Bloustein Home Page its home
its
Common Concerns
Security

Security Related Recommendations

 

The security and safety of your computer system is a joint effort between the technical support departments at Rutgers University and yourself.  It is important to understand what you should do on an ongoing basis to ensure that your system remains safe.  The following recommendations will help you keep your systems at work and at home running safely and securely and will also facilitate the recreation of your system should this become necessary either due to system failure or compromise:

 

  1. Back up your important data regularly. You should keep important data on your networked drive (U Drive) to ensure that it is backed up regularly. If you are keeping data on a portable device, or on your home computer, that information should be backed up regularly (at least once a week). If that data is any way sensitive, it should be encrypted. If you need advice or guidance on encrypting or backing up important data, please let us know.

  2. Protect your system with anti virus software.  All systems configured by the Information Technology Services Office at the Bloustein School have the site licensed Symantec EndPoint Protection Anti Virus program installed. You should ensure that you have updated anti virus software on your personal computers as well and the same license used at Rutgers can be used by faculty, staff, and students on their home systems. You can find more information about the Symantec Anti Virus prgram here. 

  3. Ensure that your computer is doing automatic updates for all of the programs that regulary need to be updated. This includes your operating system, Java, Adobe Flash, Microsoft Office, and your browsers. If your system is not doing this automatically, you should ensure that you do this manually at least once a week.   

  4. Be careful about opening attachments or clicking on links in email messages, and be careful when browsing unfamiliar sites.  Many of the problems that users encounter are caused by virus infections or spyware/malware infestations.  These problems are normally the result of opening up infected attachments in emails or using links embedded in SPAM messages.  You should only open attachments that you are expecting.  If you have received an attachment from someone that you know and you are not expecting an attachment, you should check with them prior to opening the attachment. 

    In addition to attachments, embedded links in SPAM are also another main cause of spyware or malware infestations.  If you receive SPAM messages, you should never use any of the links in those messages, especially the links that appear to provide you with the ability to stop receiving those messages.  You should also be very careful about phishing attempts.  For more information on phishing, please see this page

    Another way your system can become infected with a virus or infested with spyware/malware is by visiting malicious web sites.  It is much more difficult to prevent problems caused by these sites, as users can stumble upon them.  However you should be careful where you go on the Internet as the safety of your computer depends upon it.      

  5. Use good password practices. Keep your passwords private and ensure that they are not common words or names, but rather include a combination of letters, numbers, and punctuation.  A good recommendation is to use password phrases instead of passwords and in the phrases use both numbers and punctuation.  For example, the phrase In1972Iwasborn! is a strong password.  You should also choose passwords that you can remember easily and you should change your passwords regularly (at least 3-4 times a year).  You should also be very careful as to where you document your passwords. 

  6. Maintain the physical security of your system. Physical security can include such measures as locking the system down with a locking cable, setting a BIOS password that is then required to start the system, setting screen saver passwords for instances when you may walk away from your system, as well as shutting down your system when you leave for the day.

  7. Run spyware checking software regularly.  There are a number of spyware programs that are of good quality, but we recommend Malwarebytes and Super Anti Spyware frequently. The free versions of these programs are good for routine manual scans, but for better protection, you should opt for the paid versions. Also, please download these programs from the links on the web sites for these companies and not from anywhere else.  

  8. Do not run file and print sharing, remote access programs, or peer-to-peer file sharing programs on your system. These programs can provide conduits for hackers to access your system.  If for any reason you need these programs for your work, please contact the Information Technology Services group to assist you in developing a secure way to do this.

  9. Install a Personal Firewall. Personal firewallls can be another excellent tool to keep your home computer safe. One such product that we recommend is the free version of Zone Alarm.   

  10. Use secure services whenever possible. Secure services include tools such as SSH, webdrive, and security enhancements to email.  You should also ensure that if you are entering any sensitive information onto a form, that it is using SSL.  You can determine this be checking the URL of the site you are on and ensuring that it is using an https prefix as opposed to an http prefix.

In addition to the above measures, additional security documentation has been created by RUCS and we recommend that you review this material. You can find this documentation here. There is also some detailed documentation designed for home users on the CERT web site and you can find this information here.