E-mail and Web Security
Here are a few basic things to keep in mind:
- Don't give out confidential information in response to any e-mail. Messages that try to persuade you to send your password or credit card number are forged, even if they appear to be from the your bank or system administrator.
- Be wary of any e-mail attachment that you weren’t expecting (this also applies to Web downloads). It’s very easy for a computer virus to be present in an e-mail that appears to be from a friend. It is strongly suggested that antivirus software be used to scan anything that you receive in your e-mail.
- If you receive e-mail from an address at CU Boulder which you feel violates the campus Acceptable Use of CU-Boulder’s IT Resources policy, it should be reported to the IT Service Center at email@example.com so action can be taken. It is suggested you do not delete the message, as it can often be useful in tracking down the incident. Read abuse guidelines and tips.
Use Secure Clients
Access to OIT systems requires the use of secure clients and encrypted authentication. Not only does it help protect our network from malicious computer attacks and stolen logins, passwords, etc., but also new federal grant rules require secure computer practices.
Desktop Management including antivirus and patches
Every desktop computer must have current and up-to-date antivirus software. OIT has a campus license and students can download the software.
The operating system on every desktop must be kept up-to-date. OIT has documentation on configuring your Windows system for automatic updates. OIT also has documentation for running Windows Update manually.
File Sharing - a setting on your computer that lets hackers into your computer unless they are disabled or fixed
- Be very careful with Windows file sharing. The default options for all versions of Windows are insecure and will let hackers into your computer unless they are disabled or fixed! Your best bet is to disable file sharing completely. View instructions on disabling file sharing.
- Because there are academic applications for peer-to-peer (p2p) file-sharing applications such as BitTorrent, LimeWire and Kazaa, CU-Boulder does not ban them from its network. However, we recognize that most p2p activity consists of copying music and video files for personal enjoyment. Music and videos are copyrighted.
- File-sharing may put your personal computer data at risk. OIT suggests that you not run p2p types of programs. If you feel you must do so, please at least disable the uploading features. Doing this should NOT affect your ability to copy files to your computer from other locations. It will prevent others from copying files from your computer.
Issues when using public computers
- Always remember to log off when you finish with secure web sites such as CULink or CULearn. If you do not, the next person to use the computer will have access to your personal information.
- Public computers that may not always be securely configured pose a threat to your privacy by storing your password or web cookies. Think twice about going to a secure site if you can not verify the security of the computer. When you log out of a computer in an OIT lab or OIT "scarpie" kiosk your privacy is protected.
Here are some helpful tips for hardening computers: