Best Practices

Protecting your Home Computer and your Privacy

 The following guidelines are designed to help you protect your home computer, personal information, and privacy.  Today’s high-speed and “always connected” (e.g., cable or DSL modem) home workstations are quite vulnerable to Internet attacks. In addition to the value of personal information stored on them, or accessible from them, home computers can provide links into other systems if they’re not properly secured and managed.   Consider the following:

  1. Keep your software programs and operating system regularly updated.  Vendors provide web sites where you can go and download software updates and install them. The older your software is, the more likely security vulnerabilities have been found and exploited by hackers.

  2. Install and RUN an anti-virus software program.  University faculty/staff and students are covered to install the site-licensed anti-virus software on their home machines.  See http://helpdesk.its.uiowa.edu/software/signin.htm for details.  Configure it for regular, automatic virus pattern updates, and make sure it actively scans all incoming objects for virus infections.

  3. If you need to enable file and print sharing, allow access only to authorized users. Review these options in the network settings in your control panel. If your computer is “always-on”, disable file and print sharing. 

  4. NEVER give your password, account numbers, or other sensitive personal information (name, address, phone), or your Internet Address or machine name, out in an e-mail message, newsgroup posting, or in a chat session.  Your information can easily be intercepted, forwarded, or redirected without your knowledge, and you really have no way of knowing who is listening in a chat room or reading newsgroup postings.

  5. NEVER give away sensitive or private personal information on a web page until you trust the company hosting it. Build trust by reviewing the company’s privacy and security policies on their web site, and by insisting on a secure connection (look for the closed lock or a key in the lower corner of your browser window).  Know what their policies are regarding reuse, sharing or selling your personal information.

  6. Ensure that you have adequate backups of your files. Copy them to a CD, a tape, a floppy, or to a zip drive backup, and store them in a secure location. Pay particular attention to making backups of your personal data files and custom configuration files on a regular basis.

  7. Never execute a program (e.g., an ".exe" file) if you do not know what it is/does, or if you do not trust the source. This is particularly the case for file attachments that are sent to you via e-mail, or are downloaded from a web site that you do not trust.

  8. Turn off all network services (programs) that you do not need or intend to use. Familiarize yourself with the services you have configured in the control panel.

  9. Investigate your workstation configuration & disk drives on a regular basis, to look for suspicious files, programs, or drastic changes in free space on disk. Organize your files and directory structure, so you can recognize changes in your files and directories.

  10. Consider employing a file encryption program if the information stored on your workstation is highly confidential (e.g., tax files, brokerage or mutual fund accounts/files, bank files, credit card accounts). Other options are to keep sensitive files in a nondescript or hidden location, or on a portable storage device (e.g, a floppy, CD, tape or zip disk).

  11. Consider clearing your web browser’s cache storage file after visiting web sites where you entered sensitive information, such as a credit card number, or a bank or brokerage account and password, as this information is often stored in your browser too. (Do you select “remember this password” for ease of use in your browser?)  If your machine is broken into, account information in your cache files could be used for fraudulent activity or identity theft.

  12. Consider turning on the personal firewall on your home workstation. Most operating systems come with one. A firewall is software that can be configured to let you access the Internet (out) while blocking Internet access to your workstation (in). Below is an additional selection of companies that sell personal firewall packages, if you are interested please research their prodcut options on their respective sites.  (Note: The University of Iowa has no business relationship and makes no endorsement of any product listed.  Additional products/sources will be added as they are identified to the page owner.)  

    13. ·        Proventia Desktop Endpoint Security: http://www.iss.net/products/Proventia_Desktop/index.html

    ·        Kerio Personal Firewall: http://www.kerio.com/us/kpf_home.html 

    ·        McAfee Personal Firewall: http://us.mcafee.com/ 

    ·        Norton Personal Firewall: http://www.symantec.com/sabu/nis/npf 

    ·        Tiny Personal Firewall: http://www.tinysoftware.com/pwall.php

    ·        ZoneAlarm: http://www.zonelabs.com/ 

    ·        Astaro Linux Firewall: http://www.astaro.com/download/

     
  13. Protect against power surges with a surge protector, and against power loss with a UPS (uninterruptible power supply). 

For more information, Microsoft has developed an Internet privacy and security web site with FAQ’s and a security checklist for home computer users at http://www.microsoft.com/privacy/safeinternet/ and a web site designed especially for parents and children at http://www.microsoft.com/protect/default.mspx.

Copyright © 2005 The University of Iowa. All rights reserved.