|
Previous |
Next
The bulleted
steps listed on this page are the basic issues with which
everyone should be aware.
- Understand the R.U.N.S.A.F.E. material. (Click on each
letter above).
- Run anti-virus software and update it weekly.
- Treat email attachments and other unknown code with
caution.
- Use the Windows Update Site on every new installation
and monthly thereafter.
- Choose a strong password and keep it confidential.
- Take proper precautions when using Microsoft File
Sharing.
- Turn off all Unix services, install patches, then turn
on only needed services. Check for patches monthly (for
those running a Unix system).
- Visit the Hot Topics! page monthly. (Coming soon).
R.U.N.S.A.F.E. workshops are being developed that
describe the incidents we've seen at the University of Idaho,
the threats we're exposed to, and teach the defensive concepts
and procedures described here. Onsite workshops may also be
available to groups. (Contact
Huba Leidenfrost for more information.)
Did you know that with one wrong mouse click you could
make it possible for someone to read all your email or instant
messages? That they could also:
- View your grades or change your course schedule?
- Read or change anything on your computer?
- Read or change anything accessed from your computer?
- Turn on your computer's microphone to listen in on
conversations?
- Use your computer for a computer crime for which you may
be blamed?
Did you know a newly installed computer is likely vulnerable
to the same type of compromise just by being connected to the
network?
Did you know our computers are scanned constantly from around
the world by people looking for computers whose operators have
made such mistakes? And that your computer security is partially
dependant upon your neighbor's safe computer operating
practices?
The Internet, paired with today's software, provides us
astonishing capabilities for sharing and communication. However,
these same capabilities also provide access and computer power
to over 300 million people...some of whom may not share our
behavioral expectations. The threats associated with these
folks' behavior are very different from criminal threats in the
physical world.
Using the same functionality we treasure, they can
communicate with our computers almost instantaneously, almost
anonymously, and en masse from around the world.
While the risks associated with these threats can be
decreased by limiting communications, limiting computer
functionality, and/or increasing the complexity and procedures
involved with our computing environment, they can't be
eliminated because security is never absolute. Moreover,
the more we wish to maintain our current freedom in
communications and computing, the more necessary it is that we
individually take steps to protect ourselves and reduce the need
for outside controls and limitations.
The only person ultimately in control of any computer is
the operator in front of the keyboard. That person presently
has the freedom to run any software they choose and communicate
with anyone around the world. As long as we want to continue to
have these open computing and communications choices, each of us
must do his or her part to help ensure the integrity of our
network by operating our computers safely.
Our computers can do almost anything we tell them to do.
Unfortunately, that makes them very complicated. A certain
amount of awareness and skill is necessary to run such a
complicated device safely on a world wide network. This material
attempts to provide you useful knowledge in this area.
Prevous | Next
RUNSAFE is a security awareness program
developed by the Security Engineering group at
James Madison University. Permission
granted to use by Gary Flynn. |
