Ten Tips for safer Computing
1 RISK–Analyze your department’s risk in order to develop emergency procedures and to balance against access and privacy concerns. Critical assets are programs or data that the department cannot function without on a daily basis; essential assets that are needed on a weekly basis; while other documents or applications can be easily recreated or borrowed.
2 BACK-UP–Develop and implement a plan to back up departmental data and documents on a routine basis. Be sure they are saved in a secure place, one that is not vulnerable to the same power shortages or attacks as the site where the information is usually kept.
3 RECOVERY–Have an emergency plan in place for technical breakdowns, attacks or other problems affecting critical and essential assets. Develop this plan with information system professionals and familiarize them in advance with the needs of your department, so they will be better prepared to help recover materials should an emergency arise.
4 PASSWORDS–Do not pick one that is easily connected to you, such as any part of your name, birth date, or address. Change a password if it appears data is being tampered with.
5 PHYSICAL SECURITY–Make sure that rooms where computer equipment or documentation are being stored are themselves locked and secured. Consider locking the actual machines to the wall or floor. Do not walk away from a computer where you are logged on, especially if the computer contains access to other parts of a network. It’s similar to leaving your front door open when you go to work–don’t tempt a criminal.
6 E-MAIL–Electronic mail is very insecure. It can easily be forged or intercepted, especially when you do not know the sender. Do not send confidential information, such as passwords or credit card numbers, via email. Do not download attachments or programs if you do not know the source or the reason for the message. You may unwittingly be implanting a virus or allowing another user access to your computer.
7 ANTI-VIRUS–Install anti-virus software, such as Norton Anti-Virus or VirusScan. Keep up on the latest developments in this software, especially when news of holes in the protection is reported. Check with sites that report virus news, such as ZDNet at http://www.zdnet.com/swlib/hotfiles/ ezipvirus.html.
8 EXPLOITS–Hackers often use known holes, called “exploits” in popular software to get into computers. Those holes should be fixed immediately, either with free vendor patches or homegrown remedies, if no commercial ones are available. Administrators can stay on top of the latest news on exploits at sites such as http://www.security focus.com or http://www.cert.org.
9 STANDARDIZATION–If every user in a department is using the same hardware and software, it makes it easier for administrators to standardize security procedures and to update protections.
10 SHORT AND SWEET–Develop security codes of conduct for students, faculty, and staff that can be summed up in a page or less Post paragraphs about security in places that users are likely to go, to remind them. List short tips.
Stephanie Brenowitz is a staff writer for the Columbus Dispatch in Ohio. She has also written about education for the Philadelphia Inquirer and the Hartford Courant.
COPYRIGHT 2000 Educational Media LLC
COPYRIGHT 2000 Gale Group