Securing your computer

  • 3 minutes to read
  • Last updated January 25, 2016

This guide provides a list of action steps to take to help keep your technology secure.


UW-Madison’s Electronic Devices Policy requires all campus users to run anti-virus software, keep security patches updated and, whenever possible, maintain a dedicated firewall. You should also follow the best practices below to protect yourself and contribute to a safer computing environment for everyone.

Important: If you are part of a department with its own IT resources, you should check with your department IT administrator before installing software or reconfiguring your work computer. If you are not part of a managed system, you are a student or you access UW resources from a home or other computer, you should take these steps yourself. You can discover cybersecurity and safety best practices and principles here.

Install free antivirus software

Install free antivirus software, such as Symantec Endpoint Protection. It helps protect against and remove existing viruses and malware.

Use a firewall

A firewall is software that runs directly on a computer (i.e. the host) and protects that host against attack from the network by controlling incoming and/or outgoing network traffic. Most operating systems have built-in firewalls, but you need to make sure they are turned on.

Use spyware protection

Spyware is a type of software that is implanted on your computer without your knowledge. It secretly transmits information about your online activity and the data stored on your computer. It may come bundled with “free” software you download (e.g. browser toolbars, games, peer-to-peer applications).

What does spyware do?

Many things. It may collect data about your web browsing habits, change your home or search page, force you to certain websites, alter network settings or perform other actions.

Is it harmful to my computer?

It may be. Spyware may interfere with Internet Explorer or Windows and cause frequent errors or crashes.

How do I detect and get rid of spyware?

Fortunately software exists to help protect consumers from spyware and to repair the damage. Symantec Antivirus, free for UW-Madison for faculty, staff, and students, includes spyware detection and remediation capabilities.

If you have already downloaded and installed Symantec AntiVirus, you simply need to do a scan of your files; you do not need to download additional software. See Symantec Endpoint Protection – Detecting and Removing Spyware for more details.

 

Keep your operating system patched

If the tires on your car were recalled because of a defect, you might still be able to drive on them, but you probably wouldn’t feel safe. The same is true of your computer’s operating system. Hackers rely on the fact that many computer users fail to install software patches on their machines, so they create worms and other malware to take advantage of these vulnerabilities. That’s why it’s important that you keep your operating system and security patches up-to-date. Simply running an anti-virus program is not enough.

How do I keep my computer updated?

It’s easy to configure your computer to automatically seek out security updates so that you don’t have to remember to do it manually. Then, when you get that little message that says “new updates ready to install,” all you have to do is install them.

How to update Windows Security Patches

How to update Mac Security Patches

Protect your NetID and password

Use strong passwords

Passwords are like passports or a blank check; if lost or stolen they give hackers a world of opportunity by providing access to your personal, financial and work data. The campus Password Policy helps you be proactive in selecting a strong passwords and managing them, to protect your identity and University resources. Once you’ve read and understood the password policy, you should change your NetID password and other campus passwords that do not meet the standards.

Note: Many, but not all, campus passwords are used in conjunction with Oracle databases, for which there may be some exceptions to the password guidelines in this document. Those exceptions are noted in parentheses.

Strong password characteristics

  • Are at least eight alphanumeric characters long
  • Contain at least three of the following four categories:
    • upper case characters (e.g., A-Z)
    • lower case characters (e.g., a-z) (Note: Oracle does not distinguish between upper and lower case in passwords.)
    • Digits (e.g., 0-9)
    • Special characters ( e.g., !@#$%^&*()_+|~-=\`{}[]:”;'<>?,./) (Note: Oracle allows only the special character underscore (_) in a password, unless the password is enclosed in quotes.)
  • Are kept private. Passwords should be memorized or, if written down, kept in a locked file cabinet or other secure location.
  • Do not contain a common proper name, login ID, email address, initials, first, middle or last name

Weak password characteristics

  • The password contains less than eight characters
  • The password is a word found in a dictionary (English or foreign) or a word in any language, slang, dialect, jargon, etc.
  • The password is the same as your user name or login name
  • The password is a common usage word such as names of family, pets, friends, computer terms, birthdays or other personal information, or number patterns like aaabbb, dddddd, qwerty, zyxwvuts, 123321, etc.
  • Any of the above spelled backwards
  • Any of the above preceded or followed by a digit (e.g., secret1, 1secret)

A few “don’ts”

  • Never reveal a password over the phone or in person to anyone. Not your boss. Not your family. Not your co-workers. If someone demands a password, refer them to this document.
  • Don’t reveal a password in an email message
  • Don’t talk about a password in front of others
  • Don’t hint at the format of a password (e.g., “my family name”)
  • Don’t reveal a password on questionnaires or security forms
  • Avoid writing passwords down, but if you must, store them in a secure place (e.g., a locked file cabinet)
  • Passwords should never be stored unencrypted on-line
  • Do not use the “Remember Password” feature of applications (e.g., Outlook, Thunderbird, Evolution)
  • Don’t use the default password, if one is provided. Change it immediately to a new, stronger password.
  • Don’t reuse old passwords. NetID passwords cannot be reused within a 12-month period, and passwords cannot be changed to any of the previous three passwords.

.

Install software to secure your wireless connection

Use WiscVPN, free virtual private network software, for secure surfing on open networks. Login with your UW NetID.

Eliminate restricted data

Identity Finder is a tool that searches your computer for restricted data such as social security numbers and bank account numbers which you may have forgotten to remove.

Disable file sharing

What is file sharing?

In general, file sharing is the practice of making files available for other individuals to download. It can be as simple as enabling file sharing on your computer’s operating system so that you can access your home computer files at work. However, the most common and controversial method of file sharing, however, is the use of peer-to-peer (P2P) software. This includes software such as Limewire, Morpheus and BitTorrent.

Why is file sharing illegal?

Not all file sharing is illegal. For instance, the sharing of non-copyrighted material or material with permission of the creator is legal. However, the majority of P2P file sharing involves sharing copyrighted or restricted material such as music, which is illegal.

A copyright grants the creator/owner of the material exclusive rights to the material and its distribution. By distributing this material without permission, the person distributing the material is violating copyright law and is subject to penalties under the law.

For more information see Wikipedia’s article on File Sharing and the Law and Wikipedia’s article on Copyright.

Can I install file sharing peer-to-peer (P2P) software to play music or videos only?

Yes, you can, but why would you? Both Mac and Windows computers come with media players installed (QuickTime, Windows Media Player).

In addition, most P2P software turns file sharing on by default as soon as the software is installed. This means that others may access materials on your computer without your knowledge, whether you have given permission or not. Downloading copyrighted music or movie files without permission is illegal. It is also illegal to share even purchased music or movie files with others, whether you know you have done so or not.

If you install P2P software to play music or video only, be sure to turn the file sharing options off. If you legally own and are playing copyrighted materials, but are sharing them inadvertently, you are still liable for violating copyright law.

How do I turn off P2P file sharing?

Indiana University maintains an article entitled Disabling Peer-to-Peer File Sharing. This article lists the more common P2P file sharing programs along with instructions on how to turn off the file sharing functions in these programs. We also recommend checking the manufacturer’s web site for instructions.

What harm can P2P software do to my computer?

Several commercial P2P file sharing programs install adware and/or spyware on your computer.

In addition to serving up unwanted advertisements, these programs may gather personal data from your computer to send back to the parent company, alter your computer settings, and may interfere with your computer performance.

For more information visit the Help Desk’s Spyware – FAQ article or see Wikipedia’s article onSpyware.

What is the RIAA?

RIAA stands for the Recording Industry Association of America. RIAA is the trade group that represents the US recording industry.

Where can I get more information?

Wikipedia:

University of Wisconsin-Madison:

Other resources:

Regardless of any information you may read and follow in this or any other article, you are ultimately responsible for illegal file sharing and copyright violations that may result from having file sharing of any type enabled on your computer.

Backup your data

Hard drives will fail, files will be corrupted, laptops will be stolen, and data will be mistakenly deleted. While good maintenance may help avoid some of these scenarios, in the end it pays to have a data backup.

Backup refers to making copies of data so that it is available to restore the original data in the event of a data loss. Backups are useful primarily for 1) restoring a computer to an operational state following a disaster (called disaster recovery), and 2) restoring small numbers of files after they have been accidentally deleted or corrupted. As long as new data is being created and changes are being made, backups need to be updated. How frequently and which files are backed up is determined by the user.

Bucky Backup offers an inexpensive and convenient way for individuals, departmental local area networks and campus applications to protect their data and recover it if needed. It provides high-quality, industrial-strength insurance against the loss of irreplaceable data. Bucky Backup provides point-in-time backup so that if an individual deletes or corrupts a file, for instance, the data can be recovered.

UW-Madison also provides 50 gigabytes of free disk space to UW-Madison students, faculty and staff, which can be used to back up important files, using a service called Box.

Prevent unauthorized use and laptop theft

Don’t expose yourself, or your data, to risk. Leaving your computer unattended or neglecting to fully log out at public computers gives others the ability to install a virus, steal information, or impersonate you online.

Unauthorized use

Here are several steps you can take to protect yourself:

1. Require a password when returning from a screen saver.

To do this in Windows:

  1. Right click on a blank part of the Windows Desktop and click Properties.
  2. Click on the Screen Saver tab.
  3. Choose a screen saver that you would like to use.
  4. In the Wait box, type the amount of time that you want to wait before the screen saver activates. Five to 15 minutes is a typical period of time.
  5. Check the box next to “On resume, password protect.”

To require a password to return from a screen saver in a Mac:

  1. Click on the Apple Menu and select System Preferences.
  2. Select Security and place a check next to “Require password to wake this computer from sleep or screen save.”
  3. Click on Show All and click on Desktop & Screen Saver.
  4. Choose a screen saver from the right column.
  5. Set the Start screen saver: slider bar to somewhere between five and 15 minutes.

2. Lock your workstation.

To do this in Windows XP, simply hold down the “Windows” key (located between the Control and Alt keys) and press the letter “L”.

To do this under Mac OS 10.4 or 10.5:

  1. From your Applications folder, open your Utilities folder and then open Keychain Access.
  2. From the Keychain Access menu, select Preferences. Under the General tab, check the box next to Show Status in Menu Bar.
  3. The padlock icon will appear in your menu bar in the upper right corner of your screen. To lock your screen, click this icon, and from the menu that appears, select Lock Screen.

3. Log out and exit, close or quit your browser when you’re done using an application(depending on your platform and browser, the terminology and process is slightly different). Closing the browser typically deletes information needed to continue using current login information, forcing a new login. This is especially important when using shared computers (e.g., campus kiosks, lab machines).

Prevent theft

Laptop thefts on campus continue to increase, with most of the laptops stolen from faculty and staff, not students.

“Staff members leave their office doors wide open, thinking because there are other co-workers around on their floor they must not be at high risk” said Sergeant Kurt Feavel of the UW Police Department. But thieves are opportunistic; they know that computers left unattended in conference rooms, offices and computer labs are ripe for the picking.

1st line of defense

Delete It

If at all possible, don’t keep any restricted data on your laptop. Restricted data includes things like social security numbers, credit card account numbers and other personally identifiable information. You’d be surprised how easy it is to forget that this information is stored on your computer.

Encrypt It

IT Security recommends that you search your computer for restricted data and delete it.  If that’s not possible, then be sure you protect it by encrypting your laptop.

Back It Up

And regardless of what’s stored on your computer, you should always keep a back up of important files in the event your laptop is lost or stolen. Your thesis, research or other work files may be irreplaceable. Be sure to back it up regularly to portable media (e.g., thumb drive, DVD) available at the DoIT Tech Store, store files in UW Madison Enterprise Box, by going touwmadison.box.com and logging in with your NetID and password or use Bucky Backup.

Protect yourself in high risk situations

Lock It Up

Even if you’re stepping away from your office for just a few minutes, lock it up. The DoIT Tech Store has cable locks or you could invest in a global positioning system (GPS). Neither of these is a failsafe, of course.

Change Your Routine

A few small adjustments to your regular routine will keep the odds in your favor that a thief will pass you by and look for an easier target.

Airports

Don’t put your laptop through the security line first. Instead, put it in the middle of your items or last. That way you can keep a better eye on it, and a thief can’t make the excuse that he thought it was his if it’s in the middle of your items.

Coffee Shops, Libraries

Make it difficult for a thief to walk away with your computer. Sit far away from exits, and if you do leave your device unattended, ask two people (not just one) to keep their eyes on it.

Cars, Hotels

Put your laptop in your trunk before you reach your destination so that eager eyes don’t see you put it there as you park. And if you’re staying at a hotel, lock it up and store it away. It’s very easy for someone to dart in and out of your room if the door is left open while hotel staff is cleaning your room.

Differentiate your laptop and devices

If you make your laptop look different from everyone else’s laptop, it will be less likely that someone can use the excuse that they thought it might belong to them. Sometime these things make the laptop more difficult to resell. Many students have been doing this by adding stickers to their cases to personalize them.

Scan your computer

Whether you already know you have a problem or are just looking for that little something extra to bring you peace of mind, a free online scanner may be just the tool you want.

Use a dedicated anti-virus/anti-spyware program such as Symantec AntiVirus, the free campus security software. Dedicated applications include real time protection of your computer’s file system and memory, which can detect potentially malicious files even before they have a chance to run on your computer. Online scanners are run-on-demand programs. They can detect bad software that is already on your computer, but they do not provide any proactive protection.

 

If you already know that your computer is infected, please read this virus and spyware removal guide for assistance in performing cleanup.

Use email and web safely

Don’t click on unsolicited links or attachments in emails, or disclose identity information (e.g., SSN, birthdays, etc.) online, including social networking sites.

If you have questions on any of these steps, contact the DoIT Help Desk or call (608) 264-HELP (4357).