Working From Your Home Computer Safely:The Ten Commandments Stephen Jones, GSEC, A+ With special thanks to Balakrishnan Ramachandran
1. Thou Shall Update the Anti-Virus Software On Your Computer • Secures you from viruses, spam email attachments • Use McAfee – it’s free • Always update your virus definitions • Schedule a daily scan of your hard drive for viruses
Exegesis – 1st Commandment • To install McAfee, go to http://www.umbc.edu/oit/downloads; then scroll down to Antivirus. Pick the correct version for your operating system. You’ll need to log in to myUMBC, but then you can install the software. • To update McAfee, go to Start, Programs, Network Associates, Viruscan Console, double-click Autoupdate, and then click the update button. It automatically updates if you’re on the Internet at the time indicated; the time for the automatic update can be changed. • To run a scan, follow above steps to get to Viruscan Console, double-click Scan All Fixed Disks.
2. Thou shall patch your Windows operating system • Set your Windows XP/2000 for automatic updates (from Control Panel) • Updates run in the background without affecting your work • Periodically also check for updates for your Microsoft Office products
Exegesis – 2nd Commandment • To configure automatic updates in XP, go to Start, Settings, Control Panel, Automatic Updates. Choose to automatically download and install updates and pick a time when you know the computer will be on the Internet. • In Windows 2000, follow the steps above to Automatic Updates. Then I recommend choosing to automatically download the updates and automatically install them at a time you know the computer will be on. • For Office updates, open an Office application, go to Help, Check for Updates. The updates occasionally require that you have the installation cds.
3. Thou shall use Administrator privileges rarely, but strong passwords always • Create separate accounts for the people using the computer and give them User level privileges only. That includes you. Rename the administrator account; don’t let anyone other than you use it, and even then only when software needs to be installed. Disable all system supplied accounts (e.g., Guest). • Strong passwords – minimum 9 characters, with alphas (upper and lower case), numerics _and_ special characters (e.g., asterisk).
Exegesis – 3rd Commandment1st Rubric • Creating accounts: Log on as administrator. Then Start, settings, control panel, administrative tools, computer management, local users and groups, users. Then click on Action, New User, name the account. Click create and then close. The default privilege level is Users. Then right click on the account and assign a password.
Exegesis – 3rd CommandmentRubric 2 • Do you have other people using the computer who will balk at only having limited privileges? • If so, buy a computer for them and you use the safe one. • Can’t afford to buy another computer? Get your department to buy you one. (OIT is now discussing how to require departments to provide an OIT secured computer to persons working from home.) • Department won’t buy you a computer but other people at home will balk…. Then it’s safe to assume that your home computer will be hacked and you’ll lose everything on it. Ouch!
Exegesis – 3rd CommandmentRubric 3 (optional, follow cautiously) • Rename the administrator account/disable all system supplied accounts/create a dummy administrator account • Follow the directions to get to Users in the 1st Rubric. Right click on the administrator account and select rename. Give it an ordinary sounding name. This will slow down hackers. • Disable all other system supplied accounts (right click, properties, disable this account). • After renaming the Administrator account, create an account named Administrator. Right click, go to Properties, Member of, Add, Advanced, Find Now, click on Guests, then click ok twice, then highlight Users, then click Remove. Then give it a strong password. This will also slow down hackers.
4. Thou shall use a Firewall • Firewalls protect your PC from intrusions and hack attacks • Install Service Pack 2 for Windows XP which has a built-in firewall • You can also try Zone Alarm or McAfee Firewall to protect your computer, but this is recommended only if you have time to get them working • Check for constant updates
5. Thou shall install anti-spyware software • Spyware is software that sends personal data to the internet without your knowing it • You are normally unaware that it has been installed and that it is running • Update anti-spyware software and scan your computer daily
Exegesis – 5th Commandment • Currently the best free anti-spyware package, and one of the best free or otherwise, is Ad-Aware. • http://www.lavasoft.com
6. Thou shall use a router if you using a high-speed (cable, DSL) Internet connection • Router is a device that allows you to connect more than 1 computer to your high speed Internet connection • Most router models act as a Firewall to your entire home network • It adds an extra layer of security to your software based firewall
Exegesis – 6th Commandment • Routers are relatively inexpensive - <$100, frequently ~$50 with rebates • Linksys routers are fairly easy to set up • Best to connect to them with Ethernet cables and not use wireless • Want to use wireless? See 7th Commandment
7. Thou shall not provide free wireless internet to thy neighbor • If you use the wireless function on a router, the signal can cover a large area, potentially extending 150 feet in all directions (whether or not there are walls). • Read the wireless router manual while setting it up and enforce some measure of security to access your Internet connection. Your neighbors/people driving by on the street can still see the network, but if you use the security provided, it will be very difficult for them to use your internet connection, or, even worse, eaves drop on your network traffic. Again, OUCH! • If the router offers it, the best method is to use a hardware based access control list.
8. Thou shall use a VPN whenever applicable • VPN is a virtual (i.e., software rather than hardware base), secure connection between your home computer and a server through the internet • VPN software needs to be installed and enabled at both ends • At UMBC, the main function using VPN connectivity are financially related, e.g., PeopleSoft.
9. Thou shall back up thy files and use good surge protectors/ uninterruptible power supply • CD/DVD recorders are now about $75. If you don’t have one, buy one and use it to back up files from your hard drive. • An old adage – when do floppy disks fail? When you need them. • At a minimum, get a surge protector that really works and isn’t just an extension cord (~$35). Better yet get a UPS (uninterruptible power supply), which is both a surge protector and a line conditioner (power sag/brown out protection). A typical home computer needs one that supplies 650-725VA (~$150-200). • http://www.apc.com is a good site.
10. Thou shall always use your computer intelligently • Don’t install software from unknown publishers or websites • Don’t give install rights to users who are not very savvy • Periodically change your passwords • Follow Commandments 1-9.
Thank you for your Time. • Stephen M Jones Manager, Library Computing Services firstname.lastname@example.org 410-455-3040