Six Steps to Stronger Security
Take the following simple steps to help ensure that your computer and your
information are protected against hackers, viruses, and other threats. The use
of complex passwords, security patches, and antivirus software is mandated in
the PennNet
Computer Security Policy. Because older, unsupported operating systems such
as Windows 98/ME, Windows NT, and Mac OS 9 are very difficult to secure, we
strongly encourage you to upgrade to a newer, more secure system such as Windows
XP Professional or Mac OS X.
Don't install free utilities on your computer
Many free utilities, such as filesharing software, toolbars, Internet accelerators,
and other purportedly useful pieces of software of unknown origin, come loaded
with adware and spyware. These will consume your computer's resources, reroute
your network connection, and bring your computer to a grinding halt. Faculty
and staff should always check with their Local Support Provider before installing
software
Run the current version of supported antivirus software and set it for regular,
automatic updates
Antivirus software can quickly detect when viruses, worms, and other types
of malicious code are introduced to your computer. Current antivirus software
versions provide important new benefits, for example, the current version of
Symantec for Windows identifies and removes adware and spyware. Since antivirus
software checks against a “lineup” of known threats, it’s
essential that your software receive regular updates (daily for Windows computers,
weekly for Macintoshes) so it immediately recognizes the latest new threats..
How: Penn provides site-licensed
copies of powerful antivirus software to Penn users: Symantec Anti-Virus (SAV)
for Windows or Norton Antivirus (NAV) for Macintosh. Unlike home retail
editions that are purchased or already installed on new computers and often
require a maintenance fee to obtain daily/weekly updates, Penn's versions are
free for you to use as long as you are affiliated with the University. You can
download a copy by visiting Penn’s Supported
Products page (be sure to have your PennKey
and PennKey password handy). You can also visit the Computing
Resource Center and pick up the PennConnect
CD.
Penn’s licensed antivirus products are scheduled to automatically update
your “lineup” of virus definitions (daily for Windows computers,
weekly for Macintosh computers). Should you choose to install other antivirus
software instead, we urge you to adhere to this update schedule. In addition,
you may choose to manually update your virus definitions at any time between
scheduled updates.
Assign a complex, hard-to-guess password to your computer
Two of the biggest security problems on campus are the failure to assign passwords
to individual computers and the use of weak, guessable passwords that cannot
withstand automated password cracking attempts. Complex passwords prevent hackers
from stealing confidential information or "stealth installing" malicious
code that can render your machine unusable or turn it into a site for attacking
other computers on the Internet. Weak passwords, such as those based on your
name or on words that appear in language or specialized dictionaries, can be
easily cracked and offer virtually no protection. Windows XP and 2000 systems
are the preferred targets of hackers.
How: First, have your
chosen complex password ready. (A complex password is essentially a random
string of upper- and lower-case characters and numbers that are not associated
with your name, birthday, or other personal information, and do not include
dictionary words.) For instructions on how to construct a strong, complex password,
visit the password selection page.
Then do the following:
- Windows 2000 or XP: Go to the Start menu, select Settings, and then Control
Panel; open Administrative Tools; select Computer Management and then User
Accounts.
- Macintosh OS X: Go to the Apple Menu, select System Prefs, then Accounts.
It's also a good idea to change your password periodically, and some system
administrators will require this. Above all, don't share your password with
anyone, and don't write it down - the only secure place for your password is
in your head.
Be alert for "phishing" scams that can result in identity theft
"Phishing" refers to forged email purportedly from a legitimate business
or University office, quite possibly one you've dealt with. The email often
refers to a problem with "your account" and contains a link to a website
that looks legitimate but is designed to trick you into entering sensitive information,
such as your Social Security Number, an account password, a credit card number,
or your PennKey password. Reputable businesses NEVER solicit you to provide
or confirm sensitive personal information in email or over the Web.
How: If you receive
an email that will require you to disclose sensitive information, NEVER click
on the link given in the email. If it's a scam, the link will take you to a
bogus web site that has a different URL from the one in the email. Instead,
delete the email, or, if you're uncertain,
- Type in the actual URL given in the email rather than clicking on the link,
or
- Find the phone number for the organization sending the email and ask about
the request. Don't use a phone number given in the email.
Promptly apply security patches for your operating system.
Malicious traffic often attempts to exploit security holes that were inadvertently
built into the design of your computer’s operating system (OS).
If such a security hole is discovered, the OS manufacturer will quickly develop
a “patch” — a supplement to the original software designed
to plug the hole. Your computer should be set up to automatically download
free software updates that patch newly identified security holes. [learn
more]
How: Your best strategy
for applying security patches in a timely fashion depends on your affiliation
with Penn, and on which operating system you are using.
- Students using supported versions of Windows (2000 or XP)
You should be subscribing to the Software Update
Service (SUS), which helps ensure that you have the most current security
patches released by Microsoft. (To learn more about SUS, read this helpful
FAQ.) If you elect not to use
SUS, be sure you are running Windows
Update on a weekly schedule.
- Students using supported versions of Mac OS (OS X.x)
Mac users should configure Software
Update for weekly updates, and should install all Security Updates made
available.
- Faculty or staff using supported versions of Windows (2000
or XP) or Mac (OS X.x+)
Check with your Local Support Provider
(LSP) to learn how security patches are being applied in your work environment,
and whether your computer is configured correctly according to your LSP’s
plan. Be sure to configure your home machine for Windows
Update on a weekly schedule or Macintosh Software
Update on weekly schedule as well.
Activate your system’s firewall (Windows XP & Macintosh OS X)
Your system's firewall provides an added level of protection against malicious
activity by examining and restricting network traffic to your computer.
Firewalls can interfere with some network-based functions, such as file and
print sharing. If you do encounter problems with your system firewall, please
consult with your support provider as a first step. If you are running Windows
XP, you can also refer to the document at http://www.microsoft.com/athome/security/protect/ports.mspx
for Microsoft’s solutions. The Macintosh OS X firewall is a more sophisticated
implementation that is configured by default to avoid most problems.
How: To activate your
system's firewall, do the following:
- Windows XP: Go to the Start menu, select Settings, and then Control Panel;
right-click Network Connections and select Properties; click the Advanced
tab and check Protect my computer.
- Macintosh OS X: Go to the Apple Menu, select System Prefs, then Sharing.
Last updated: Friday, July 13, 2007
|
