The following is a list of basic steps needed to secure electronic devices, such as desktop computers, laptop computers, tablet PCs, BlackBerrys, personal digital assistants (PDAs), and smart phones. Additional steps may be important to implement depending upon the vendor operating system, the applications that operate on the device, the information stored on the device, and other factors. If your device is owned by UVa or has UVa data stored on it, you should consult your department LSP or system administrator for additional guidance. The following websites also provide helpful guidance:
- Security for Mobile Computing Devices
- Security for Personal Computers
- Health Systems Computing Security—If you work in the Health System, and HSCS supports your electronic device
BlackBerrys / Personal Digital Assistants (PDAs) / Smart Phones
- All BlackBerrys, PDAs and Smart Phones must be password-protected with a length of at least four characters. Learn what constitutes a good password.
- It is also strongly recommended that users of these devices set the physical lock for additional security.
Desktop, Laptop, and Tablet Computer Setup
Use strong password protection
Learn what constitutes a good password, create ones you can remember, and change your passwords roughly every 120 days, more often if you have reason to believe they have been compromised. You can check password strength using Microsoft's strength testing tool.
Use a password protected screen saver
Configure your computer to lock the screen automatically, after a brief period of inactivity, with a password-protected screensaver. A 10 to 15 minute setting on your screensaver idle or wait time enhances security and causes you minimal inconvenience. This is a very effective measure to protect your Windows (see below) or Mac OS X computers.
Tip: Set your computer power settings to blank the screen a minute before the password-protected screensaver starts. This provides time to interrupt the screensaver by moving the mouse or tapping the keyboard, so that you won't need to enter your password to unlock your computer and resume working.
Turn off file sharing
Disable file sharing and system access settings for Windows (see below), Mac OS X, or UNIX/Linux operating systems. Only enable the file sharing capability of your computer, if it is essential that others have access to files on that computer.
Turn on firewalls
Firewalls can prevent hackers from making unwanted connections to your machine. Make sure you enable the firewall settings for the following operating systems:
Turn off or delete unneeded software features
The more software packages there are on a computer, the more opportunity for hackers. Uninstall applications and turn off features you don't use.
Restrict the number of users
Configure one person per user account. Make sure anyone using a computer knows not to share login and/or password information. Delete accounts of former users. In addition, disable the Administrator and Guest accounts in Windows (Start > Control Panel > User Accounts), and the Sharing Account in Mac OS 10.5 only (System Preferences > User Accounts > Disable the Sharing Account), to make it more difficult for hackers to gain access to your system.
Maintain Desktop, Laptop, and Tablet Computer Setup
Use up-to-date anti-virus and anti-spyware software
Install antivirus software on your computer, and schedule daily updates that will recognize new virus types as they emerge. Enable the automatic protection of all incoming files, and schedule weekly scans of your hard drive. Antivirus software, however, is not enough; install antispyware software on your computer, too. Windows machines usually feature Windows Defender, a Microsoft antispyware software product, and the University provides Spy Sweeper to faculty, staff, and students. Unfortunately, there are many bogus anti-spyware products on the Internet. Beware of any product that pops up and tells you you have spyware! Call the ITC Help Desk at 434.924.3731, or ask a qualified technician you know for advice about the best antispyware software for your computer.
Don't open files from unknown sources
Carefully judge the credibility and trustworthiness of the source of a file before opening it. Email attachments and downloaded files are common sources for malicious programs. Bear in mind that some viruses and worms can mimic the identity of a familiar email correspondent. If you weren't expecting an attachment, you may want to contact the email sender to verify the attachment before opening.
Keep your operating system up-to-date
Updates should be downloaded and installed immediately—many contain critical fixes for security-related defects. Recent operating systems have automated the update process, though you may be prompted to approve the process. Learn more about automatic updates for:
Keep your application software updated
Check your software manufacturers' websites regularly for updates to their products.
Backup
Create a backup of your entire system periodically, and back up critical data files, whenever you update them. The ITC Home Directory Service provides adequate backup space for most people, but files consuming large amounts of space—video or music—may require external disk drives to back them up adequately. Learn more about archiving your data.
Physical security
Protect your system from theft by physically securing your computer. Purchase a lockup cable for your laptop to increase security in residence halls, libraries, and other places you may take your computer, and a surge protector with a circuit breaker to protect against power line surges. Verify that your system is covered under a homeowner's or renter's insurance policy. All computers connected to the UVa network must be registered, which enables quick and direct contact, not only when machines are compromised, but also if they are stolen. ITC can then track them, if they reconnect to the network.