| |
Security is everyone's responsibility
Technology is changing at a rapid pace and the University of Colorado
will always strive to be on the leading edge to provide faculty, staff,
and students with the best possible educational and research environment.
Computers and networks offer access to vast amounts of resources, but
at the same time, the technology poses risks that have never before been
encountered. It takes effort on the part of everyone, especially the person
using the computer, to ensure that computing resources are safe.
- Each student at CU-Boulder has certain responsibilities
when using computing resources at CU-Boulder. The University has published
guidelines for computer users.
- Because ITS has a responsibility to protect the entire campus network
infrastructure from infected or compromised systems, it must act quickly
to contain any type of worm or virus threat. Unfortunately, this can
result in temporary blocking to network access.
E-mail and Web Security (e-mail and Internet is not always safe)
E-mail offers many opportunities for security problems and should not
be considered secure. E-mail messages can easily be forged and do not
necessarily afford the privacy one might expect. Malicious web sites can
install software on your computer or collect personal information from
your computer. Here are a few basic things to keep in mind:
- Don't give out confidential information in response to an e-mail.
For example, someone may try and persuade a user to give out their password
or a credit card number. You may not know whom you are dealing with.
- Be wary of e-mail attachments that you don't know anything about (this
also applies to web downloads). It's very easy for a computer virus
to be present in e-mail from your best friend. It is strongly suggested
that antivirus software be used to scan anything that you receive in
your e-mail.
- If you receive e-mail, which you feel violates the campus CNR
policy, it should be reported to abuse@colorado.edu
so action can be taken. It is suggested you do not delete the message,
as it can often be useful in tracking down the incident. Read abuse
guidelines and tips at www.colorado.edu/its/abuse.html
Access to ITS systems requires the use of secure clients and encrypted
authentication. Not only does it help protect our network from malicious
computer attacks and stolen logins, passwords, etc., but also new federal
grant rules require secure computer practices.
Desktop Management including antivirus and patches
- Every desktop computer must have current and up-to-date antivirus
software. ITS has a campus license and students can download the
software from here.
- The operating system on every desktop must be kept up-to-date. ITS
has documentation on configuring your Windows system for automatic
updates. ITS also has documentation for running
Windows Update manually.
File Sharing - a setting on your computer that let hackers into your
computer unless they are disabled or fixed!
- Be very careful with Windows file sharing. The default options for
all versions of Windows are insecure and will let hackers into your
computer unless they are disabled or fixed! Your best bet is to disable
file sharing completely. For instructions on disabling
file sharing click here.
- Because there are academic applications for peer-to-peer (p2p) file-sharing
applications such as KaZaa, BearShare, LimeWire and Morpheus, CU-Boulder
does not ban them from its network. However, we recognize that most
p2p activity consists of copying music and video files for personal
enjoyment. Music and videos
are copyrighted.
- File-sharing may put your personal computer data at risk. ITS suggests
that you not run p2p types of programs. If you feel you must do so,
please at least disable the uploading features. Doing this should NOT
affect your ability to copy files to your computer from other locations.
It will prevent others from copying files from your computer.
Issues when using public computers
- Always remember to log-off when connecting to secure web sites such
as CULink or CULearn. If you do not the next user of the computer may
have access to your data.
- Public computers that may not always be securely configured pose a threat
to your privacy by storing your password or web cookies. Think twice
about going to a secure site if you can not verify the security of the
computer. When you log out of a computer in an ITS lab or ITS "scarpie"
kiosk your privacy is protected.
Contact Information
Campus IT Security Office
(303) 735-HELP
security@colorado.edu |
|
|
