While the items listed below are debatable in terms of order, they are all essential to protecting your computer from malicious attacks, and also protecting your identity (and if your job includes it, the identities of others).
- Use strong passwords
Weak (or in some case non-existent) administrative passwords are an open invitation to hackers and malware alike. A common method of intrusion includes scanning for computers that do not have administrator passwords and are connected to an always-on, high-speed network. Information on creating a strong password can be found at cis.unh.edu and searching on ‘strong passwords.’
- Install and use updated anti-virus software
Another must for keeping your computer healthy and free of viruses and spyware. UNH offers free McAfee VirusScan anti-virus software to all UNH students, faculty and staff. To download, visit www.virus.unh.edu.
- Don’t open E-mails or attachments from unknown sources
The rule of thumb is, if you don’t trust the source, don’t trust the file. This applies to all E-mail attachments, including files and programs. UNH E-mail servers filter all incoming/outgoing messages for malicious content, but as an additional safety measure, this is considered a best practice.
- Use firewalls
The definition of a firewall (from Webopedia.com) is “A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both.” Most Windows operating systems offer a built-in firewall, accessible through the Security Center icon in the Control Panel.
- Regularly download security updates and patches for operating systems
Windows computers: turn on Automatic Updates. Go to the Control Panel, choose the Security Center icon, and then choose Automatic Updates. Select ‘On.’
Apple computers: Go to the Apple menu and choose Software Updates.
- Backup your data weekly
Data loss prevention starts with a regular, routine backup of all critical files. This includes all files on your hard drive and also shared network folders (see your system administrator). The most common backup methods include burning these files to a CD-R or CD-RW, or copying/pasting files to an external USB or Thumb drive.
- Disconnect from Internet when not in use
While the cat’s away, the hackers will play. When in doubt, disconnect your Ethernet cable from your computer when not in use. This is the only true way to prevent compromise. If you are connected wirelessly, be sure to disconnect when leaving your computer unattended.
- Use a VPN when accessing University resources
Virtual Private Networks encrypt sensitive data, thus safeguarding it against malicious users. Many UNH resources and administrative applications require the use of a VPN for access, however, many folks don’t realize that the VPN is also a great tool for hacker prevention. Go to vpn.unh.edu and choose the Faculty/Staff login (use your AD username and password to login).
- Using a public computer? Protect yourself. Logout when finished.
So long as you’re logged into a cluster machine and walk away, your personal information is exposed to the next person who uses the computer.
- Use Spam filters when available
Spam is often littered with viruses and malware. UNH offers SpamAssassin, a free, easy to install Spam filter, available by visiting cis.unh.edu and selecting the E-mail link in the Services area.
- Use screen locks whenever you leave your desk or cubicle
Screen locks are perhaps the simplest and most effective means of protecting your computer from on-site hackers. Windows computers: Simply hold down on the Windows Keyboard icon while also pressing on the letter ‘L’ to activate a screen lock. Use your usual Username and password to login.
- Physically secure your computer and shutdown when leaving for the day
Locking up and shutting down your computer at night should be high on your ‘Best Computing Practices’ office list. Laptop owners should also purchase locks to prevent thieves from running off with their computer, and in many cases, their professional lives. This practice should also include external USB hard drives and other personal storage devices such as thumb drives.
- At home: Secure Your Wireless Network (see related article)
Many folks don’t bother to secure their home wireless networks, and instead use the default settings. Just know that everyone in the world knows the default username and password for most wireless routers are ‘admin’ and ‘password.’ This is the equivilent to letting someone borrow your fingerprint. Anyone accessing your unsecure wireless network is using an IP address assigned to your computer. If that person is doing nefarious things while logged into your network, such as stealing credit card numbers, the line will be traced back to you, not them.
- Shred (don’t recycle) documents with sensitive information.
When thinking of cyber security, it’s easy to overlook printouts as a source of theft. Data on paper should be considered just as sensitive as data on the screen. Keep permanent records locked in a file cabinet for safe keeping.
- Don’t Use Portable Electronic Media to Store Sensitive Data
Storing sensitive information and files on removable media such as CD-Rs or CD-RWs is a risky (and largely unacceptable) practice.
- Clean/format hard drives on discarded computers
In the ever-evolving world of technology, folks are constantly upgrading their computers, but seldom think to erase their hard drives before disposing of their old machine. For a small fee, the CIS Computer Service Center will wipe your hard drive clean of all data and information (this fee does not include the reinstallation of new software). You can find more information on Disposal and Surplus on the CIS Web site (cis.unh.edu). Search on ‘Disposal.’
- Don’t share your passwords with coworkers
Sharing passwords is a cardinal sin in the cyber security world.
- Don’t click on links within pop-up windows
Better yet, use a pop-up blocker to block those annoying ads altogether.
- Don’t leave a computer you’re logged into unattended or unprotected
This goes hand and hand with the use of screen locks as a good, common practice. Nothing begs compromise more than a connected, unmanned computer, especially if that computer is dialed into a University resource, such as Banner Student or Finance.
- Know and recognize “social engineers”
Social engineers are con artists who play on the good will of others, both in person and over the Internet. Ever receive an E-mail from the King of Egypt, requesting a large deposit in exchange for a clear conscience? These are the most common social engineers. Less common and rarer still are the fake delivery guys who talk their way into office buildings in hopes of compromising computers and data. If you work in an area with sensitive data, be wary of those who do not belong.
- Bonus Item (#21): The files on your computer aren’t the only thing that’s valuable.
Data should not be your only worry. Worst still is the mentality that nothing on your computer is worth protecting. Vulnerable computers can be used as a launching pad for E-mail relays and viruses. As mentioned, protect your computer by installing and updating anti-virus software, and also applying security patches as they become available.
September 25, 2007.