Safeguard Your Data
Click here to download this page as a printable PDF document.
Networks have the potential to be hostile environments. Prior to connecting your computer to ANY network – including the resident network – you should make sure you take the following fundamental precautions. These instructions are primarily geared toward Windows XP users, but there is plenty of applicable info for all users, regardless of operating system.
Install antivirus software BEFORE connecting to the network. See the Downloads page of the Student Support Desk website for links and installation instructions for free antivirus software.
If you’ve never changed your Windows XP Administrator password (it is originally blank!), then change it - BEFORE connecting to the network.
If, when you follow these instructions to set the password, you get an error message like “access denied” it means you’re logged into the PC with a non-privileged account. Simply logout (Start->Log Off (username)) and log back in as Administrator using a blank password.
To change the Windows XP Administrator account password if you’re logged in as an administrator:
- Hit the Ctrl, Alt and Delete keys simultaneously.
- Click Change Password.
- Type Administrator into the user box.
- Select Log On.
- Leave the old password blank.
- Type in a new password twice. Do not forget the password. Use the guidelines on the Computer Security page of the Student Help Desk website to make a secure password.
- Click Ok.
Install critical security updates and configure Windows XP to automatically update itself during a time at which you will not be using your machine but it will still be turned on and running:
- Connect your PC to the network.
- Go to http://windowsupdate.microsoft.com.
- Click Recommended.
- If your PC is not up to date, click Review and Install Updates.
- Click Install.
Sometimes critical updates need to be installed separate from other updates. Windows Update will tell you if it needs to do so. Repeat steps 2-5 until Windows Update tells you there are no more critical updates. Now configure automatic Windows updating:
- Right-click My Computer.
- Select Properties.
- Click the Automatic Updates tab.
- Check Keep My Computer Up To Date.
- Select Automatically download the updates, and install them on the schedule that I specify.
- Make your schedule Every Day at a time when your computer will be turned on.
Your computer should now be configured to automatically download patches from Microsoft.
Most computer security problems are self-inflicted. It is very easy to install and run new programs; so easy, in fact, that we often run or install new programs without knowing it! When you install programs, you give those programs access to your computer. Untrusted programs can do all sorts of bad things to your computer.
Among the many sources of untrusted programs:
- Email attachments.
- Programs installed behind your back (Ex. Kazaa installs lots of spyware).
- Instant Messaging (IM/IRC) links and file transfers.
- Files downloaded with P2P clients like Kazaa.
- Shared Network Folders.
- Web sites.
Among the many types of untrusted programs:
- Viruses.
- Spyware (reports browsing activity to others, creates popups, etc).
- Remote Control (gives others control of your computer).
- Keyloggers (sends others everything you type: passwords, credit cards, etc).
- Dialers (dials expensive long distance services).
- SPAM engines (sends SPAM to others for spammers).
The easiest way to avoid untrusted programs is to believe that your computer was shipped with every program you’ll ever need. Think thrice before installing programs. Ask yourself if you really need the program.
Other ways to avoid untrusted programs:
- Only install programs you paid for. To make money, “free” programs often sell your personal info.
- Surf reputable sites. Porn, gambling, and hacker sites often install programs behind your back.
- Read EULAs (end user license agreements) when installing programs. You might be surprised that you’ve agreed to be spied upon.
- Only open email attachments that you are expecting. Untrusted programs often “appear” to be attachments from people you know when they are actually forged email messages.
- Similarly, only click links and accept IM files after discussing them with the sender.
- When surfing, avoid “helper” programs that are needed to view a web page.
It is impossible to provide absolute security for our computers just as it is impossible to provide absolute security for ourselves or our possessions in the physical world. Insecurity is a fact of life. Accordingly, we must temper our actions with awareness and take some precautions:
- Use strong passwords/passphrases (include letters, numbers, punctuation).
- Never, under any circumstances, tell anyone any of your passwords.
- If you provide your password to a Technology Services team member for troubleshooting assistance, please change your password once the troubleshooting process is complete.
- No one other than you EVER needs to know your passwords.
- It is against college policy to divulge your passwords.
- Everyone who is authorized to use college resources has their own password.
- You must never let anyone use your account.
- It is against college policy to let someone use your account.
- Regularly backup critical or hard to replace data.
- Keep your computer behind a locked door when not in use.
- Lock your computer screen with CTRL-ALT-DEL if you leave it.
- Pay attention to Network Services email alerts.
- Be wary of messages seeking to verify personal information like credit card numbers and PayPal passwords.
- Think thrice before providing any personal information on the Internet.
- Never type your password into an untrusted computer or Web site.
- Do not ignore warning messages–but be wary of fake ones.
