|
Though
Microsoft Windows NT based products (Windows NT and 2000)
are inherently more secure than the consumer versions (Windows
3.x/9x/me) of Windows, their increased network functionality,
creates a greater number of potential security hazards.
To help the user mitigate some of these threats, Computing
Services has established a base set of security recommendations
for Windows NT workstations and servers. Additionally, for
areas that may require greater than base levels of security,
we also have a set of high security recommendations and links
for those interested in system security.
When dealing
with system security the first thing to consider is user education,
because it doesn't matter how tightly you secure your computers
if you or another person gives out the password or runs a
trojan horse/virus sent to them as an email attachment. To
this end, users should do the following:
1 - Whenever
a user leaves their workstation/desktop computer they should
either lock the workstation or log out completely. To lock
the computer, press CTRL+ALT+DELETE and choose "Lock
Workstation" from the ensuing window. To logout users
can again press CTRL+ALT+DELETE and choose "Logout."
The difference between locking the workstation and logging
out is that if a workstation is locked everything that was
running continues to do so, however when you logout all programs
are closed completely.
2 - Never
give out passwords to anyone. If you are ever contacted by
someone claiming to be the system administrator or from tech
support and asking for your password or some other form of
access to your account, don't give out any information. By
nature of their position, system administrators already have
access to your account, and should never require your password.
3 - Remove
Timbuktu, PC Anywhere, etc. from all computers. These programs,
if the password is discovered, enable remote hackers to do
anything remotely that you could do locally. Additionally,
once one of these systems is hacked, they can then, in turn,
be easily used to attack other computers.
4 - Anti-virus
should always be used and updated regularly. Besides the fact
that there are literally thousands of know computer viruses,
there are also deceptive programs called trojan horses that,
if run, could comprimise system security or destroy user files.
As a point of reference most anti-virus companies have found
it necessary to release weekly updates as well as periodic
special patches to cover viruses not included in the most
recent update.
5 - Users
should not open unsolicited email attachments. Even if you
are using an anti-virus program and are updating it regularly,
there is always a period between when a virus is discovered
and when you are protected against it. Because of this continual
lapse in coverage, even those people who regularly update
their anti-virus programs should be careful.
|
For
More Information please see the following documents...
|
|
|
|
|
