Presentation (PowerPoint file)

Document Sample
Presentation (PowerPoint file) Powered By Docstoc
					Keep Your PC Safe
(Windows Vista, XP or 2000)
Nora Lucke



Documents - http://www.ucl.ac.uk/is/security/
5 steps to Security for User-managed PCs

1. Use passwords to control access to your PC
2. Install Windows Updates (patches) to guard against
   network worms (programs that install themselves
   so they can do damage)
3. Install a virus checker and set it to scan your whole
   hard disk at least weekly
4. Use a personal firewall
5. Remove Spyware
Why do I need Passwords?

• People who might use your computer
  when you are not there
    •   Cleaner
    •   Security Guard
    •   Tradesmen (various)
    •   Intruder inside the building
    •   Intruder controlling your computer from outside
    •   Colleague
    •   Burglar
Do you want to be blamed for what they do?
Windows 2000 & XP computers NEED a
password for the Administrator account

• The Administrator account can be used to log on to the PC
  remotely to make changes, so a password is ESSENTIAL
• The Administrator password must be known, and kept safe
  in an agreed place
• If an IT person sets up your computer, they should keep a
  record of it.
• Users can be an Administrator, but should not be the
  Administrator
• Better to be a limited user, and only log in as an
  administrator to install programs
How do I do it?
For User passwords
• Use the Control Panel
  – In Windows Vista – User Accounts
  – In Windows XP - User Accounts
  – In Windows 2000 – Users and Passwords
• Choose a password you can remember
• Make it a combination of letters and
  numbers (strong password)
• If you must write it down, hide it
What are Windows updates, & why do
I need them?
• Hackers and criminals keep finding problems in
  Windows they can exploit, so Microsoft need to keep
  updating it.
• Updates address known issues and help protect
  against known security threats which have been
  discovered since Windows was released.
• Updates can be downloaded automatically, though
  some updates require you to accept an End User
  License Agreement (EULA), or restart your computer
  after installation.
• NEVER be too busy to install them – you can continue
  to work while they are installed.
Microsoft Updates (XP or 2000)
• Unimportant for old versions (pre Windows 2000)
• 2000 & XP use the Microsoft Update Web site at
  http://update.microsoft.com. and follow the
  instructions there
 Windows Updates – Automatic?
You can use the Update icon on
 XP or 2000 Start Menu or
 Security Control Panel in Vista
 Your PC can be set up to do this ITSELF
  Find the Windows Update icon in the
  Control Panel – Security Control
  Panel
  Configure the updater - set it to
  run DAILY
  Virus Checkers
• If your computer comes with Norton, YOU have to
  PAY for the updates after 3 months
• Use F-Secure or Sophos for which UCL already pays
   – download it from www.ucl.ac.uk/fsecure
• Use one at home too – it’s also for home use
• REMOVE any other virus checker BEFORE installing
  a new one. (Control Panel - Add/Remove Programs,
  or for Vista, Programs & Features)
• Ensure the virus checker is running all the time
• Set it to scan your hard disk at least WEEKLY
• Use it to remove any viruses detected – and if you
  can’t, get help
• DON’T automatically open attachments
  Firewall
• A Firewall will protect you from unauthorised access from
  the Internet, & infected computers around you
• The latest version of F-Secure (free for UCL staff) includes
  a firewall (settings - http://www.ucl.ac.uk/fsecure/firewall.html)
• It also includes a rootkit detector (rootkits help intruders
  maintain complete access your PC while avoiding detection.)
• The F-Secure Firewall keeps asking you questions about
  what to allow – if in doubt, DENY
• Set it to scan web traffic
• Only use ONE firewall in Windows please
• For broadband at home, you may have a firewall already,
  but F-Secure should sort things out for you.
What are Spyware and Adware?
• Spyware is software that sends your personal
  information to a third party without your
  permission or knowledge (Web sites you visit,
  even sometimes user names and passwords)
• Adware is software that displays advertisements
  on your computer. They can inexplicably pop up
  on your display screen, even if you're not
  browsing the Internet.
• Some companies provide "free" software in
  exchange for advertising on your PC. It's how
  they make their money.
Do they matter?
• Adware can cause performance issues
  – IE might not work properly
  – Your PC might hang and crash
  – Your PC might slow down
• Spyware can be used by criminal gangs to
  – Steal your identity
  – Raid your Bank Accounts
  What should I do about Spyware?
• Use an anti-virus with Spyware protection (F-Secure)
• DON’T download free software from the Internet until
  you know what it is. (Google for information,
  http://www.tucows.com/ for free software)
• DON’T thoughtlessly click on URLs in emails
• DON’T reply with personal details and passwords
• SCAN often for spyware & CHECK F-Secure
• BE careful with IRC - ‘Messenger’ type programs.
• If not using F-Secure, use Windows Defender (in Vista
  or XP) or Ad-Aware or Spybot for Spyware
• Update to IE 7 for Windows XP, or use Firefox
• If not using IE7, consider a pop-up blocker (Google?)
  Summary - Ensure your PC
1. Is password protected so you control who is using it
2. Has all Windows updates, so there are no holes
   that can be exploited
3. Has virus protection RUNNING (so you spot
   infected files) and scanning your disk REGULARLY
4. Has a personal firewall to protect it from other PCs
   around you
5. Is protected from Spyware, Ad-ware and pop-ups
   while you are web-surfing
     Your PC is safe, now protect your data
• 1) BACKUP –
  – Every hard disk has a mean time to fail
     • Electronic Failure
     • Physical Failure
  – Data retrieval is expensive – and may be impossible.
• 2) ENCRYPT your sensitive data
• 3) Keep your PC clean

THIS WILL BE THE CONTENT OF A FURTHER SESSION
    Questions?
• Documents - http://www.ucl.ac.uk/is/security/