| |
 Sending and receiving e-mail, file sharing and browsing websites may seem innocuous on the surface, but if you’re not careful these activities can open your computer to countless vulnerabilities. E-mail messages can easily be forged and do not necessarily afford the privacy one might expect and they’re often used to launch malware. Malicious web sites can install software on your computer or collect personal information from your computer.
E-mail and Web Security
Here are a few basic things to keep in mind:
- Don't give out confidential information in response to an e-mail.
For example, someone may try and persuade a user to give out their password
or a credit card number. You may not know whom you are dealing with.
- Be wary of e-mail attachments that you don't know anything about (this
also applies to web downloads). It's very easy for a computer virus
to be present in e-mail from your best friend. It is strongly suggested
that antivirus software be used to scan anything that you receive in
your e-mail.
- If you receive e-mail, which you feel violates the campus CNR
policy, it should be reported to abuse@colorado.edu so action can be taken. It is suggested you do not delete the message,
as it can often be useful in tracking down the incident. Read abuse
guidelines and tips at www.colorado.edu/its/abuse.html
Use Secure Clients
Access to ITS systems requires the use of secure clients and encrypted
authentication. Not only does it help protect our network from malicious
computer attacks and stolen logins, passwords, etc., but also new federal
grant rules require secure computer practices.
Desktop Management including antivirus and patches
- Every desktop computer must have current and up-to-date antivirus
software. ITS has a campus license and students can download the
software from here.
- The operating system on every desktop must be kept up-to-date. ITS
has documentation on configuring your Windows system for automatic
updates. ITS also has documentation for running
Windows Update manually.
File Sharing - a setting on your computer that let hackers into your
computer unless they are disabled or fixed!
- Be very careful with Windows file sharing. The default options for
all versions of Windows are insecure and will let hackers into your
computer unless they are disabled or fixed! Your best bet is to disable
file sharing completely. For instructions on disabling
file sharing click here.
- Because there are academic applications for peer-to-peer (p2p) file-sharing
applications such as KaZaa, BearShare, LimeWire and Morpheus, CU-Boulder
does not ban them from its network. However, we recognize that most
p2p activity consists of copying music and video files for personal
enjoyment. Music and videos
are copyrighted.
- File-sharing may put your personal computer data at risk. ITS suggests
that you not run p2p types of programs. If you feel you must do so,
please at least disable the uploading features. Doing this should NOT
affect your ability to copy files to your computer from other locations.
It will prevent others from copying files from your computer.
Issues when using public computers
- Always remember to log-off when connecting to secure web sites such
as CULink or CULearn. If you do not the next user of the computer may
have access to your data.
- Public computers that may not always be securely configured pose a threat
to your privacy by storing your password or web cookies. Think twice
about going to a secure site if you can not verify the security of the
computer. When you log out of a computer in an ITS lab or ITS "scarpie"
kiosk your privacy is protected.
Get Help
IT Service Center
303-735-4357 (5-HELP)
security@colorado.edu |
|
|
