Top Ten Computer Security Tips
Computer security is an essential part of getting (and keeping) your computer connected to the Iowa State network. With new security risks appearing every day, keeping your computer secure is a continuing process. Even new computers are not secure until they have anti-virus software in use, current security patches, and strong passwords. Following is a set of tips to help keep your computer secure and functioning properly.
Tip 1: Use anti-virus software and keep it up-to-date.
Anti-virus software protects you and your computer from viruses, a well-known security risk. With new viruses appearing daily, virus software quickly becomes useless if you don't update it.
Tip 2: Use an anti-spyware program.
Free tools are available for identifying and removing spyware, adware, and various other non-virus malware. These types of files are often installed by Trojan programs, some freeware and shareware applications programs (like file-sharing programs), or as "drive-by installations" from various websites. These programs invade your privacy and interfere with your work by transmitting your personal information to their creators, opening unwanted pop-up windows, and noticeably slowing your computer's performance.
Iowa State students can download the McAfee Anti-Spyware Enterprise software for Windows at no cost from http://www.it.iastate.edu/downloads/. (Use the Scout utility to install the software.) The university has licensed this package so students have convenient spyware protection and removal for their computers. The package works in conjunction with the McAfee anti-virus software, or can be installed as a standalone product with other anti-virus software.
Information on other free anti-spyware programs for Windows machines can be found at http://www.it.iastate.edu/faq/view.php?id=179. Currently, spyware is not a problem for Macintosh computers.
Tip 3: Keep your operating system and other software current.
Keep your operating system up-to-date as well as any programs used to access the Internet. When manufacturers find vulnerabilities that pose security risks, they create and distribute patches for the product. To make sure that your system is patched with the latest updates, check the information at:
* Windows XP: http://www.it.iastate.edu/faq/view.php?id=150
* Windows 2000: http://www.it.iastate.edu/faq/view.php?id=261
* Mac OS X: http://www.it.iastate.edu/faq/view.php?id=532
Tip 4. Do not download files from an unknown source.
Be careful of what you download and what you agree to when you click "yes" to prompts from installation or popup windows. Many programs do more than what they advertise. Many "web browser aids", such as gator.com and Bonzi Buddy, are actually spyware (i.e., programs that send information about your browsing habits back to their home server and cause popup windows). After collecting information on your browsing habits, the spyer then sells the information to companies that send you unwanted email. Also, be wary of downloaded programs that seem to do good things because they could actually be causing harm or opening up new security holes on your computer. A number of programs are designed to give other people access to your computer without your knowledge. Often anti-virus or anti-spyware software will be able to detect such programs; caution, however, is the best protection.
Tip 5: Use complex, hard-to-guess passwords and change them regularly.
Any security measures you take can be undermined by a password that is easy to guess or a computer account that does not have a password. Good passwords help keep your computer secure from external threats (such as hackers) and local threats (such as a nosy roommate or officemate).
* Never have an account without a password.
* We recommend using 15 or more characters whenever possible for your password (5 characters is a minimum).
* Use a mixture of character classes such as uppercase, lowercase, numbers, and symbols.
* Don't use a password that is a dictionary word, is part of your name, or is easily associated with you.
* Never use keyboard patterns such as "asdfg".
* Passphrases are a good technique for remembering a long password so you don't have to write it down (e.g., "Ihatestalebread!").
* Use different passwords for your important computer accounts. Although somewhat inconvenient, if one of your passwords is compromised, an attacker will not gain easy access to your other accounts.
* If you use your password in public places, such as a lab or a friend's room, you should change your password more often.
Before connecting your computer to the network, make sure you have a password set on all of your login accounts, including your administrative (a.k.a. admin) account. For instructions, follow the appropriate link:
* Windows XP: http://www.it.iastate.edu/faq/view.php?id=99
* Macintosh OS X: http://www.it.iastate.edu/faq/view.php?id=98
Tip 6. Do not open emails or attachments from unknown sources.
Email is one of the easiest ways to transmit computer viruses and Trojan programs, which can give other people access to your computer. If you don't recognize the email sender, don't open the attachment(s) with it. If you get an attachment from someone you know but weren't expecting one, don't open it until you ask the sender about it.
Tip 7. Use file sharing sparingly.
Windows computers that have Microsoft File Sharing enabled are frequently probed by hackers and viruses for weakness. We recommend that you share folders sparingly. When needed, turn on sharing for a specific purpose, specify a password, and remove sharing when it is not needed. Warning: By default, shared folders are set so anyone can read and write into the folder. Also, the installation of peer-to-peer file sharing programs can bring spyware onto your computer and open it up to some viruses. Most file sharing programs also default to opening shared folders for read and write access, allowing distribution of the folder contents.
Tip 8. Only run services that you need.
Each network service that is installed on your computer opens a network port that can be probed by hackers and viruses. Resist the temptation to experiment with network services that you are not likely to use. Commonly targeted services are IIS (Microsoft's Web server), ftp (file transfer protocol), telnet (remote login to a command prompt), Upnp (universal plug and play) and Microsoft File Sharing.
Tip 9: Use a firewall to protect your computer from Internet intruders.
Computers connected to the Internet should use a personal firewall to filter out unauthorized or potentially dangerous traffic from the Internet, while allowing good traffic to reach your computer. Firewall hardware and software is available at computer stores and is built in to some operating systems/updates, such as Windows XP Service Pack 2 (SP2). We recommend that you block all ports that you do not use. Note that some Iowa State software will not run from behind a firewall.
Tip 10. Back up your computer data regularly.
The failure of a computer hard drive or the mistaken deletion of a data file can be devastating to the individual and can mean the loss of many hours of work. Recovery from hardware or software malfunctions and user errors can be easier if regular backups are made. To guard against disasters, store backups in a separate location from your computer.