1 / 26

Securing Your Personal Computer

Securing Your Personal Computer Brandon Cain, Data Security Coordinator Overview Welcome & Introductions Operating System Updates Anti-virus/Anti-spyware Firewalls User Permissions Wireless Networks Internet Safety Email Security Strong Passwords Document Backup Questions & Answers

Mia_John
Download Presentation

Securing Your Personal Computer

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing Your Personal Computer Brandon Cain, Data Security Coordinator

  2. Overview • Welcome & Introductions • Operating System Updates • Anti-virus/Anti-spyware • Firewalls • User Permissions • Wireless Networks • Internet Safety • Email Security • Strong Passwords • Document Backup • Questions & Answers

  3. Tips for Secure Computing Information Security’s tips for students regarding secure computing: • Physical security is the first line of defense. • Check for operating system updates frequently. • Install anti-virus software and keep the definitions up-to-date. • Configure the firewall that came with your operating system, or use a trustworthy third party firewall. • Use safe searches to avoid explicit content or unsafe sites, and consider using a third party add-on to ensure safe browsing. • Verify legitimacy of files before downloading and don’t download copyrighted material illegally. UAB’s Information Security organization is responsible for helping the UAB community protect information. Visit www.uab.edu/informationsecurityfor additional information on security related topics.

  4. Operating System Updates (Automatic) • Consistently install updates and patches to correct OS vulnerabilities. - Turn on automatic updates from the desktop.

  5. Operating System Updates (Automatic) • Turn on updates in the security center. - Click Start>Control Panel>Security Center

  6. Operating System Updates (Manual) • To manually install updates: - Click Start > All Programs > Microsoft Update - Click “Express” or “Custom” and follow the prompts.

  7. Anti-virus Software: Microsoft Forefront UAB IT offers an extensive library of software for free or at discounted pricing, including anti-virus protection via Microsoft Forefront for Windows or Sophos for Mac • Features: • Integrated anti-virus/anti-Spyware • Malware removal / system recovery • Real-time protection • Scheduled and on-demand scans • FREE for UAB students, faculty and staff • Important User Settings: • Automatic definition updates • Apply recommended actions http://main.uab.edu/Sites/it/internal/students/software/

  8. Anti-Virus Software: Students Anti-Virus requirements for students in residence halls • In order to connect to ResNET or uabwifi-nac, students’ computers (with the exception of Macs) will need to have one of the following anti-virus applications with up-to-date definitions: • Microsoft Forefront • McAfee • Norton (Symantec) • AVG Download Microsoft Forefront -http://main.uab.edu/Sites/it/internal/all/software-library/ (you will need to enter your BlazerID and strong password). You may also call UAB’s AskIT Help Desk at 205-996-5555, to schedule an appointment for assistance in meeting this requirement.

  9. Anti-spyware: Symptoms • If you observe any of the following symptoms on your Windows computer, spyware could be the cause: • You may see many more pop-up advertising windows than usual. • Your web browser may go to sites you do not expect. • Several other symptoms could indicate spyware or another type of infection, such as a virus: • Your system may seem sluggish or become unstable. • Network traffic on your system may increase. • To protect your computer from spyware, choose tools that have been widely used and favorably reviewed. Don't accept tools that are offered in popup windows; these are often spyware in disguise. Some reputable review and download sites are: • SpywareGuide – http://www.spywareguide.com/ • SpyChecker - http://www.spychecker.com/software/antispy.html • Spyware Center - http://download.cnet.com/windows/security-software/?tag=dir

  10. Anti-spyware: Spybot and Ad-Aware Two of the most popular www.safer-networking.org http://lavasoft.com/

  11. Anti-virus Response: Students If you suspect that your computer has been infected by malware or otherwise compromised, do the following: • Disconnect the computer from the network. • Run anti-virus and anti-spyware software on the computer. • If malware is detected, contact the UAB AskIT Help Desk at 205-996-5555, or email to askit@uab.edu. • If no malware is detected, perform self-remediation and attempt to determine the root cause. • Have you recently installed something that may have created a vulnerability? • Are you using weak passwords on any of your user accounts? • Have your Operating System (OS) and applications been patched and updated on a regular basis? If the Information Security Office determines that your system is infected, you will be contacted by them or the AskIT Help Desk, and will be required to conduct a reinstallation of your system before you can be reconnected to the UAB network.

  12. Anti-virus Response: Faculty/Staff If you suspect that your computer has been infected by malware or otherwise compromised, do the following: • Disconnect the computer from the network. • Do not turn off your computer. • Do not run anti-virus and anti-spyware software on the computer. • Contact your department’s technical support staff or the UAB AskIT Help Desk at 205-996-5555, or email to askit@uab.edu. • For possible compromise of sensitive UAB data, your technical support staff must call the Information Security Office at 205-975-0842, or email to datasecurity@uab.edu. If the Information Security Office determines that your system is infected, you will be contacted by them or AskIT Help Desk, and will be required to conduct a reinstallation of your system before you can be reconnected to the UAB network.

  13. Firewalls - Windows • Access firewall settings in the Control Panel. • Turn on the firewall. • You can add exceptions if a program you normally use is being blocked. • 3rd party firewall Options: • www.comodo.com/ • www.zonealarm.com • www.tallemu.com • www.sunbeltsoftware.com

  14. Update Applications: FileHippo FileHippo.com is a popular site the provides visitors with a simple method for downloading the newest version of software applications. www.filehippo.com

  15. Update Applications: FileHippo Download the update checker to scan your computer for installed software and search for newer releases. The latest versions are then neatly displayed in your browser for you to download. www.filehippo.com

  16. Update Applications: Ccleaner Ccleaner is a freeware system optimization, privacy and cleaning tool that removes unused files from your system, and cleans traces of online activities. www.ccleaner.com

  17. Limit User Permissions • Disable the guest account • Rename the administrator account • Create “user” level accounts

  18. Wireless Network Security Issues Free/Public WiFi Home/Private WiFi The default settings on home wireless products are usually not configured to be secure or private. If configured properly, your home wireless network will be protected from the average user. An intruder with the proper knowledge and tools can still circumvent security mechanisms. • Hosts that offer complimentary wireless often implement the service with little to no security in mind. • Even if some security mechanism is in place, it can be circumvented.

  19. Wireless Recommendations • Change the default username and password on the router. • Change the wireless network SSID. • Ensure remote administration is disabled. • Enable an encryption protocol. • Set a strong encryption key. Optional: • Enable MAC address filtering and allow only the addresses that you specify. • Disable SSID broadcasting.

  20. SSID & Remote Administration Change the wireless SSID • Don’t use anything that identifies you, your location or the technology that you use. • Don’t use a name that would invite an intruder (i.e. super-secret or h4Xm3plz). • Don’t repeat use of any of your other passwords. Remote administration • Most routers provide a means of configuring it remotely using an IP address and a port number. If this is enabled, then anyone on the Internet can connect to your router and reconfigure it.

  21. Enable Encryption & Set a Strong Key • Wired Equivalency Privacy (WEP) – an old encryption standard that is considered outdated and seriously flawed. It’s better than using nothing at all. • WEP 128 – uses a 26-digit hexadecimal string (0-9 and A-F) • WiFi Protected Access (WPA) – a newer encryption standard that provides better protection than WEP • WPA2 – the latest encryption standard that forces the use of the AES-CCMP algorithm. • WPA-PSK & WPA2-PSK – both use a passphrase between 8 and 63 characters, or a 64-digit hexadecimal string. A popular belief is that the passphrase should be 13(+) random characters.

  22. Internet Safety • Be sure to look for the yellow padlock to indicate a secure, encrypted transmission when sending sensitive data. • Do not click on pop-up windows. • Do not auto-save your username or password to ANY site. • Do not post anything to social networking sites that you don’t want the whole world seeing, including future employers. • Be mindful of adding people you don’t know or can’t recall to any friend or contact list.

  23. Browser Security Settings • Don’t auto-save any passwords • Don’t save form data • Delete Cookies and History regularly • Don’t add extra toolbars • Pay attention to links on websites

  24. Email Security • Set up a “junk” account for use with online forms and mailing lists. • Do not open unsolicited emails. • Beware of pictures and videos in unsolicited emails. • Always activate your spam filters. • Be very careful of email spoofs, hoaxes, and watch out for phishing emails.

  25. Strong Passwords and Passphrases • Follow these simple tips when creating your individual password: • Use at least 6-8 characters. • Use a combination of letters, numbers and special characters. • Do not use common words or personal information. • Consider passphrases for creating strong passwords: • For example, use the first letter of each word found in a favorite quote or song lyric. • “Oh, When the Saints Go Marching In,” password would be: OWTSGMI. • The strength of the password is improved by changing letters to numbers or special characters: OWT$GM1.

  26. Document Backup • Back up your documents on a regular basis. • The easiest way is to purchase an external hard drive, CDs/DVDs or other media where you can store a copy of all your important data. • This becomes very important in the event you have to perform a reinstallation due to a virus infection or a system crash.

More Related