Secure Your Computer

I. Update your Operating System

No operating system is perfect, and all of them, if not fully patched, are at risk of being exploited by hackers and viruses. On the other hand, a fully patched operating system can be the best first line of defense. An unpatched machine on the network is harmful not only to its user but to other computers on the network. For that reason, we require all machines on the network to have the latest patches as outlined in our Acceptable Use Policy.

To download updates immediately, go to Microsoft Windows Update for Windows based PCs. At times Microsoft will release an updated version of their Windows Update utility. Your version of windows must have the latest version of this update utility in order to recieve regular updates. Visiting the Microsoft Windows Update site will check your updater version and inform you if your utility is out of date.

For Mac OS X 10.5 and earlier, updates are available through Apple's "Software Update" tool via the Apple Menu. Otherwise you can visit Apple Support.

We also recommend setting up your computer to automatically download and install updates as they are made available.

For Windows XP

  1. Right-click on My Computer, select Properties and click on the Automatic Updates tab
  2. Check Keep my computer up-to-date...
  3. Check one of the settings: we recommend Download the updates automatically...

For Windows Vista

  1. Go to Windows Orb (former start menu), click on "All Programs", click on Windows Update.
  2. Click on "Change Settings", under tasks on the left side bar.
  3. Check one of the settings: we recommend "Install Updates Automatically". Choose a day and time when your computer is usually on.
  4. The options under the sections for "Recommended Updates" and "Update Service", should also be checked.

For Mac OS X

  1. Go to the Apple Menu, then System Preferences, and click on "Software Update".
  2. Check for updates. We recommend checking Weekly.
  3. We also recommend checking Download important updates in the background.

II. Set passphrases on all your accounts.

To prevent unauthorized access to your computer (hackers, malware, viruses), strong authentication must be used for all access. We recommend using a passphrase (a collection of words) instead of a password. A phrase is significantly more secure and is often easier to remember. Here are some examples.

"You can do the Boogie 2!"
"Call dad re: the party!"
"Pickles make me want to HURL."

Use the following guidelines to create your passphrase:

  1. Do not use a famous quote or a well-known line from a song.
  2. Make sure you can remember it.
  3. Use characters from at least three of the following four groups: lower case letters, upper case letters, numbers, non-alphanumeric characters (!$@#,etc).

Here's How:

For Windows XP: Start -> Settings -> Control Panel -> User Accounts

For Windows Vista: Windows Orb -> Control Panel -> User Accounts

Windows XP Home

  1. For each account listed, click on it, then choose "Create Password"
  2. Type in your new password twice and you may if you wish set an optional hint

Windows XP Pro

  1. Log on with an Administrator privileges account
  2. For each account listed, click on it, then choose "Create Password"
  3. Type in your new password twice and you may if you wish set an optional hint

Windows Vista

  1. Log on with an Administrator privileges account
  2. For each user account, click on the account name on the left and then click on "Create Password".
  3. Type in the new password and confirm it. You may also provide a hint question or phrase.

For Macs:

Mac OS X

  1. Go to Apple -> System Preferences -> Accounts
  2. Click on your account.
  3. Type in and remember your new password

III. Sharing - Don't share access to your computer to strangers.

Your computer may allow other users to access files and folders on your computer and devices connected to your computer through file sharing. This ability to share files can be used to infect your computer with a virus or worm. By default, Windows XP allows for sharing. To check if your hard drives are shared go to "My Computer" and look at your hard drive icons. If any of them have an icon with a hand holding it the drive is shared.

driveview

Above: an example of a shared hard drive's icon.

If any of your drives are shared you will want to disable the share by right-clicking the drive and choosing "Sharing and Security":

context

Above: choose "Sharing and Security" to unshare a drive.

When you choose "Sharing and Security" a window will come up where you will want to uncheck "Share this folder on the network":

share

Above: the contents of this drive have been shared.

Once you have unchecked "Share this folder on the network" you will see this screen confirming that the contents of your hard drive are now secure:

good

Above: a hard drive that has not been shared.

IV. Use a Firewall.

A firewall serves as another line of defense between your computer and all the dangers waiting for you on the internet. It is kind of like the moat around your castle - you get to decide what comes in and what goes out. Windows XP, Windows Vista and Mac OS X both have built in firewalls. To enable your builtin firewall, follow these easy steps.

Windows XP with Service Pack 2 or Service Pack 3

  1. Click Start -> Control Panel -> Windows Security Center -> Windows Firewall.
  2. Turn the firewall On.

Windows Vista

  1. Windows Orb -> Control Panel -> Windows Firewall
  2. On the left side bar click "Turn Windows Firewall on or off"
  3. Choose the "On (recommended)" option.
  4. Click "Ok" to apply the settings to your computer

With Windows Firewall enabled if you run internet connected software for the first time you may be asked to "Block" or "Unblock" the program from accessing the internet. In general you should only allow programs to access the internet that you are familiar with. If you are not sure block the software and check with the company's website. An exception list can be accessed from the Windows Firewall control panel. For more information on how-to customize Windows Firewall. This guide will also apply for Windows XP.

Mac OS X

  1. Go to Apple, then System Preferences, click on Sharing, and then click the Firewall tab.
  2. Click the Start button to turn on your firewall.

Windows 2000 and earlier

Since these versions of Microsoft Windows do not include a built in Firewall option, we recommend downloading a free copy of Zonealarm or purchasing a third party Firewall software such as Norton Internet Security or MacAfee.

V. Keep an UPDATED Anti-virus program on your computer.

What this will do: An updated anti-virus program will alert you when a potential threatening file is being downloaded onto your computer.

With over 100,000 new viruses in 2007 and analysts expecting this number to grow, virus signatures is the only way current A/V software can detect and remove new or evolved threats. Virus Scanners need to be updated constantly because new viruses are always emerging. Most A/V clients will update automatically when connected to the internet. Check your client settings to make sure this is performed on a daily basis. Also check your your subscription status for the expiration date. An expired subscription will not allow the client to receive regular virus signature updates. Without the latest virus signatures your A/V client will be ineffective.

Please keep in mind that when downloading any type of software, download from a credible source. For example, if you choose to download an anti virus software, download from the company's website or a credible third-party download site like Download.com. Downloading software from a non-credible source may potentially infect your computer with viruses and may make your computer vulnerable to security threats.

Recommended Antivirus Software and Virus Information

VI. Other ways to protect your computer

A) Email - Don't open messages from unknown sources

A simple rule of thumb is that if you don't know the person who is sending you an email, be very careful about opening email, especially if it has a file attachment. If you receive a suspicious email, the best thing to do is to delete the entire message, along with any attachment. Even if you do know the person sending you the email, you should exercise caution if the message is strange and unexpected, particularly if it contains unusual hyperlinks. Your friend may have accidentally sent you a virus. When in doubt, delete it. Don't open files with extensions .zip, .pif, .exe, .com, or .bat, or .eml files unless you know the person and what it is they are sending you.

B) Internet Security and Encryption

In Internet Explorer and Netscape, in the preferences section, there will be an option to change your security setting. Higher levels mean tighter security and will not let you browse a lot of sites it deems insecure. Lower levels will allow you to browse almost everything on the web, secure or not. The best and most used setting is a medium one.

Some tips:
Before you hit the "submit" button on online purchasing sites or on confidential information, make sure that you're secure. If you look at the web address in your browser, you should see "https://" where you usually just have "http://". The "s" means it's a secure connection.

If you're surfing with Internet Explorer, you should also see a locked padlock at the bottom-right of the window. In Netscape the lock should be at the bottom-left. If the locks aren't there, your information isn't encrypted, and safe confidential information such as credit card numbers or pin numbers can be accessible to hackers.

Remember the basic rule of security for the average Internet user; never send your credit card number or password in an e-mail. For the majority of users on the Internet, e-mail is not encrypted; therefore it's not a secure way to transmit important data.

C) Sharing - Don't share access to your computer to strangers

Your computer may allow other users to access files and folders on your computer and devices connected to your computer through "file sharing." This ability to share files can be used to infect your computer with a virus or worm. By default, Windows XP allows for sharing. ResNet highly recommends that you disable sharing; In Windows XP Pro, open "My Computer" and goto the Tools Menu and select Folder Options and click on the view tab and scroll the bottom and uncheck, "Use simple file sharing," since file sharing is set on default and you do want strangers to access your computer. To get more information about file sharing, please visit our resnet page.

D) Back up your data

Back up small documents to floppy disks and large files to CDs. You should make weekly backups of all important data. And make sure you have your original software start-up disks handy and available in the event your computer system files get damaged.