The following Top Ten List addresses simple ways you can protect your computer and your data. The tips are focused on information security issues that are especially important at WSU.
In addition, several consortiums have provided Websites with in-depth treatment of this topic. See the Related information section at right for links to these Websites.
If you need help with any information security issues, check with the tech support staff in your school or department, or contact the Computing & Information Technology (C&IT) Help Desk by phone to (313) 577-4778, Monday–Friday, 8 a.m. to 8 p.m. (fall/winter terms) and 8 a.m. to 6 p.m. (spring/summer terms), or by e-mail to helpdesk@wayne.edu.
#1 Choose passwords that provide the maximum degree of protection for you and the university.
#2 Run an anti-virus program regularly, and keep it up to date.
#3 Update your operating system and other software with security patches as soon as they are released.
#4 Don't fall for scammers who try to trick you into revealing sensitive information through a "phishing" attack.
#5 Add password protection to your screensaver.
#6 Beware of spyware.
#7 Don't open an attachment or click a link in an e-mail unless you know for sure that it is safe to do so.
#8 Don't leave your laptop computer or PDA unattended in a public place or an unlocked office.
#9 Keep your home wireless network safe, and be careful using wireless Internet while traveling.
#10 Make regular backups of the files and data on your computer.
No password can guarantee absolute protection against a determined intruder armed with password-breaking software, but you might as well make it as difficult for intruders as possible:
What makes a good password?
Most likely you use a number of passwords, including the one for your WSU AccessID and as well as passwords needed for access to various websites. Try to use a different password for each of these purposes. That way, if someone discovers one of your passwords, the damage that can be done with it is limited. See WSU's Strong Password Standard.
Make sure you have anti-virus software on your computer! Wayne State University provides Symantec AntiVirus for free to all students and employees. It can be downloaded from the Software Clearinghouse. Remember, anti-virus programs need regular updates so they can recognize the new viruses that emerge daily. Always set up Symantec AntiVirus to update itself automatically at least once a week.
Regularly download security updates and "patches" for operating systems and other software. Sometimes bugs are discovered in a program that may allow an intruder to access your computer. Most major software companies release updates and patches to close newly discovered vulnerabilities in their software—many of you are familiar with Windows XP Service Pack 2, for example, but all operating systems need to be kept up to date.
A "phishing" attack is an e-mail message that claims to be from a well-known company, advising that you must "re-enter" your security information. Usually it will direct you to what appears to be the company's Website, and ask you to enter your password, account number, or social security number. But it's a scam: the sender is an imposter trying to steal your identity. Phishing e-mails claiming to be from "Wayne Webmail Support", "Wayne Messaging Center", PayPal, Ebay, various banks and other well-known institutions have recently been making the rounds. Banks never send out e-mails asking you to click on some link or go to a website to "update" your password. If you are ever in doubt as to whether the content in an e-mail is legitimate, contact the institution directly. At WSU, you can report phishing attacks by filling out this form: https://calltracker.wayne.edu/phishreport/
Don't allow strangers to play with your computer. Whenever you are away from your computer for any length of time, either turn it off or set up your screensaver so it requires a password to return the computer to its normal operation. Some operating systems (including XP) allow you to lock your keyboard with a single keystroke. This prevents passers by, both the curious and the malicious, from accessing your computer.
Many Websites, including those operated by responsible businesses, place hidden "spyware" programs on your computer that track which Websites you visit. Spyware can seek out and transmit to a remote location more sensitive information too. Just clicking on certain Website links is enough to trigger a "driveby download" that installs spyware without your knowledge. Some filesharing programs (particularly those that help you download music, movies or software) also install spyware without making an adequate disclosure. To remove spyware from your computer, consider installing an anti-spyware program such as Spybot Search and Destroy (available at www.spybot.info). Although this software may be a little complicated to install, your tech support person or the C&IT Help Desk can guide you.
Don't open an attachment or click a link in an e-mail message unless you are absolutely certain you can do so safely. Even messages from addresses you recognize may be "spoofed" (have fake return addresses). It's safer to have your correspondent resend a real attachment than to click on one you aren't certain of and infect your computer—and probably many others also, since this kind of attachment can install attack programs on your computer.
One of the easiest things you can do to secure your computer from intruders is to pay attention to its physical security:
If you use a wireless connection with your laptop, PDA, or smartphone, make sure the connection is secure. Never send a password over a wireless connection if the Website isn't secure (the URL/address of a secure website will begin with "https"). If you have a home or office wireless router, set it up to require strong security. Otherwise, any person within range of your wireless signal can get unauthorized access to your computer, creating a variety of security problems.
Experienced computer users know that there are two types of people: those who have already lost data and those who are going to experience the pain of losing data in the future. Back up your data on CDs, DVDs, a USB flash drive, or portable hard drive. If you have access to a network, consider saving a copy of your data on another computer in the network. Many people make weekly backups of all their important data. And make sure you have your original software installation disks handy and available in the event your computer system files get damaged and you need to reinstall the software. Be prepared!
