Information Technology

National Cyber Security Awareness Month

October is National Cyber Security Awareness Month (NCSAM). These tips can help you protect your computer resources, your data, and your identity. For 2006, the theme at Rice is Secure your Systems: computers, wireless, and more.

Week 1 | Week 2 | Week 3

Week 1: Computers

This week, we are focusing on securing your personal computers. The basic steps are:

Turn On Automatic Updates

Enabling your computer's automatic update feature is one of the easiest ways to protect your computer and the data stored on it from malicious attacks. Many of the hack attempts we see on campus target unpatched systems.

For information on how to setup your computer to automatically receive important updates, follow the links below:

Install Antivirus Software

Rice University provides Antivirus software from Trend Micro for all Rice users, including computers at home. The current software Rice provides includes other malware-fighting software, including antispyware, antiphishing and firewalls.

Use your Computer's Firewall

Enabling a firewall on your computer can both prevent many attacks from getting to your computer and limit the damage if you computer does get infected. The most recent versions of Windows, Macintosh and Linux all have built-in firewall software installed.

Here are links on how to setup and configure your firewall:

Use Strong Passwords

Weak passwords are an easy target for hackers and some viruses. All computers should have strong passwords set for both login and remote access.

Do look at our resource on creating strong passwords.

Not Using It? Turn It Off

Applications that access the Internet should be closed or disabled when it is not needed or is not in use. Just like the operating system, applications can be an attack vector for hackers and viruses.

More links:

IT Security web site: http://www.rice.edu/it/security.
National Cyber Security Alliance (Stay Safe Online): http://www.staysafeonline.org

Week 2: Secure Your Wireless Network

This week's topic is the security of your personal wireless network.

Turn Off the SSID Broadcast

The Service Set Identifier (SSID) is the "name" of the wireless network that you see when browsing wireless networks. Most wireless access devices have a setting to disable broadcasting the name. This will help prevent unauthorized users from finding the network.

You can also change the name from the default, making it more difficult for unauthorized users to guess.

Change the Administrative Password

Most wireless access devices use a weak password by default used to change settings on the device. Change this password to something you will remember, as it probably will not be used very often.

Disable Remote Administration

Most access points, if they act as a router to the Internet, have the ability to be "remotely managed", meaning you can make changes to the access point from anywhere on the Internet.

Most people do not need to do this, and it leaves a potentially large opening to your home network if left on.

Limit Who Can Connect

Access points now come with the ability to lock down which computers can connect to the device. Each computer's network interface (in this case, the wireless interface) has a unique hardware address assigned by the hardware manufacturer. Using this unique address, only "known" systems can connect to the access point.

Use Encryption

By default, the wireless connection between devices and the access points are completely clear and very easy to snoop. You have several options on encrypting this traffic depending on the access point and the devices connecting to it - Wired Equivalency Privacy (WEP) and Wi- Fi Protected Access (WPA). The most basic and widely supported is WEP. It is not as secure as WPA, but has more device support. If your access point and devices can support it, use WPA. Remember, any encryption is better than no encryption.

For more information on Wireless Encryption, check the manual of your access point. To configure common clients, like Windows XP and Macintosh OS X:

More Information

For information on how to make these changes, consult your access point's manual or call their technical support lines.

Week 3: Protect Your Data

This week's topic is the security of your data.

Backup Your Data

For many people, information stored on their computer is both critical and confidential. The first step in protecting that data from loss or damage is to back it up.

There are several options for backups, such as external drives and CD/DVDs, and most operating systems provide software that can help:

Use Passwords for Access

To help keep data confidential and secure, passwords should be established for both login and remote access.

Information on Passwords: http://www.rice.edu/it/resources/security/passwords.html

Confidential? Use Encryption

The data is now both backed up and passwords are used to gain entry to the computer. What if the computer is stolen? What if a laptop is lost at the airport? How can the data be protected from thieves?

One option is to use encryption. Encryption scrambles data on a hard drive in a way that helps to ensure that only the owner with a "key" can access the information.

Most operating systems like Windows XP and Macintosh OS X come standard with encryption technologies:

Avoid Phishing Scams

Lastly, be wary of people asking for information via email and telephone. Make sure the people you are talking to really are who they say they are.

Phishing: http://blogs.rice.edu/blog/index.php?op=ViewArticle&articleId=968&blogId=367

Rice University Information Security Office
http://www.rice.edu/it/security
security@rice.edu

 
 
 

 
  
6100 Main, Houston, Texas 77005-1827
Mailing Address: P.O. Box 1892, Houston, Texas 77251-1892
© Copyright Rice University
Page content reviewed: 9/14/05 by Web Team. Markup: 11/20/06 by Alex Stoll

Rice University Rice University Information Technology