Bloustein Home Page its home
its
Overview
Online Helpdesk System
Remote Control Download
Contact ITS Staff
Facilities
Newsletters

Email Account Support
Security
Security Alerts
SPAM
Buying Hardware/Software
Websites and Visual Identity

Labs at Bloustein
Printing
Sakai
Wireless
RefWorks
ePortfolios
Computing Policies
University Resources

Instructional Technology
Sakai
Clickers
Recording Lectures
Workshops & Manuals
Equipment Requests
Webpage Updates
Classrooms
University Resources

 

ITS HOME

 

Rutgers Home

Search Rutgers

Bloustein Home

Search Bloustein
Common Concerns
Security

Security Related Recommendations

 

The security and safety of your computer system is a joint effort between the technical support departments at Rutgers University and yourself.  It is important to understand what you should do on an ongoing basis to ensure that your system remains safe.  The following recommendations will help you keep your system running safely and securely and will also facilitate the recreation of your system should this become necessary either due to system failure or compromise:

 

  1. Back up your important data regularly. You should keep important data on your network drive (U Drive) to ensure that it is backed up regularly. If you are keeping data on a portable device, or on your home computer, that information should be backed up regularly (at least once a week). If you need advice or guidance on backing up important data, please let us know.

  2. Protect your system with anti virus software.  All systems configured by the Information Technology Services Office at the Bloustein School have the site licensed Trend Micro Anti Virus program installed. You should ensure that you have updated anti virus software on your personal computers as well and the same license used at Rutgers can be used by faculty, staff, and students on their home systems. You can find more information about the Trend Micro Anti Virus prgram here. 

  3. If you use Microsoft Windows Turn on Automatic Updates. You can ensure that windows update is automatically set by going to the MS update web site and by viewing the right hand portion of the screen. If you do not have automatic updates turn on, you will see a button to turn on automatic updates.

  4. Be careful about opening attachments, clicking on links in SPAM messages, phishing attempts, and browsing unfamiliar sites.  Many of the problems that users encounter are caused by virus infections or spyware/malware infestations.  These problems are normally the result of opening up infected attachments in emails or using links embedded in SPAM messages. 

    Attachments: You should only open attachments that you are expecting.  If you have received an attachment from someone that you know and you are not expecting that attachment, you should check with that person prior to opening the attachment. 

    SPAM: If you receive SPAM messages, you should never use any of the links in those messages and be extra cautious about links that appear to provide you with the ability to stop receiving such messages. 

    Phishing Attempts: This is a form of SPAM where a fraudulent email is sent to users with the intent of gaining confidential information used for identity theft.  These emails are crafted to look like valid messages from well known companies.  In these messages there is a link to a web site that will look authentic.  However when a user visits the site, they are actually visiting a fake site and any information that is submitted is then used for unscrupulous purposes.  In many of these cases the messages appear to be from banks or other financial institutions. The key thing to remember is that companies will never send an email to you asking to confirm personal information.  If you ever receive such an email, you should delete it and if you have any concerns about its authenticity, you can contact the company directly.    If you would like some more information about phishing, here are some good links:

    Malicious Web Sites: Your computer can become infected with a virus or with spyware/malware is by visiting a malicious web site.  It is much more difficult to prevent problems caused by these sites, as users can just stumble upon them.  However you can protect yourself by keeping your computer current with the latest security updates. In addition, some browsers have fewer problems than others when it comes to this type of compromise. We recommend using Mozilla Firefox as your primary browser.       

  5. Use good password practices. Keep your passwords private and ensure that they are not common words or names, but rather include a combination of letters, numbers, and punctuation.  A good recommendation is to use password phrases instead of passwords and in the phrases use both numbers and punctuation.  For example, the phrase In1972Iwasborn! is a strong password.  You should also choose passwords that you can remember easily and you should change your passwords regularly (at least 3-4 times a year).  You should also be very careful as to where you document your passwords. If you want to test a password for strength, you can use this site.  

  6. Maintain the physical security of your system. Physical security can include such measures as locking down the system with a security cable, setting a bios password that is required to start the system, and by setting screen saver passwords for instances when you may walk away from your system. You can further protect yourself by shutting down your computer when it is not being used.

  7. Run spyware checking software regularly.  Spyware and malware are major problems for most computer users.  These programs can infringe on Internet privacy, slow down your system, and in some cases make you vulnerable to data theft.  Some of the more benign forms of spyware merely track your Internet activity; however other forms of spyware can be much more serious and can run programs so that your computer can be used for unscrupulous purposes.  You can protect your system from spyware by keeping your anti virus program up to date, ensuring that MS Windows is set to automatically update, and by running periodic scans on your system using spyware removal software.  One key item to note is that in some cases spyware pop-ups masquerade as spyware removal program offerings in an effort to trick you into installing the actual spyware!  We recommend the following three programs that you can download and use on your personal computers:

      

  8. Do not run peer-to-peer file sharing programs on your system. These programs can provide conduits for hackers to access your system.  If you do need to use one of these programs, you should configure it so that it will not share your files. You can find instructions on how to do this for the majority of peer to peer programs on this site.

  9. Install a Firewall. There are two types of firewalls; hardware based and software based.  An example of a hardware based firewall would be a router at your home that you are using to distribute Internet access or provide wireless access.  A software based firewall is a program that is installed on your computer.  We highly recommend that you have both.  Hardware based firewalls are essential if you will be using broadband from a security perspective and software based firewalls help protect you from certain worms or malware that can get past a hardware firewall. 

    If you are using your computer at home and it is connected to the Internet directly via cable or DSL, you should purchase a firewall/router device.  We also recommend using a software-based firewall. Although Microsoft Windows XP does include a firewall program, we recommend using a free version of Zone Alarm. This program will not only protect you from hackers, but it will also block certain types of spyware, as it notifies you if a new application tries to access the Internet.



  10. Transfer Data Securely and Use Encryption: Data can be transmitted securely over the Internet if you use services that provide security. For example, in order to connect to your RCI or Eden account via an email program like Outlook or Outlook Express, you are required to use a secure service. Another example of a secure service would be when you go to a web site that requires that you enter sensitive information. These sites should all be listed as https as opposed to a standard http page. Encryption keeps your data safe when it is at rest. If you use a portable device for data storage and you have sensitive information on that device, it should be encrypted. After encrypting the data, a password would be required to access it. A very good free encryption program can be found here.

In addition to the above measures, additional security documentation has been created by RUCS and we recommend that you review this material. You can find this documentation here. There is also some detailed documentation designed for home users on the CERT web site and you can find this information here.