We have compiled some suggestions for best computer security practices in the Engineering network environment.
On Your ETS-Supported University Computer
One of the first things you should do is keep your computer up-to-date. This includes the following:
- Operating system updates. Windows, Mac OS and Linux all include the ability to automatically download and install updates (also called patches) for the operating system. ETS-supported computers are configured to automatically download and install updates.
- Windows: Periodically an icon may appear in the system tray which says “Updates are ready for your computer.” Or, you may receive a message which indicates that Windows has applied new updates and needs to restart. If that’s the case, please allow the update to run and the computer to restart. Doing so will allow your system to be up-to-date and more secure.
- Antivirus software. All Windows computers built by ETS use the built-in antivirus software from Microsoft.
- Web browser. ETS recommends using Mozilla Firefox or Google Chrome to browse the Web, and not Internet Explorer. Both these products are free and can be installed on Windows, Mac and Linux.
- Other software. There are many “third party” software packages which are considered essential to everyday computing. Some of these are Java, and Adobe Reader. Because these programs are so popular, they are the target of viruses and other malware, and are updated frequently. Make sure that these programs are up-to-date on your computer! All of the mentioned programs have automatic updating features, but you can update them manually by going to their respective web sites. If you are not able to install or update these on your Engineering computer, please contact ETS and we will do it for you.
- Software to avoid. Consider avoiding the use of these programs, if you can help it:
- Internet Explorer. Always use another web browser such as Firefox, unless you are visiting a web site that requires IE. When you’re done visiting that particular web site, close IE.
- Third-party Firewall programs. These are almost never any good beyond what the built-in Windows Firewall can do for you, and will conflict with the Windows Firewall if not properly configured. ETS does not support third-party firewall programs.
- Duplicate antivirus programs. Never have more than one antivirus program installed on the same computer; it can drastically decrease the performance of your computer, and in the worst case, the two programs can conflict with each other causing BOTH to be ineffective against viruses.
- File sharing. Be very careful with file sharing. Sharing files the wrong way on your computer can effectively open up your computer and all its files to anyone on your network, or the Internet. In general, if your computer is on the Engineering network, we don’t recommend file sharing at all. Instead, use our network resources for group files such as the T: drive.
- Use passwords. Every computer account should have a password, and preferably a strong one.
- Lock your computer. Wherever you are, lock your computer (in Windows, press and hold the Windows key on your keyboard, while pressing the letter L) when you leave it. This is especially important in public places, like a computer lab, but even in your own locked office, it’s a given that other people have keys to the office.
On Your Personal Computer
One of the first things you should do is keep your computer up-to-date. This includes the following:
- Operating system updates. Windows, Mac OS and Linux all include the ability to automatically download and install updates (also called patches) for the operating system. Be sure that you are taking advantage of this feature!
- Windows 7/8.x: Open Control Panel and then Windows Update. Select “Change settings”. Ensure that “Install updates automatically (recommended)” is selected. We advise you to select “Give me recommended updates the same way I receive important updates”. Click OK and you are ready to go. And remember: When the “Windows Updates are ready to install” notice appears in your system tray, do NOT ignore it!
- Windows 10: Updates are installed automatically.
- Mac OS X: Click the top left Apple icon, then Software Update, and install any updates.
- Linux instructions vary. We recommend you check your distribution’s help documentation and enabled automatic updates.
- Antivirus and anti-malware software. This is a must-have on a Windows system, and is recommended for other systems (even your smart phones!). ETS highly recommends that all computers on the CSU network have antivirus software installed.
- Firewall. A firewall program essentially separates communications between your computer, your local network (if any), and the Internet. It is another important security step.
- Windows: On Windows systems, the built-in firewall is enabled by default. You should not need to change any settings. If for some reason you have turned the Windows firewall off, you should re-enable it as quickly as possible.
- Mac OS X: The Mac OS X firewall is disabled by default. This is a security risk, and you should take immediate steps to enable the firewall. Click the top left Apple icon, then System Preferences, then Security and Privacy, and start the firewall.
- Linux: The firewall is enabled by default on most linux distributions. Because instructions vary between linux distributions, we recommend you check your distribution’s help documentation to enable the firewall if it is not already enabled.
Do not use third-party firewall programs. These are almost never any good beyond what the built-in Windows Firewall can do for you, and will conflict with the Windows Firewall if not properly configured. ETS does not support third-party firewall programs.
- Other software. There are many “third party” software packages which are considered essential to everyday computing. Some of these are Java, Adobe Flash, and Adobe Reader. Because these programs are so popular, they are the target of viruses and other malware, and are updated frequently. Make sure that these programs are up-to-date on your computer! All of the mentioned programs have automatic updating features, but you can update them manually by going to their respective web sites.
- Web browser. ETS recommends using Mozilla Firefox or Google Chrome to browse the Web, and not Internet Explorer. Both these products are free and can be installed on Windows, Mac and Linux.
- Software to avoid. Consider avoiding the use of these programs, if you can help it:
- Internet Explorer. Always use another web browser such as Firefox, unless you are visiting a web site that requires IE. When you’re done visiting that particular web site, close IE.
- Third-party Firewall programs. These are almost never any good beyond what the built-in Windows Firewall can do for you, and will conflict with the Windows Firewall if not properly configured. If you want extra firewall security, consider the advanced firewall features of your home router.
- Duplicate antivirus programs. Never have more than one antivirus program installed on the same computer; it can drastically decrease the performance of your computer, and in the worst case, the two programs can conflict with each other causing BOTH to be ineffective against viruses.
- File sharing. Be very careful with file sharing. Sharing files the wrong way on your computer can effectively open up your computer and all its files to anyone on your network, or the Internet. Consider using an online file hosting service such as Dropbox.
- Use passwords. Every computer account should have a password, and preferably a strong one.
- Lowest User Privilege. This means that you should use your computer as a ‘normal’ user for day-to-day use, and only log is as an ‘administrator’ or ‘power’ user when necessary to install software or perform system maintenance. This helps reduce the possibility of malware affecting your computer. Both Windows and Mac OS allow you to create an administrative user by default; you should change this to a ‘Users’ (Windows) or ‘Standard’ (Mac) account, then create a different ‘Administrator’ (Windows) or ‘Power User’ (Mac) account and only use that one when necessary.
- Lock your computer. Wherever you are, lock your computer (in Windows, press and hold the Windows key on your keyboard, while pressing the letter L) when you leave it. This is especially important in public places, like a computer lab, but even in your own locked office, it’s a given that other people have keys to the office.
On The Web
No matter what automatic security protections, like antivirus programs and strong passwords, you use on your computer, the Web is full of ways to infect your computer or steal your personal information. (They say that the safest computer is the computer not connected to a network.) Clearly, you’ll need to use the Web, so it’s important to consider safe web browsing. Such advice is beyond the scope of this article, but here is a helpful place to start.