The Internet gives you access to countless products and services. At the same time, it can leave you
open to scammers, hackers, and identity thieves. This document details how you can secure your
computer, accounts, and the data stored on them.
- Use security software
- Practice the principle of least privilege (PoLP)
- Maintain current software and updates
- Frequently back up important documents and files
- Never share passwords or passphrases
- Do not click random links
- Beware of email and attachments from unknown people
- Do not download unfamiliar software off the Internet
- Do not propagate virus hoaxes or chain mail
- Log out of or lock your computer
- Shut down lab/test computers
- Remove unnecessary programs or services
- Treat sensitive data very carefully
- Remove data securely
Top four things you can do to protect your computer
Use security software
The most important thing you can do to keep your computer safe is to install and maintain security software.
The bad guys constantly develop new ways to attack your computer, so your security software must be up-to-date to protect against the latest threats. Most security software can update automatically; set yours to do so. You can find free security software from well-known companies. Also, set your operating system and web browser to update automatically.
If you let your operating system, web browser, or security software get out-of-date, criminals could sneak their bad programs – malware – onto your computer and use it to secretly break into other computers, send spam, or spy on your online activities. There are steps you can take to detect and get rid of malware.
Don’t buy security software in response to unexpected pop-up messages or emails, especially messages that claim to have scanned your computer and found malware. Scammers send messages like these to try to get you to buy worthless software, or worse, to “break and enter” your computer.
Practice the principle of Least Privilege (PoLP)
Practice the principle of least privilege. Do not log into a computer with administrator rights unless you must do so to perform specific tasks. Running your computer as an administrator (or as a Power User in Windows) leaves your computer vulnerable to security risks and exploits. Simply visiting an unfamiliar Internet site with these high-privilege accounts can cause extreme damage to your computer, such as reformatting your hard drive, deleting all your files, and creating a new user account with administrative access. When you do need to perform tasks as an administrator, always follow secure procedures and use a less privileged account whenever possible.
Maintain current software and updates
Use a secure, supported operating system; Keep your software updated by applying the latest service packs and security patches.
The best way to maintain third-party software is to install software such as the Secunia Personal Software Inspector (PSI). This will alert you when your current software applications are out of date or require a security update. Get it FREE here.
Frequently back up important documents and files
Back up your data frequently. This protects your data in the event of an operating system crash, hardware failure, or virus attack. It best to save files in multiple places using two different forms of media such as external hard disk drive or cloud backup.
Avoid threats to your computer
Never share passwords or passphrases: Pick strong passwords and/or passphrases, and keep them private. Never share your passwords or passphrases, even with your boss, friends, family, the GPC Service Desk nor GPC computer support personnel.
Do not click random links: Do not click any link that you can’t verify. To avoid viruses’ spread via email or instant messaging (IM), think before you click; if you receive a message out of the blue, with nothing more than a link and/or general text, do not click it. If you doubt its validity, ask for more information from the sender.
For more, see: HEOA Information Page
Do not propagate virus hoaxes or chain mail: Never knowingly forward emails containing viruses, or hoaxes that are proliferating around the Internet, whether for fun or otherwise.
A typical chain letter consists of a message that attempts to convince the recipient to pass them on to as many recipients as possible.
Common methods used in chain letters include emotionally manipulative stories, getrich-quick schemes, and the exploitation of superstition to threaten the recipient with bad luck or even physical violence or death if he or she “breaks the chain” and refuses to adhere to the conditions set out in the letter.
Log out of or lock your computer when stepping away, even for a moment: Forgetting to log out poses a security risk with any computer that is accessible to other people (including computers in public facilities, offices, and shared housing), because it leaves your account open to abuse. Someone could sit down at that computer and continue working from your account, doing damage to your files, retrieving personal information, or using your account to perform malicious actions. To avoid misuse by others, remember to log out of or lock your computer whenever you leave it!
Shut down laboratory or test computers after you are finished with them: For computers in the various campus technology computer labs, logging out is sufficient to protect the security of your accounts and data. With other computers, however, it is usually necessary to shut them down after you have finished to prevent unauthorized access. Shutting down a computer prevents others from hacking it remotely, among other risks.
Remove unnecessary programs or services from your computer: Uninstall any software and services you do not need.
Treat sensitive data very carefully: For example, when creating files, avoid keying the files to Social Security numbers, and don’t gather any more information on people than is absolutely necessary.
At GPC, sensitive information should be handled (i.e., collected, manipulated, stored, or shared) according to legal and college requirements related to the specific use involved, as well as data and security policies of the college.
Remove data securely: Remove files or data you no longer need to prevent unauthorized access to them. Merely deleting sensitive material is not sufficient, as it does not actually remove the data from your system.
What Do Firewalls Do?
Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary Internet traffic. Firewalls can be configured to block data from certain locations while allowing the relevant and necessary data through (see Understanding Denial-of-Service Attacks and Understanding Hidden Threats: Rootkits and Botnets for more information). They are especially important for users who rely on “always on” connections such as cable or DSL modems. Click here for more info on Firewalls.
Understanding your Computer: Operating Systems
An operating system (OS) is the main program on a computer. It performs a variety of functions, including determining what types of software you can install.
The OS also determines how you see information and perform tasks. Most operating systems use a graphical user interface (GUI), which presents information through pictures (icons, buttons, dialog boxes, etc.) as well as words. Click here for more info on computer Operating Systems.