From Enterprise IT Services Helpdesk
Why is Security so Important?
Today, a great deal of our everyday lives depends on our computers and the Internet. Securing our computers reduces the risk of identity theft and fraud, keeps software fast and functional, and protects important data from theft or loss. Be mindful of ways you can keep your computer secure, and always remember: "an ounce of prevention is worth a pound of cure."
If your computer becomes infected, it may send viruses, spam e-mail, or mount attacks against other computers or organizations on the Internet, all without your knowledge. This violates the University of Georgia Policies on the Use of Computers. A student may have to face the student judiciary if found to be routinely in violation of these policies.
How to Stay Secure
- Keep your operating system up to date. Many infections result from known operating system vulnerabilities that have not been patched, and most of these are preventable simply by installing the latest updates as soon as they are available.
- Use a modern, secure web browser. Insecure or malicious webpages are very common infection vectors. To protect yourself from web-based vulnerabilities, we recommend the following:
- Install antivirus software. We recommend free antivirus clients, as they will continue to protect you indefinitely. Paid software may stop functioning if you do not renew your subscription.
- Recommended For Windows OS: Microsoft Security Essentials or Malware Bytes
- Recommended For Mac OS: Sophos
- Warning: Avoid installing more than one antivirus program at the same time, as they may cause conflicts and reduce system stability. Uninstall any antivirus program you may have before installing a new one.
- Use a software firewall. Windows Firewall or Mac OSX's built-in firewall application is generally adequate for firewall needs; ensure it is enabled. Otherwise, there are alternative software firewalls available online.
- Use strong passwords. Passwords should be long, complex, and use no dictionary-based words if possible. Use a mix of upper- and lower-case letters, numbers, and special characters. Be aware that some password-cracking applications know to swap letters for numbers or symbols, such as replacing the letter "o" with the number "0," and vice versa.
- Beware of Phishing e-mail scams. If you receive a message that appears to be from the University, but it looks suspicious, do not click any links in the message or respond to it. Contact the EITS Help Desk to see if is a legitimate message if you have not received any phishing advisory messages. Remember the following tips:
- Phishing messages usually appear unusual or slightly "wrong" in some way. Look for poor spelling or grammar, unusual logos, or an unknown "from" address.
- Phishing messages routinely request personal information. This is almost always a sign of a phishing scam; remember, legitimate institutions will NEVER ask you to provide passwords or personal information via e-mail.
- Enable the UGAMail Junk Mail Filter to block many phishing messages.
- Phishing messages also imply a sense of urgency. If the consequences seem dire, it may be a fake notice.
- As always, when in doubt, contact the HelpDesk to confirm whether the message is legitimate or not.
- Back up your data. Not only malware poses a risk to your important documents, pictures, movies, and music. Lightning strikes, mechanical failures, accidents, or other unexpected events can destroy hard drives or corrupt files. Having a solid backup solution is the best way to protect your data.
- Consider buying an external hard drive and copying important information to it once or twice a month, and leave this drive unplugged in a secure storage area.
- There are also online backup services that can protect your data, with the added advantage of being off-site. In the event of a severe weather situation, an off-site backup is the best way to prevent data loss.
- SkyDrive is part of the UGA Mail Service that allows users to store up to 25Gb of data. It may be a good solution for backing up important documents, projects, and presentations.
Handling Malware Infections
Once on a computer, viruses, spyware, and other forms of malware can be very difficult to remove. For this reason, prevention is the best remedy to a malware infestation, though there are still steps you can take to disinfect a computer that has been compromised.
However, modern malware tends to work stealthily and in "chains," meaning that one piece of malware will immediately download more pieces while it is active, usually without showing any signs. Most virus-infected users only notice PC performance or internet connection slowness as the infection worsens. By the time an infection is confirmed, it can be extremely difficult to overcome.
For this reason, if you have been infected with any kind of malware, we strongly recommend you back up your data, reformat your hard drive, and reinstall your operating system. This is the only way to ensure that any virus infection on your computer has been completely neutralized.
Otherwise, antivirus software stands a decent chance at removing most older forms of infectious software. Some kinds of viruses may require dedicated removal tools or special steps to disinfect. In many cases, even the best effort to remove an infection may not be enough. If this is the case, reformatting is the best option, and is usually also the fastest in the long run.
- Trend Micro OfficeScan - The Anti-virus program for computers owned by UGA
- PAWS Secure - Information on connecting to the new, secured, PAWS network.
- UGAMail Junk Mail Filter
- Virtual Private Network