Best Practices

Protecting your ResNet Computer and your Privacy

 The following guidelines are designed to help you protect your ResNet computer, your personal information, and your privacy.  High-speed and “always connected” workstations are quite vulnerable to Internet attacks.  In addition to the value of personal information stored on them, dorm computers can provide links into other systems if they’re not properly secured and managed.   Consider the following:

  1. Keep your software programs and operating system regularly updated.  Vendors provide web sites where you can go and download software updates and install them. The older your software is, the more likely security vulnerabilities have been found and exploited by hackers. (Examples are www.windowsupdate.com, www.info.apple.comwww.redhat.com)
  2. Install and RUN an anti-virus software program.  The University has purchased anti-virus software for all students. Get it for free from the ITS Help Desk software download site. See http://helpdesk.its.uiowa.edu/virus/ for details.  Configure the program for regular, automatic virus pattern updates, and make sure it actively scans all incoming objects for virus infections.
  3. If you need to enable file and print sharing, allow access only to authorized users. Review sharing options in the network settings of the control panel.  If your computer is “always-on”, disable file and print sharing.  Check the options you have set in file-sharing programs like Morpheus, KaZaA, and Gnutella.  See http://cio.uiowa.edu/ITsecurity/bestprac/bp-faq-mp3.shtml and  http://security.uchicago.edu/peer-to-peer/no_fileshare.shtml  for details.
  4. NEVER give out your password, account numbers, or other sensitive personal information (name, address, phone), in an e-mail message, newsgroup posting, or in a chat or instant message session.  Your information can easily be intercepted, forwarded, or redirected without your knowledge, and you really have no way of knowing who is listening in on your electronic conversations.
  5. NEVER enter sensitive or private personal information on a web page until you trust the company hosting it.  Build trust by reviewing the company’s privacy and security policies on their web site, and by insisting on a secure connection (look for the closed lock or a key in the lower corner of your browser window).  Know what the companies' policies are regarding reuse, sharing or selling your personal information.
  6. Ensure that you have adequate backups of your files. Copy them to a CD, a tape, a floppy, or to a zip drive backup, and store them in a secure location. Pay particular attention to making backups of your personal data files and custom configuration files on a regular basis. 
  7. Never execute a program or attachment if you do not know what it does, or if you do not know and trust the source. This is particularly the case for file attachments that are sent to you via e-mail, or are downloaded from a web site that you do not trust.  Be careful about following links sent to you in commercial e-mail messages, as they could point to Java programs containing viruses. 
  8. Turn off all network services (programs) that you do not need or intend to use. Familiarize yourself with the services you have configured for your machine in the control panel.  Do you have a web server or a file transfer server running that you don’t know about?
  9. Keep your confidential files in a nondescript or hidden location, or on a portable storage device (e.g, a floppy, CD, tape or zip disk).  Make sure that folder location is not shared.
  10. Consider clearing your web browser’s cache storage file after visiting web sites where you entered sensitive information, such as a credit card number, or an account and password, as this information is often stored in your browser too. (Never select “remember this password” for ease of use in your browser!)  If your machine is broken into, account information in your cache files could be used for fraudulent activity or identity theft.

  11. Consider installing personal firewall software on your dorm workstation.  A firewall is software that can be configured to let you access the Internet (out) while blocking Internet access to your workstation (in). A selection of personal firewall packages is listed below:

v     BlackICE PC Protection http://www.iss.net ($39.95)

v     Kerio Personal Firewall http://www.kerio.com/us/kpf_home.html  ($45.00, regular version is free)

v     McAfee Personal Firewall Plus http://www.mcafee.com/  ($39.95)

v     Norton Personal Firewall http://www.symantec.com/  ($49.95)

v     Sygate Personal Firewall http://www.sygate.com/  (Pro version $47.95, regular version is free)

v     Tiny Personal Firewall at http://www.tinysoftware.com/ ($49.00)

v     ZoneAlarm at http://www.zonelabs.com/  (Pro version $49.95, regular version is free)

v     Astaro Linux Firewall at https://my.astaro.com/download/ (Free for personal use)

More information, including instructions for secure configuration of workstations, can be found in the “Best Practices” and “Resources” sections of the Information Technology Security Web Site: http://cio.uiowa.edu/itsecurity

Copyright © 2005 The University of Iowa. All rights reserved.