IT Security Office at The University of Iowa

Best Practices

For Protecting Workstations from Computer Viruses

Viruses and worms are part of today's computing environment, as much as we wish it were otherwise. As virus authors become increasingly clever, we must become more vigilant to protect our computer workstation assets. Below are some standard procedures and practices for protection against viruses.

1. Back up your critical files on a regular basis. Many of the new computer viruses and worms are very damaging. Some of them can completely wipe out your hard drive, or make it unusable!

2. Keep your workstation anti-virus software updated. Vendors offer automatic daily updates of their virus definition files!  Do not become complacent, however. Viruses today can strike and spread very quickly - before the vendors can write a fix for it.

3. Make sure your anti-virus software is properly configured to scan for viruses. Guidelines are available from the ITS Help Desk Virus Resource web site.

4. If possible, disable the Windows Scripting Host (WSH) program on your computer, and/or the active scripting in Internet Explorer, and/or the auto DCC reception in Internet Relay Chat client programs. (Note: These programs/options may be required for some software, but you should find out if it's needed, and shut it/them off if they're not.)

5. ALWAYS exercise caution when opening attachments that arrive in e-mail, even if you know the sender. Verify with the sender (source) before opening attachments that you are not expecting. Make sure the attachment is properly described and referenced in the text of the message.

6. Exercise caution in following (clicking on) links sent to you in spam (bulk advertising) messages.  If the link executes a virus-infected program on your computer, yours will be infected too.  

7. Disable the automatic execution of code embedded in documents, if you have software with that feature. (Examples: MS Office, Lotus Notes)

8. Disable the auto-open or preview pane of messages in your e-mail client.

9. Don't be fooled by social engineering! Viruses distributed by e-mail are arriving packaged in a way that you are sorely tempted to look at them. (Examples: an "invoice" for merchandise, a "love letter", a software "bug fix", or message from "support" about your account or your password)

10. Be aware that companies DO NOT EVER send email messages with an attached software update, and they will NEVER send you an email asking you to send or verify your password or account number. 

11. Report suspicious activity to the ITS Help Desk (4-4357) or Security Office (5-6332), but don't over-react. There are many virus hoaxes out on the Internet, and messages asking you to forward the warning should be distrusted. Vendors DO NOT EVER ask customers to forward messages.

UI Home | UI A-Z Search | UI Phonebook/Email | Contact Us

Copyright © The University of Iowa. All rights reserved.