Six Computer Security Steps
Keep your system patched and up to date with the latest operating system and application security patches.
New security bugs are discovered almost every day. In order to keep your system secure it is critical that it be kept up to date with recent patches and software upgrades. Operating systems makers such as Microsoft and Apple provides patches to fix these security bugs, but expects you to download and install them. By applying these patches regularly, you have much lower chances of getting a virus, Trojan, or worm as most of these exploit common known security holes in unpatched systems.
For those departments which are not already cut over to Active Directory, OIT has created the installable packages to enable your machine to still actively participate in our Software Update Service. If you are not sure whether you are participating in the Pacific Active Directory, please check with your local TSP or contact the CSC at 209.946.7400 or via email.
Use anti-virus software to protect your computer and to prevent infection from most of the common computer viruses, Trojans and worms.
Most viruses will be caught by anti-virus as long as the anti-virus software is kept up to date. It is absolutely crucial that users run anti-virus software on their computers. With that in mind, Pacific provides any current staff, or faculty with a copy of Symantec Endpoint Protection free of charge for use on their University owned computer. This software is also freely available to all University students.
Use some type of system firewall to protect your computer.
On the Internet, hackers use malicious code such as viruses, worms, and other malware to try to find unguarded and unprotected computers. Where anti-virus software may fail, a system firewall can help protect your computer against these and other security attacks. A firewall is a piece of software that creates a protective barrier between your computer and potentially harmful software and applications on the Internet. The Pacific IT Security Office suggests you install a firewall before connecting to the network.
Use strong passwords.
Passwords are used for various purposes at Pacific. Some of the more common uses include: local accounts, web accounts, and email accounts. A weak (or absent) password is one of the most common ways for an attacker to compromise your account; therefore, you should be aware of how to select strong passwords.
Here are some general guidelines to follow for creating and using a strong password:
- Don't use an easily guessed password. Some examples of passwords that would be easy to guess:
- Names of family, pets, friends, co-workers, etc.
- Computer terms and names, commands, sites, companies, hardware, software.
- Birthdays and other personal information such as addresses and phone numbers.
- Word or number patterns like aaabbb, qwerty, zyxwvuts, 123321, etc.
In general, a password should be as long as possible while still being easy-to-remember. One way to do this is create a password based on an easy-to-remember phrase. For example, the phrase might be: "I Can Remember My Password Now" and the password could be: "1Crm9N!" or "1cR~pN." or some other variation. NOTE: Don't use either of these examples as passwords!
You should change your passwords on a regular basis, at least every six months. You should also change your password any time you suspect that your account has been compromised or tampered with.
Do NOT use the same password for any of your University accounts that you use for a non-University service or third-party web site.
Remember that passwords should never be written down or stored on-line. For more information regarding passwords and their use visit the OIT FAQ.
Minimize network and system services by only running needed applications.
Most operating systems in their various forms allow for various applications and services to run in the background that may not be necessary. For example, Windows Vista, Windows 7, and Windows 8 include many excellent tools for securing the system (hardening), but are often left unused because many administrators do not know how to use them (or that they even exist!). By turning off unnecessary services and applications and securing the rest, you can close the largest and easiest way for an intruder to access your system.
Backup your important files before disaster strikes.
Even if you follow all of these recommendations, it is still possible that your computer could be compromised by a hacker. In 'a worst case scenario', a hacker's programs or virus will corrupt, infect, or erase your computer files. Or your hard drive could simply fail, causing the loss of all your data. Also it is becoming more common that a computer that has been infected with a virus may need to be formatted and have all of the software reinstalled.
Pacific provides a home directory file storage service to everyone on campus. This individual file storage is only accessible by your PacificNet ID and cannot, by policy, be shared with anyone. You can access this individual file storage both on- and off-campus via HTTPS, SFTP and CIFS (Windows file shares). Your home directory is frequently and automatically backed up. Ideally, all critical and confidential data should be stored in the home directory.
All non-critical data should be backed up by saving your files to a burnable CD or similar media.