Get documents about "Keep Your Computer Safe Keep Your Identity Safe Keep
Document Sample
Keep Your Computer Safe
Install Security Software ..............................................................................2
Update your Computer .................................................................................4
Update your Web Browser ...........................................................................4
Control Cookies ............................................................................................5
Block Pop-ups ...............................................................................................7
Beware of Spam ............................................................................................8
Keep Your Identity Safe
Use Strong Passwords .................................................................................9
Password Protect Your Computer.............................................................11
Lock Your Computer ..................................................................................11
Do Not Go Phishing ....................................................................................12
Keep Your Future Safe
Maintain Separate Email Accounts ...........................................................14
Use Social Networking Common Sense ...................................................14
Use Secure Methods when Working Off Site............................................15
Information Security is a Shared Responsibility
WVU is Only as Secure as Each of Us ......................................................16
Information Security Questions and Concerns ........................................16
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Keep Your Computer Safe
Implementing the following measures can make your computer more secure:
1. Install Security Software
2. Update your Computer
3. Update your Web Browser
4. Control Cookies
5. Avoid Pop-ups
6. Beware of Spam
1. Install Security Software
Why do I need to install security software?
There are numerous ways that information on your computer can be stolen, corrupted,
or destroyed. One way is that a hacker can invade your computer. Another problem is
that malware is prevalent (e.g. viruses, spyware, worms). Without security software,
your computer is very prone to both hackers and malware.
What is Symantec Endpoint?
Symantec Endpoint is security software that can help to protect your computer from
hackers and malware. It includes the following:
Anti-virus - detects and attempts to remove computer-based viruses. Some
viruses damage the information you have on your computer; others destroy the
information on your computer
Anti-spyware - prohibits spyware from being installed on your computer.
Spyware is a type of malware that collects personal information about users
without their knowledge. Spyware can cause your computer to function
noticeably slower and cause problems connecting to the Internet
Intrusion prevention - monitors your computer to see if any malicious behavior
is being attempted, then blocks and prevents those activities
Firewall – blocks unauthorized access to your computer
How do I Protect My Computer with Symantec Endpoint?
WVU has purchased a site license for Symantec Endpoint so that every employee and
student can download a copy for free!
Download and Install a Copy
Go to the Office of Information Technology’s web site at
http://oit.wvu.edu/tsc/antivirus/ and follow the instructions. Note: You need to use
your MasterID to download your free copy. If you have not yet activated your
WVU MasterID, instructions are included on the web site mentioned above.
2|Page
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Configure the Settings
You should configure Symantec Endpoint’s settings to optimally attempt to
protect your computer.
1. Go to Start
2. Click on All Programs
3. Click on Symantec Endpoint Protection
4. The Symantec Endpoint Protection window will open and show you which
features are enabled.
5. Click on Scan for threats on the left side of the screen.
6. This window indicates whether or not an automatic weekly scan is set.
7. If no scans are set, click on Create a New Scan.
8. Think about the best day and time for your virus scan to occur. Keep in
mind that the virus scan will cause your computer to slow down until it is
complete, so choose a day and time that will not conflict with your work.
9. Select the type of scan that you want and indicate the day of the week and
time that you want the scan to run.
3|Page
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Why is it Important to update Your Computer and Web Browser?
New threats evolve because the “bad guys” are constantly trying to figure out
how to invade computers in order to steal information or damage them.
Improvements to operating systems and browsers are developed to circumvent
threats and make improvements.
2. How to Update Your Computer
Windows Operating System
You have two options for updating Windows:
Option 1: Set the Automatic Updates feature in the Control Panel
1. Click on Start and then Control Panel
2. Click on the Security Center icon
3. Click on the Automatic Updates icon
4. Select Automatic (recommended)
5. Before you set the day and time that you want your computer to
automatically update itself, keep in mind that this process can slow your
computer down.
Option 2: Use Microsoft’s Update Web Site
1. Go to http://update.microsoft.com
2. Follow the directions on the screen
Macintosh Operating System
1. Go to the Apple Menu
2. Select Software Update
3. How to Update Your Web Browser
Check with your unit’s Information Technology (IT) department or WVU’s Office of
Information Technology Help Desk (oithelp@mail.wvu.edu or 293-4444) before
updating your web browser. Web browser updates may not be compatible with your
computer or the programs you use. For example, Internet Explorer 8 does not work well
with eCampus.
4|Page
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
4. Control Cookies
What is a Cookie?
Some web sites (e.g. shopping, weather, stocks) set cookies. This means that a small
file is saved onto your computer to keep track of information about you, such as:
What you looked at/you interests
Links you clicked on
Your login name
Items you placed into your shopping cart
Some cookies are harmless and keep your information so the next time you visit that
web site it customizes the content based on your interests.
Example: You went to weather.com to look at the weather forecast for Phoenix,
Arizona, because you are traveling there next week. The day before you leave,
you check weather.com again to see if the weather changed. When you go to
weather.com, it remembers your interest in Phoenix and gives you the option to
click on it and take you to it quickly.
Other cookies are not necessary and collect too much information about you; these are
generally known as 3rd party cookies. 3rd party cookies are used by advertisers to store
your e-mail address and the sites you like to visit so they can send you target
advertisements and spam. You have the choice of allowing no cookies, a few, or all of
them. If you do not allow any cookies at all, you may not be able to view some web sites
or take advantage of the customization features that cookies track. Setting a happy
medium for cookies is your best option!
Control Cookies
Internet Explorer
1. Open Internet Explorer
2. Click on Tools in the menu
3. Click on Internet Options
4. Click on the Privacy tab
5. Click and drag the slider button to Medium
6. Click on the OK button
5|Page
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Firefox
1. Open Firefox
2. Click on Tools in the menu
3. Click on Options
4. Click on the Privacy icon
5. Choose Use custom setting for history
6. Uncheck Accept third-party cookies
7. Click the OK button
Safari
1. Open Safari
2. Click on Safari in the menu
3. Click on Preferences
4. Click on the Security tab
5. Select “Only from sites you navigate to” next to Accept Cookies
6. Click on the OK button
6|Page
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
5. Avoid Pop-Ups
Pop-ups are usually malicious and can infect
your computer with viruses or spyware.
There are two steps you can take to prevent
harm from pop-up ads:
1. Do Not Click on Pop-Up Ads!
Most pop-up ads seem believable and
appear to be helpful. For example, many of
them will warn you that “your computer is infected” and “click here to fix it.” Do not
take the bait! Never click on pop-up boxes claiming to rid your computer of a virus,
as these links are specially designed to load malicious software on your computer!
Once you click, these programs will slow down your computer as they steal your
passwords, sell your visitation habits and launch attacks against other people’s
systems. Your computer may stop working altogether, costing you time and money
for repair or replacement.
2. Set your Web Browser to Block Pop-Up Ads
Internet Explorer
1. Open Internet Explorer
2. Click on Tools in the menu
3. Click on Internet Options
4. Click on the Privacy tab
5. Put a check in the “Turn
on Pop-up Blocker” box
6. Click on the OK button
7|Page
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Firefox
1. Open Firefox
2. Click on Tools in the menu
3. Click on Options
4. Click the Content Icon
5. Ensure Block pop-up windows button is checked
6. Click on the OK button
Safari
1. Open Safari
2. Click Safari in the menu
3. Choose Block Pop-Up Windows
6. Beware of Spam
Spam email is a preferred method for spreading viruses and other types of malware that
can damage or destroy your computer. Spam email messages usually contain an
attachment or a link to a site that is dangerous. Threats from spam can easily be avoided
by following a few simple tips:
1. If you do not recognize the sender of an email and the subject makes no sense,
delete the email immediately.
2. Never open an email attachment from someone you do not know.
3. If an attachment ends in .EXE, .BAT, or .CMD, you can be certain it is something
malicious. Never double click it!
4. Consider the email source before clicking on links within email messages. Links in
spam emails are usually designed to send you to a malicious site. If you do click,
make sure you check the address in your browser before going any further!
8|Page
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Keep Your Identity Safe
Implementing the following measures can help to protect your identity:
1. Use Strong Passwords
2. Password Protect Your Computer
3. Lock Your Computer
4. Do Not Go Phishing
Passwords…Did You Know?
Most people create passwords that are easy to guess?
Some people create passwords that include their personal information, e.g.
their date or birth, part of their social security number?
Identity thieves try to guess passwords so they can access your accounts?
If an identity thief guesses your password, he/she can access your personal
accounts (e.g. bank account, credit cards) and steal your money and your
identity?
Is your Password Strong?
Put it to the test! Go to http://www.microsoft.com/protect/fraud/passwords/checker.aspx
to find out.
1. Use Strong Passwords
Following these guidelines and steps will help you to create a strong password that is
difficult for someone to guess.
Guidelines
Passwords should be a minimum of 8 characters in length
Mix uppercase and lowercase letters with numbers and use special characters (if
permitted)
Change your password at least every 90 days
Don’t use anything obvious, such as full or partial names of family members, your
pets, your street address, or any other personal information
Steps
9|Page
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
1. Think of a phrase or a sentence that you can turn into an easy to remember
password
Example: "Our vacation at the beach in July was so much fun"
2. Turn your sentence into a password by taking the first letter from each word in
your phrase or sentence.
Example: ovatbijwsmf
3. Now make your password more complex by mixing in numbers, uppercase
letters, and special characters
Example: OvatBi7wsmf!
(The 7 was substituted for July (because it’s the 7th month of the year) and
an exclamation point was added)
Here are more examples
Phrase: Seeing the Grand Canyon was great
Password: CingTGCwgr8! (seeing = Cing; great = gr8)
Phrase: Joseph, my grandson, was born February 14th
Password: J,mg,wbF14
Is Your Computer Password Protected?
If your computer allows anyone to turn it on and use it, any or all of the following can
occur:
Identity theft
Loss of important information and/or entire files
Fraud
These are a few of the reasons why it is important to configure your computer to
ask for a password before you can use it and that you lock it when you step out
of your office!
10 | P a g e
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
2. Password Protect Your Computer
Follow these steps to create a password for your computer.
Windows
1. Press the Ctrl+Alt+Delete keys (at the same time).
2. Click on the Change Password button.
3. Follow the prompts to create your new password and be sure to follow the steps for
creating a strong password!
4. Click on OK when you are finished.
Macintosh
1. Click on the Apple menu.
2. Choose System Preferences.
3. Click on the Accounts button.
4. Click on the Change Password button.
5. Follow the prompts to create your new password and be sure to follow the steps for
creating a strong password!
3. Lock your Computer
Windows
1. Hold the Windows Key and press the L button +L
–or—
2. Press Ctrl+Alt+Del and choose “Lock Computer”
Macintosh
1. Select a Screen Saver – First, you’ll need to select a screen saver to activate. Open
System Preferences and click the “Desktop & Screen Saver” icon. Pick any screen
saver.
11 | P a g e
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
2. Enable a Hot Corner – In the same preference pane, click on the “Hot Corners…”
button in the bottom corner of the pane. Select a “Hot Corner” – where you want the
screen saver to be activated by dragging your cursor into that corner.
3. Enable Password Protection – Now you need to password protect your screen
saver. Navigate back to System Preferences and this time select the “Security” icon.
Ignore all the FileVault settings. In the middle of the window there is a check box for
“Require password to wake this computer from sleep or screen saver”. Click the box
next to it so a check appears.
4. Do Not Go Phishing
If you receive email from any individual or any organization asking you to provide
confidential information (e.g. username, password, social security number, birthdate), do
not fall for this phishing scam! Your bank, workplace, or credit card company will never
request your personal information via email.
Phishing emails usually contain links to sites that ask for your credentials. Do not click on
the links and if you accidentally click on them, NEVER provide your personal information.
12 | P a g e
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Here are examples of how to detect phishing links:
This is Centra Bank’s web site:
The site below is a Phishing Scam!
Notice the difference? Even though the pages look exactly the same, the address bar is
the key.
You will notice a lock when you are on a secure banking site, as well as https. The “S”
stands for “Secure.”
13 | P a g e
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Keep Your Future Safe
Implementing the following measures can make your future more secure:
1. Maintain Separate Email Accounts
2. Use Social Networking Common Sense
3. Use Secure Methods when Working Off Site
1. Maintain Separate Email Accounts
Your WVU provided email address should be used only for WVU related
communications.
Your personal email address should be used only for personal communications.
Why should I have to deal with two different email accounts?
As an employee of WVU, your email is subject to the Freedom of Information Act (which is a
Federal regulation). If someone asks to see your WVU email and the request is approved by
WVU’’s General Counsel and Legal Affairs, everything you have in your WVU email will be
revealed, including personal issues.
Another reason is because anything you say can easily become public knowledge if the
recipient(s) of your email choose to share your message with others.
2. Use Social Networking Common Sense
Social networking is becoming more popular and people are using different sites to
communicate with family, friends, and others. Some currently popular sites include:
Facebook
MySpace
Twitter
LinkedIn
While there are benefits to social networking, there are also potential risks. Have you read
any of the stories about people who were either fired or not hired because of comments they
put on social networking sites? Use common sense and do not put WVU related information
on a social networking site.
Check out the online article from the magazine “Chief Security Officer” at
http://www.csoonline.com/article/496314/Seven_Deadly_Sins_of_Social_Networking_Security
These seven tips can help you to avoid serious problems associated with social networking.
14 | P a g e
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
3. Use Secure Methods when Working Off Site
If you work from home or anywhere else outside of WVU, there are secure ways of accessing
files. WVU’s Office of Information Technology has set up a secure service known as
MasterApps that will allow you to get to the information you need while working outside of
WVU.
For more information, contact the OIT Help Desk at 293-4444 or oithelp@mail.wvu.edu. You
will need your supervisor’s permission to set up MasterApps access.
15 | P a g e
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Information Security is a Shared Responsibility
WVU is Only as Secure as Each of Us
As employees of WVU, it is our shared responsibility to implement best practices
to keep information secure.
If we are not careful with the information that we handle on a daily basis, we can
jeopardize the identity and future of WVU and all of its students and employees.
Information Security Questions and Concerns
If you have an Information Security question or concern, please contact WVU’s Office of
Information Security.
The Office of Information Security offers a web site to submit your information security
questions and concerns:
1. In your web browser, go to infosecurity.wvu.edu
2. Click the “Submit Security Concern” link on the right side of the OIS page.
3. You will be presented with a form requesting your Name, E-mail address, and a
description of the concern.
a. For the sake of anonymity,
your name and e-mail
address are not required.
b. Be sure to be specific
when detailing your
security concern so we
can address it as soon as
possible!
16 | P a g e
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
17 | P a g e
WVU Office of Information Security http://infosecurity.wvu.edu Information_Security@mail.wvu.edu
Related docs
