Information Security - Best Practices

NEVER, EVER, WALK AWAY WITHOUT LOGGING OFF OR LOCKING YOUR COMPUTER

Back Up Early and Often

Amazingly, most people still don't take the time to back up their computer. If your hard disk suddenly crashes, there may be no way to retrieve the information on the disk. Suddenly, months of documents could be lost. What if you get a virus on your computer and it corrupts all your text files? There goes tomorrow's presentation. If your computer or laptop is stolen, there goes everything. There are a variety of software tools that enable you to back up all or part of your hard disk onto a removable medium (a floppy disk, a Zip disk, a tape, or CD-RW disk) that you can keep separate from your hard disk. As long as you have a current backup of your files, you won't lose more than a day or two of work if something catastrophic should happen. Once your computer is up and running again, you can reinstall your files from the backup.

Microsoft Security Updates:  http://www.microsoft.com/technet/mpsa/start.asp

If you are using Microsoft Office -- and particularly if your e-mail program is Outlook -- install all Microsoft Security Patches. The Outlook Email Security Update guards against viral attacks that travel via executable or high-risk attachments and guards against worm attacks that replicate through e-mail. The update provides several security enhancements:

  • Protects you from opening unsafe files or attachments
  • Notifies you if another program is trying to open your address book to send mail on your behalf
  • As a further precaution, set security settings to High within Microsoft Word, Excel, and PowerPoint® documents. Click Tools, Options, and Security on the toolbar, and set your macro settings to High. This will protect you from most macro viruses.

Use Antivirus Software:  http://security.uwo.ca/antivirus/

There's no question about this: You should use virus protection software on your computer--particularly software that can scan downloaded files and incoming e-mail messages (and attachments). Antivirus software packages are available from a variety of vendors and they are worth the investment. Major vendors all keep their virus identification files up to date, and some packages will automatically install the updates on a regular basis so that your software remains current. Check out PC-Cillin at the Campus Computer Store. It's cheap and works great!

Computer Security

99% of laptops stolen are not recovered!

Here are a few ideas to help make sure your computer doesn't turn into a statistic:

  1. Make sure your door is always locked and use a laptop security cable (i.e. Kensington). They are inexpensive and effective.
  2. Don't use a carrying case with the vendors' name on it (i.e. DELL or IBM). Use a brightly coloured briefcase or backpack that you can easily see if someone is running away with it.
  3. It's not always easy to lock down printers, projectors or cameras, so it is advisable to permanently mark this property. Consider audible alarms, software tracking systems or engraving (tool available at UPD). This greatly increases the chance of recovery.
  4. Record: make, model and serial number. If your computer is stolen, give this information to the UWO Campus Community Police Service and the manufacturer.
  5. Many laptops are stolen from vehicles, so never leave it in plain view. Check your insurance policy for computer coverage.
  6. Password-protect your BIOS from unauthorized access.

Use Strong Passwords:  http://security.uwo.ca/

The more time you spend on the Internet, the more passwords you will be asked to create and use. The key to strong passwords lies in their length and unfamiliarity. Passwords with eight characters are harder to crack than passwords with four or six characters. Passwords that mix letters and numbers or punctuation and symbols are even more difficult. If someone else determines your password, they can effectively assume your electronic identity. That individual now has full access to your files, your e-mail, personal information, and more. This intruder could modify or destroy your files, send threats via e-mail in your name, or subscribe to unwanted services for which you'd have to pay. In short, an insecure password can easily wreak havoc in your life.

Rules of Thumb for Strong Passwords

  • Don't use personal information or a word found in any dictionary (i.e. family names, license plates, or your username)
  • Make it 8 characters long, a mixture of numbers, punctuation, special characters, upper and lower case
  • Change your password regularly

High-Speed Internet Connections

What do I need to know about using DSL or Cable Modems to connect to the Internet?

The high-speed access offered by broadband and cable is thrilling, but raises security concerns that older, slower technologies did not. DSL and cable are "always on" connections that use static Internet Protocol (IP) addressing. That means that as long as your computer is powered up, it is always connected to the Internet at the same Internet address. Without proper security measures, anyone on the Internet browsing to that IP address could conceivably see right into your computer and access your files. There are two important steps you could take to combat this vulnerability:

  1. In Control Panel, double-click Network and make sure you clear the File and Print Sharing options.
  2. Install a personal firewall. A firewall is like a valve that lets you access the Internet, but prevents the Internet from accessing you.

Chat Rooms

Internet chat rooms can be home to some of the most exciting conversations taking place today, but it is important to remember that things are not always what they seem. Someone can claim to be tall, dark, and handsome even if they're not. Indeed, some visitors to chat rooms are men masquerading as women, women masquerading as men, married people posing as singles, young posing as old, old posing as young. Also note that many chat rooms are filled with people who spend more time listening than chatting. You may find yourself in a compelling conversation with two or three other people, but five or six people beyond that may be listening. And because chat rooms are public places, others can save and print your conversations. The same applies to messaging: be careful how much personal information you reveal while on-line. Also, be careful in setting up your personal profile for your instant messaging account. All participants in the messaging system can see this information--do not post any information you want to keep private. Finally, as many messaging systems allow file swapping among computers, make sure you have current anti-virus software installed.

Western provides the best student experience among Canada's leading research-intensive universities.