remember, so you don't have to write it down.
• use a password that you can type quickly, without having to look at the keyboard. This makes it harder for someone to steal your password by watching over your shoulder.

Although this list may seem to restrict passwords to an extreme, there are several methods for choosing secure, easy-to-remember passwords that obey the above rules.

Make up a unique sentence and use the first letter of each word in the sentence. Then throw in a digit or punctuation mark somewhere in the middle. A secure login password could be defined as one that does not fit into any would-be intruder's "universe" of intelligible words, or permutations thereof. In other words, an ideally secure password must appear as noise, totally random characters, devoid of any information. Therefore, you should not incorporate into a password any information which is known to others, because this information can make life just that much easier for an intruder. Names of people, streets, dictionary words, new events, are all known by others and can be guessed. For example, a sentence unique to a particular individual might be:

My Volvo's front muffler leaks too much

from which the password "MVfml,tm". Such a password should then be examined in the light of the above guidelines in case any are violated by accident. For example, if the sentence had been:

How older US educators sit

The resulting password "HoUSe.s" contains enough information to make life easier for an intruder.

Don't allow files from unknown sources on your computer
Accepting files from others by opening attachments, by downloading files from web pages, or by other means is risky. Each time you encounter a new file, judge carefully the reliability of the file's source and contents before you open it or save it to your computer. It's best never to open an attachment unless you are absolutely sure of the credibility of both the sender and the contents of the sent material. Remember, malicious programs like viruses and worms can spoof the identity of an email message's sender. Just because the message says it's from someone you know doesn't mean that it really is.

Back up files
You should create a backup of your entire system periodically and back up critical data files whenever they are updated.