By following the practices suggested below, you can improve the overall security of your computer system. These recommendations apply both to individual users and to personnel responsible for managing groups of computers. Consult the Technology Service Desk if you need assistance with following any of the suggestions. It is also recommended that you review the suggestions from the U.S. Computer Emergency Readiness Team.
Set good passwords
Make sure all accounts on your computer, including the computer administrator's account, have strong passwords. Follow the UCOP password policy. Change your password immediately if you suspect someone else may have guessed it.
Keep your software up-to-date
New versions of software are released on a regular basis to counter threats; without the current software, your computer is likely to be infected or compromised. Your operating system and Web browser are the two components most frequently attacked, and therefore it is most important to keep them up-to-date. A good way for Windows users to stay current is to allow your operating system to be updated automatically using Windows
Update.
Run anti-virus software
Set antivirus software to automatically check for updates at least once a week. When informed that a new virus has been detected, update your virus definition files immediately by clicking on your Symantec Norton Antivirus icon and running Live Update.
Be careful opening e-mail attachments
Many viruses are transmitted through e-mail, often as attachments. Never open an attachment unless you are sure who sent it and what it contains. Always use your antivirus software to scan attachments for viruses before opening them by clicking on your Symantec Norton Antivirus icon and selecting Scan.
Control access to your machine
Never set up your system for anonymous or guest access. Make sure your system is configured to require a unique userid and password for any kind of access.
Routinely back up files on your system
Backing up your system not only allows you to recover files and data if your hard drive or computer fails, but also ensures that you can determine what data was stored on your system, should it be stolen or accessed without authorization. Because California law requires that individuals be notified if their personal information is stolen or inadvertently made available, it is especially important to be able to verify the existence of such information on a computer.
Turn your computer off when you leave for the day
Your computer cannot be infected or invaded when it is not connected to the network. Turn it off when you are done for the day. This is particularly important if you will be away from your system longer than a few days. If you haven't turned on your computer in a few days, be sure to check for updates for software and antivirus files (see steps 2 and 3 above) before you do anything else.
Install screen-saver passwords on your system
In addition to logging into your Windows system with your system userid and password, you should utilize a screen saver and enable its password feature. That way, if you leave your computer without turning it off, the screen saver will activate (after a pre-determined period of time) and you'll need to enter a password to resume your Windows session.
Clean your hard drive before disposing of it
Before disposing of your current computer, make sure to remove all sensitive and confidential data from the hard drive. While deleting unwanted files using a delete or erase command might appear to remove files and data, in fact, the DOS and Windows delete commands simply remove pointers to the data but leave the actual data and files available for recovery. To make sure that data and files are not recoverable from a computer's hard drive, it is important to over-write the space these files and data occupied with other, seemingly random, input. A number of utilities for doing this are available as freeware or shareware.
Take extra precautions with your laptop or other portable devices
By design, laptop computers (and other portable computing devices, PDAs, for example) are carried from place to place and thus are exposed to risks less prevalent in stationary environments where desktops are protected by firewalls, automated scheduled virus scanners, and automated critical updates and patch installations. To protect the UCOP network and the devices connected to it, all laptops must be updated with the latest Microsoft critical updates and patches and scanned using the latest virus definition files before they are brought into a UCOP facility and connected to the UCOP network. Also, invest in a laptop or PDA lockdown cable to deter easy theft of your portable device, and lock your office (where applicable) when you leave it.
