University of Colorado at Boulder  
Map A to Z Index Search CU Home
ITS logo
Information Technology Services News | ITS Search

IT Security Information - Security is Everyone's Responsibility

    
 

Security is everyone's responsibility

Technology is changing at a rapid pace and the University of Colorado will always strive to be on the leading edge to provide faculty, staff, and students with the best possible educational and research environment. Computers and networks offer access to vast amounts of resources, but at the same time, the technology poses risks that have never before been encountered. It takes effort on the part of everyone, especially the person using the computer, to ensure that computing resources are safe.

  • Each student at CU-Boulder has certain responsibilities when using computing resources at CU-Boulder. The University has published guidelines for computer users.
  • Because ITS has a responsibility to protect the entire campus network infrastructure from infected or compromised systems, it must act quickly to contain any type of worm or virus threat. Unfortunately, this can result in temporary blocking to network access.

E-mail and Web Security (e-mail and Internet is not always safe)

E-mail offers many opportunities for security problems and should not be considered secure. E-mail messages can easily be forged and do not necessarily afford the privacy one might expect. Malicious web sites can install software on your computer or collect personal information from your computer. Here are a few basic things to keep in mind:

  • Don't give out confidential information in response to an e-mail. For example, someone may try and persuade a user to give out their password or a credit card number. You may not know whom you are dealing with.
  • Be wary of e-mail attachments that you don't know anything about (this also applies to web downloads). It's very easy for a computer virus to be present in e-mail from your best friend. It is strongly suggested that antivirus software be used to scan anything that you receive in your e-mail.
  • If you receive e-mail, which you feel violates the campus CNR policy, it should be reported to abuse@colorado.edu so action can be taken. It is suggested you do not delete the message, as it can often be useful in tracking down the incident. Read abuse guidelines and tips at www.colorado.edu/its/abuse.html

Use Secure Clients

Access to ITS systems requires the use of secure clients and encrypted authentication. Not only does it help protect our network from malicious computer attacks and stolen logins, passwords, etc., but also new federal grant rules require secure computer practices.

Desktop Management including antivirus and patches

  • Every desktop computer must have current and up-to-date antivirus software. ITS has a campus license and students can download the software from here.
  • The operating system on every desktop must be kept up-to-date. ITS has documentation on configuring your Windows system for automatic updates. ITS also has documentation for running Windows Update manually.

File Sharing - a setting on your computer that let hackers into your computer unless they are disabled or fixed!

  • Be very careful with Windows file sharing. The default options for all versions of Windows are insecure and will let hackers into your computer unless they are disabled or fixed! Your best bet is to disable file sharing completely. For instructions on disabling file sharing click here.
  • Because there are academic applications for peer-to-peer (p2p) file-sharing applications such as KaZaa, BearShare, LimeWire and Morpheus, CU-Boulder does not ban them from its network. However, we recognize that most p2p activity consists of copying music and video files for personal enjoyment. Music and videos are copyrighted.
  • File-sharing may put your personal computer data at risk. ITS suggests that you not run p2p types of programs. If you feel you must do so, please at least disable the uploading features. Doing this should NOT affect your ability to copy files to your computer from other locations. It will prevent others from copying files from your computer.

Issues when using public computers

  • Always remember to log-off when connecting to secure web sites such as CULink or CULearn. If you do not the next user of the computer may have access to your data.
  • Public computers that may not always be securely configured pose a threat to your privacy by storing your password or web cookies. Think twice about going to a secure site if you can not verify the security of the computer. When you log out of a computer in an ITS lab or ITS "scarpie" kiosk your privacy is protected.

Contact Information
Campus IT Security Office
(303) 735-HELP
security@colorado.edu

  

IT security information
IT Security Overview
Info for Faculty & Staff
Info for Students
Minimum Security Implementation Guidelines for CSRs & System Admins
File a Security Report
I'm infected, now what?
Encrypted Authentication
CUantivirus
"Ask Security" Form

 

 

 
       
       Support | Training | Facilities | About ITS | ITS Home
 

Last reviewed: March 13, 2008

IT Service Center: 303-735-4357 (5-HELP), help@colorado.edu, Location and Hours of Operation
Computer Support Representative (CSR) look-up tool

itsfeedback@colorado.edu  | Policies | Privacy
© 2000 The Regents of the University of Colorado