Tips for Secure Computing Tips for Secure Computing Information Security’s tips for students regarding secure computing: Physical security is the first line of defense. Check for operating system updates frequently. Install anti-virus software and keep the definitions up-to-date. Configure the firewall that came with your operating system, or use a trustworthy third party firewall. Use safe searches to avoid explicit content or unsafe sites, and consider using a third party add-on to ensure safe browsing. Verify legitimacy of files before downloading and don’t download copyrighted material illegally. UAB’s Information Security organization is responsible for helping the UAB community protect information. Visit www.uab.edu/informationsecurity for additional information on security related topics.
Operating System Updates (Automatic) Consistently install updates and patches to correct OS vulnerabilities. - Turn on automatic updates from the desktop.
Operating System Updates (Automatic) Turn on updates in the security center. - Click Start>Control Panel>Security Center
Operating System Updates (Manual) To manually install updates: - Click Start > All Programs > Microsoft Update - Click “Express” or “Custom” and follow the prompts.
Anti-virus Software: Microsoft Forefront Features: Integrated anti-virus/anti-Spyware Malware removal / system recovery Real-time protection Scheduled and on-demand scans FREE for UAB students, faculty and staff Important User Settings: Automatic definition updates Apply recommended actions http://main.uab.edu/Sites/it/internal/students/software/ UAB IT offers an extensive library of software for free or at discounted pricing, including anti-virus protection via Microsoft Forefront for Windows or Sophos for Mac
Anti-Virus Software: Students Anti-Virus requirements for students in residence halls In order to connect to ResNET or uabwifi-nac, students’ computers (with the exception of Macs) will need to have one of the following anti-virus applications with up-to-date definitions: Microsoft Forefront McAfee Norton (Symantec) AVG Download Microsoft Forefront - http://main.uab.edu/Sites/it/internal/all/software-library/ (you will need to enter your BlazerID and strong password). http://main.uab.edu/Sites/it/internal/all/software-library/ You may also call UAB’s AskIT Help Desk at 205-996-5555, to schedule an appointment for assistance in meeting this requirement.
Anti-spyware: Symptoms Anti-spyware: Symptoms If you observe any of the following symptoms on your Windows computer, spyware could be the cause: You may see many more pop-up advertising windows than usual. Your web browser may go to sites you do not expect. Several other symptoms could indicate spyware or another type of infection, such as a virus: Your system may seem sluggish or become unstable. Network traffic on your system may increase. To protect your computer from spyware, choose tools that have been widely used and favorably reviewed. Don't accept tools that are offered in popup windows; these are often spyware in disguise. Some reputable review and download sites are: - SpywareGuide – http://www.spywareguide.com/ - SpyChecker - http://www.spychecker.com/software/antispy.html - Spyware Center - http://download.cnet.com/windows/security-software/?tag=dir
Anti-spyware: Spybot and Ad-Aware Anti-spyware: Spybot and Ad-Aware www.safer-networking.orghttp://lavasoft.com/ Two of the most popular
Anti-virus Response: Students If you suspect that your computer has been infected by malware or otherwise compromised, do the following: Disconnect the computer from the network. Run anti-virus and anti-spyware software on the computer. If malware is detected, contact the UAB AskIT Help Desk at 205-996-5555, or email to email@example.com@uab.edu If no malware is detected, perform self-remediation and attempt to determine the root cause. Have you recently installed something that may have created a vulnerability? Are you using weak passwords on any of your user accounts? Have your Operating System (OS) and applications been patched and updated on a regular basis? If the Information Security Office determines that your system is infected, you will be contacted by them or the AskIT Help Desk, and will be required to conduct a reinstallation of your system before you can be reconnected to the UAB network.
Anti-virus Response: Faculty/Staff If you suspect that your computer has been infected by malware or otherwise compromised, do the following: Disconnect the computer from the network. Do not turn off your computer. Do not run anti-virus and anti-spyware software on the computer. Contact your department’s technical support staff or the UAB AskIT Help Desk at 205-996-5555, or email to firstname.lastname@example.org@uab.edu For possible compromise of sensitive UAB data, your technical support staff must call the Information Security Office at 205-975-0842, or email to email@example.com. firstname.lastname@example.org If the Information Security Office determines that your system is infected, you will be contacted by them or AskIT Help Desk, and will be required to conduct a reinstallation of your system before you can be reconnected to the UAB network.
Firewalls - Windows Firewalls - Windows Access firewall settings in the Control Panel. Turn on the firewall. You can add exceptions if a program you normally use is being blocked. 3 rd party firewall Options: www.comodo.com/ www.zonealarm.com www.tallemu.com www.sunbeltsoftware.com
Update Applications: FileHippo www.filehippo.com FileHippo.com is a popular site the provides visitors with a simple method for downloading the newest version of software applications.
Update Applications: FileHippo Download the update checker to scan your computer for installed software and search for newer releases. www.filehippo.com The latest versions are then neatly displayed in your browser for you to download.
Update Applications: Ccleaner www.ccleaner.com Ccleaner is a freeware system optimization, privacy and cleaning tool that removes unused files from your system, and cleans traces of online activities.
Limit User Permissions Disable the guest account Rename the administrator account Create “user” level accounts
Wireless Network Security Issues Free/Public WiFi Hosts that offer complimentary wireless often implement the service with little to no security in mind. Even if some security mechanism is in place, it can be circumvented. Home/Private WiFi The default settings on home wireless products are usually not configured to be secure or private. If configured properly, your home wireless network will be protected from the average user. An intruder with the proper knowledge and tools can still circumvent security mechanisms.
Wireless Recommendations Change the default username and password on the router. Change the wireless network SSID. Ensure remote administration is disabled. Enable an encryption protocol. Set a strong encryption key. Optional: Enable MAC address filtering and allow only the addresses that you specify. Disable SSID broadcasting.
SSID & Remote Administration Change the wireless SSID Don’t use anything that identifies you, your location or the technology that you use. Don’t use a name that would invite an intruder (i.e. super- secret or h4Xm3plz). Don’t repeat use of any of your other passwords. Remote administration Most routers provide a means of configuring it remotely using an IP address and a port number. If this is enabled, then anyone on the Internet can connect to your router and reconfigure it.
Enable Encryption & Set a Strong Key Wired Equivalency Privacy (WEP) – an old encryption standard that is considered outdated and seriously flawed. It’s better than using nothing at all. WEP 128 – uses a 26-digit hexadecimal string (0-9 and A-F) WiFi Protected Access (WPA) – a newer encryption standard that provides better protection than WEP WPA2 – the latest encryption standard that forces the use of the AES-CCMP algorithm. WPA-PSK & WPA2-PSK – both use a passphrase between 8 and 63 characters, or a 64-digit hexadecimal string. A popular belief is that the passphrase should be 13(+) random characters.
Internet Safety Internet Safety Be sure to look for the yellow padlock to indicate a secure, encrypted transmission when sending sensitive data. Do not click on pop-up windows. Do not auto-save your username or password to ANY site. Do not post anything to social networking sites that you don’t want the whole world seeing, including future employers. Be mindful of adding people you don’t know or can’t recall to any friend or contact list.
Browser Security Settings Don’t auto-save any passwords Don’t save form data Delete Cookies and History regularly Don’t add extra toolbars Pay attention to links on websites
Email Security Set up a “junk” account for use with online forms and mailing lists. Do not open unsolicited emails. Beware of pictures and videos in unsolicited emails. Always activate your spam filters. Be very careful of email spoofs, hoaxes, and watch out for phishing emails.
Strong Passwords and Passphrases Follow these simple tips when creating your individual password: Use at least 6-8 characters. Use a combination of letters, numbers and special characters. Do not use common words or personal information. Consider passphrases for creating strong passwords: For example, use the first letter of each word found in a favorite quote or song lyric. “Oh, When the Saints Go Marching In,” password would be: OWTSGMI. The strength of the password is improved by changing letters to numbers or special characters: OWT$GM1.
Document Backup Document Backup Back up your documents on a regular basis. The easiest way is to purchase an external hard drive, CDs/DVDs or other media where you can store a copy of all your important data. This becomes very important in the event you have to perform a reinstallation due to a virus infection or a system crash.