Basic IT Security
Basic security applies to anyone using a computer.
Antivirus and Antispyware software
Antivirus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware). Rutgers antivirus software for desktops and servers (RADS) includes protection against spyware, adware, malware, and grayware and includes a built-in firewall. Rutgers Antivirus Delivery Service can be used by any Rutgers University faculty, staff, or student, including new students, faculty, and staff who have been admitted to/hired by the University but are not yet on campus under a university site license.
Antivirus and antispyware software
Back-up
Be ready for emergencies and back-up your work regularly with CDs, a zip or flash drive, or an external hard drive. Keep your original operating system disks handy in case your computer is compromised.
Encryption
The university's email is secured by Secure Sockets Layer (SSL), a commonly used means of encryption for accessing your email. Check your department services to determine the level of security offered.
Encrypt email from home or while traveling by using the university's virtual private network (VPN). If you use an outside ISP or a wireless connection at home, using the VPN system will prevent others on the network from seeing your traffic. The Rutgers University Office of Information Technology recommends using the Cisco VPN Client which encrypts all communication going out to the Internet from your computer. Never send private/confidential information over the Internet without encryption as your account can be compromised and the information you are sending easily accessible to anyone. Unencrypted information puts you, your department, and the university at risk by allowing your information and password to be read by others.
Pretty Good Privacy (PGP) is available as freeware for encryption for email, however, the user should be well versed prior to sending confidential information. PGP encrypts email by matching public keys to user identity so that only the intended recipient can read it. Free versions of PGP are available for noncommercial use. There are also commercial versions, however email is never a truly secure mechanism with which to send sensitive information.
Firewall
Firewalls are designed to permit or deny connections to your computer. Your personal firewall will usually protect only the computer on which it is installed. Windows and MACs have firewalls which should be configured if they are not already enabled. Firewalls are also available on commercial Internet Service Provider (ISP) networks. Firewalls cannot stop all intrusions/compromises, however, they are an additional layer of protection or barrier and serve as another layer of defense against compromise with complex passwords, antivirus protection, etc.
Passwords
Passwords are possibly the most important way to secure your information. Make your password complex, and keep it private.In selecting a password, make it something you will remember. Suggestion:
- the initial letters from an easily remembered phrase, interspersed with numbers. For example, IPA75TTF ("I Pledge Allegiance To The Flag", with a graduation date in the middle);
- the initials of a known individual and a date associated with that person (birthday, anniversary, etc.). Begin the password with the month (numeric), then insert the initials, and end with the day or year. For example: 03TWM26;
- combine the initials of parents or a sibling with a wedding or other anniversary for example, EB920TB
Choosing password generating schemes is no more difficult and takes no more time than choosing a new password. In fact, once the scheme is nailed down, choosing new passwords from time to time is easier.
Password Protected Screensaver
Password protected screensavers engage automatically to protect your information from being changed or seen by others. The screensaver fills your computer screen with images. Only a password will allow the user to disable the screensaver.
Use a password protected screensaver, or logout whenever you leave your computer
Password protected screensaver for a Mac
Password protected screensaver for a PC can be set-up by
- Open Display in Control Panel.
- On the Screen Saver tab select and click a screen saver .
- Select the On resume, password protect check box. You will be asked to select a password.
Patching and Security Maintenance (updating your operating system and applications)
Your operating system needs to be up to current patch level. Antivirus, antispyware and current patching are necessary in order to keep your computer from being compromised. Operating systems and applications (browsers, etc.) not patched are vulnerable to compromise. Configure your computer to patch automatically when possible.
Windows 2000 and XP have an automatic patch notification and installation component. Use Internet Explorer when you click on the link above. The site will test your machine and allow you to configure automatic updates (upper right corner of screen).
MACS also require updates which are automatic.
MAC automatic updates are available from the icon on your dock.