» overview
» our staff
» web services
» telecommunication
» research computing
» policies
» windows security
» documents
» desktop support
» licensed software
» campus resources
Please read new computer and network security guideline
Though Microsoft Windows NT based products (Windows NT and 2000) are inherently more secure than the consumer versions (Windows 3.x/9x/me) of Windows, their increased network functionality, creates a greater number of potential security hazards. To help the user mitigate some of these threats, Computing Services has established a base set of security recommendations for Windows NT workstations and servers. Additionally, for areas that may require greater than base levels of security, we also have a set of high security recommendations and links for those interested in system security.
When dealing with system security the first thing to consider is user education, because it doesn't matter how tightly you secure your computers if you or another person gives out the password or runs a trojan horse/virus sent to them as an email attachment. To this end, users should do the following:
1. Whenever a user leaves their workstation/desktop computer they should either lock the workstation or log out completely. To lock the computer, press CTRL+ALT+DELETE and choose "Lock Workstation" from the ensuing window. To logout users can again press CTRL+ALT+DELETE and choose "Logout." The difference between locking the workstation and logging out is that if a workstation is locked everything that was running continues to do so, however when you logout all programs are closed completely.
2. Never give out passwords to anyone. If you are ever contacted by someone claiming to be the system administrator or from tech support and asking for your password or some other form of access to your account, don't give out any information. By nature of their position, system administrators already have access to your account, and should never require your password.
3. Remove Timbuktu, PC Anywhere, etc. from all computers. These programs, if the password is discovered, enable remote hackers to do anything remotely that you could do locally. Additionally, once one of these systems is hacked, they can then, in turn, be easily used to attack other computers.
4. Anti-virus should always be used and updated regularly. Besides the fact that there are literally thousands of know computer viruses, there are also deceptive programs called trojan horses that, if run, could comprimise system security or destroy user files. As a point of reference most anti-virus companies have found it necessary to release weekly updates as well as periodic special patches to cover viruses not included in the most recent update.
5. Users should not open unsolicited email attachments. Even if you are using an anti-virus program and are updating it regularly, there is always a period between when a virus is discovered and when you are protected against it. Because of this continual lapse in coverage, even those people who regularly update their anti-virus programs should be careful.
For more information please see the following documents:
Standard Security
High Security