8 Steps to Secure Your Computer

  1. Computers must be managed:
    • Every computer at USU must have an individual assigned to maintain and update the system.
    • System administrators are responsible for keeping their computers updated, patched and protected from all known vulnerabilities.
    • USU IT recommends that system administrator's update their servers weekly and their clients at least monthly. If you are a system administrator and need assistance there are resources available on campus which can help:
    • First, system administrators should subscribe to the Network Manager's mailing list and attend the monthly meetings. For more information on subscribing visit https://sympa.usu.edu/wws/subscribe/network-managers.
    • Second, you can contact the Service Desk for assistance.
    • Third, we have system administrators in USU IT Services who are willing to share their knowledge, especially if it makes their jobs easier.
    • Microsoft provides updates.  Your system may already have a link to updates in the Start menu called Windows Update. You should regularly check with that site.  For the best level of system security all "Important" or "Critical" updates should all be installed at your earliest opportunity.
    • We recommend Microsoft Security Essentials for your anti-virus needs.  Visit windows.microsoft.com/en-US/windows/products/security-essentials or contact the IT ServiceDesk.
  2. Backup your files:
    • It is critical to backup any important files. Files may be backed up to a flash drive, external hard drive, automatic online backup or remote Cloud backup service.
  3. Don't enable file sharing:
    • To check if you have enabled file sharing go to the Control Panel and click on Network (Network Connections >> Local Area Connection), then click on the File and Print sharing button. Make sure no boxes are checked to provide access to others.
    • If you MUST enable file sharing, think about using a professionally configured server. If that is not possible and you need to share files on your own machine with others in your workgroup, do so securely. Don't share the entire C: drive. Create a single folder where you place files you want shared and share only that folder. Establish a good password for access, and don't share that password with anyone who doesn't need it.
  4. Don't share files:
    • Even the best antivirus software cannot catch all viruses. Accepting files from others, as attachments, downloading them from web pages, or accessing a file over a network from Network Neighborhood all present risks. If you do not know and trust the source of the file, you should not download or open it.  Be an Internet Skeptic!
  5. Limit access to your system by others:
    • Keep physical control of your machine. If someone can get physical access they can alter your files.
  6. Use secure passwords:
    • Passwords should be memorable, but not something that would be easily guessed by someone who knows you, such as birthdates, child's name, pet's name, etc. A password should be a minimum of 8 characters long and should contain both letters and numbers. For best security, change passwords on a regular basis.
    • Passwords should be protected.  If you must write them down, keep them in a safe place - like right next to your credit cards.  Never leave them on sticky notes on your monitor or under your keyboard.
    • Don't allow your browser to automatically remember your password.
  7. Don't open unexpected email attachments:
    • Don't open email attachments that you are not expecting even if you have an anti-virus program running on you system. Attachments sent by friends, relatives, co-workers or colleagues may also contain viruses or worms. Once the attachment is opened (if it contains malware) it may infect your computer and spread the virus or worm even further. Once again, if you are not expecting the attachment don't open it.
    • If you download an attachment without opening it, you can submit the file to virustotal.com for evaluation by about four dozen antivirus programs.
  8. Working towards better security:
    • Various programs, (especially web browsers) can be configured to save password information. While doing that does not present a risk to your computer, it does mean anyone with access to that machine now has access to your other accounts.
    • If a machine or hard drive is replaced, be sure to "wipe" the hard drive clean before giving or selling it to someone else.
    • When a machine is surplussed, be sure to de-register it in USU's IPAM so that you don't get blamed for what the new user does with the computer.
    • At regular intervals computers should be rebuilt to clean out any problem that might have been missed.