Security - Office of Smith IT, Robert H. Smith School of Business

Security

Read our Policy on the Acceptable Use of Information Technology Resources

Keeping your information secure is important to you and others. We at Smith IT believe that everyone should be aware of all the threats that are out there and encourage everyone to protect themselves as best they can. The following are links to some of the tools and policies Smith IT uses to protect you, as well as ways to protect yourself against various types of security threats.

Types of Threats

Protect Yourself

Virus - a software program that replicates and spreads by inserting copies of itself into other executable code or documents. (Wikipedia)

Worm - similar to a virus, but is self-contained and does not need to be part of another program to propagate itself. (Wikipedia)

Trojan - a virus that appears to be a beneficial program

Adware/Spyware - software that collects personal information, produces advertising (popups), or changes your computer's configuration (such as setting your web browser's default home page)

Phishing - a scam to steal personal information by tricking you into divulging the information. For example, you receive an email from what looks to be your bank and you unknowingly give the information to a third party.

Hacker (Cracker) - someone that tries to break into a computer to steal information or use it for their own purposes

Spam - unsolicited email

Here are few tips on how to protect yourself from being a victim.

Awareness - Be aware of computer threats. If your computer is acting up funny, getting tons of popups, try doing some removal tools to get rid of them early before it gets worst.

DO NOT open suspicious email attachments - Whether they are from individuals you know or individuals you don't know. A great example would be the Mydoom/Novarg virus. The virus would infect someone's machine, then looks at the address book on the machine, and emails itself to everyone on the address book and randomly uses another entry from the address book as the sender.

Be on the lookout for Phishing scams - Knowing how to tell the difference between a legitimate email versus a phishing fraud can save you a lot of trouble. Take a Phishing Quiz to see if you can spot a scam.

Strong Password - A good password is at least 8 characters long, and contains a combination of both upper and lower case letters, numbers and special characters (e.g. !@#$%^&). Better still, is a passphrase such as RHSmith is a gr3@t school!. A passphrase makes it easier to remember a long password and is much harder to guess.

Run Anti-Virus Software - Be sure that you have an anti-virus software program installed and running (with updates enable) on your computer. Campus offers anti-virus software for free to members of the University community. The software can be downloaded here.

Firewall - If your computer is directly connected to the internet via a Cable/DSL modem or on the campus network, it is recommended that you run a software firewall to restrict access to your computer over the network. Windows XP w/ SP2 has a built-in software firewall that is enabled by default. To verify that the Widows firewall is running, go to Start Menu > Settings > Control Panel > Security Center. If you use a router at home to share a Cable or DSL connection, the router has a built-in firewall that protects your computer. However, it is always a good idea to run the Windows Firewall as well.

Run Windows Updates - Make sure you have Windows Automatic Update enable on your computer. This will help to keep Windows up to date with the last software patches and bugs fixes. To verify that the Widows Automatic Update is enable, go to Start Menu > Settings > Control Panel > Security Center. This is very important because some security attacks will go through bugs in Windows and will make people think it is a virus. An example would be the Sasser worm. The worm attacked everyone that did not have the latest security patches and even if the anti-virus protection was up to date, they were still infected.

Spyware/Adware Removal Tools - There are several free spyware/adware removal tools out there. Generally speaking, these tools have to be run and updated manually, so be sure to check for updates each time you run them.

Web Browsing - When browsing the web avoid downloading any suspicious software. It is recommended that you install an alternate web browser such as Firefox or Opera. These browsers lack some of the functionality of Internet Explorer (such as the ActiveX scripting that Windows Updates utilizes) which makes them somewhat less susceptible to certain types of attacks against web browsers. Some sites require use of Internet Explorer, but for day to day web browsing an alternative to Internet Explorer is recommended.