The following is a list of basic steps needed to secure electronic devices, such as desktop computers, laptop computers, tablet PCs, BlackBerrys, personal digital assistants (PDAs), and smart phones. Additional steps may be important to implement depending upon the vendor operating system, the applications that operate on the device, the information stored on the device, and other factors. If your device is owned by UVa or has UVa data stored on it, you should consult your department LSP or system administrator for additional guidance. The website Health Systems Computing Security also provides helpful guidance for those whose devices are managed by HSCS.
BlackBerrys, Personal Digital Assistants (PDAs), Smart Phones
- All BlackBerrys, PDAs and Smart Phones must be password-protected with a length of at least four characters. Learn what constitutes a strong password, and test it here.
- It is also strongly recommended that users of these devices set the physical lock for additional security.
Desktop, Laptop, and Tablet Computer Setup
Use strong password protection
Learn what constitutes a strong password, create ones you can remember, and never share your password with anyone. You can check password strength using Microsoft's strength testing tool. Note: If you have reason to believe someone has learned your password, change it immediately.
Use a password protected screen saver
Configure your computer to lock the screen automatically, after a brief period of about 10-15 minutes of inactivity, with a password-protected screensaver. This enhances security and causes you minimal inconvenience.
Turn off file sharing
To ensure other people cannot access your files and folders, you must disable file sharing. In Windows XP uncheck the box "File and Printer Sharing" in the Properties of your wired and wireless connections. In Windows Vista turn off File Sharing in the Network and Sharing Center. If you purchased a Dell computer from the University, you will notice that file sharing is already disabled.
- Macintosh computers disable file sharing by default.
- UNIX/Linux operating systems need special attention in this area.
Turn on firewalls
Firewalls can prevent hackers from making unwanted connections to your machine. The firewalls on recent Windows and Macintosh operating systems are turned on by default. Make sure, however, that you enable the firewall settings for the following operating systems:
Turn off or delete unneeded software features
The more software packages there are on a computer, the more opportunity for hackers. Uninstall applications and turn off features you don't use.
Restrict the number of users
If multiple people will use the computer, ensure that each person has their own user account.
Maintain Desktop, Laptop, and Tablet Computer Setup
Use up-to-date anti-virus and anti-spyware software
Install antivirus software Windows XP | Windows Vista | Macintosh on your computer, and schedule daily updates that will recognize new virus types as they emerge. Enable the automatic protection of all incoming files, and schedule weekly scans of your hard drive. Antivirus software, however, is not enough; install antispyware software on your computer, too. Download the Microsoft antispyware software Windows Defender, which is preinstalled on Windows Vista, for Windows XP.
Don't open files from unknown sources
Carefully judge the credibility and trustworthiness of the source of a file before opening it. Email attachments and downloaded files are common sources for malicious programs. Bear in mind that some viruses and worms can mimic the identity of a familiar email correspondent. If you weren't expecting an attachment, you may want to contact the email sender to verify the attachment before opening.
Keep your operating system up-to-date
Updates should be downloaded and installed immediately—many contain critical fixes for security-related defects. Recent operating systems have automated the update process, though you may be prompted to approve the process. If ITC PatchManagement Service or HSCS Desktop Management Service does not manage your updates, learn how to use your operating system auto-update feature.
Keep your application software updated
Check your software manufacturers' websites regularly for updates to their products.
-
Delete Data Securely
Use the Secure Deletion Shredder to destroy files and folders immediately and permanently in a secure manner.
Backup
Create a backup of your entire system periodically, and back up critical data files, whenever you update them. The ITC Home Directory Service provides adequate backup space for most people, but files consuming large amounts of space—video or music—may require external disk drives to back them up adequately. Learn more about archiving your data.
-
Use Physical security
Protect your system from theft by physically securing your computer. Purchase a lockup cable for your laptop to increase security in residence halls, libraries, and other places you may take your computer, and a surge protector with a circuit breaker to protect against power line surges. Verify that your system is covered under a homeowner's or renter's insurance policy. All computers connected to the UVa network must be registered, which enables quick and direct contact, not only when machines are compromised, but also if they are stolen. ITC can then track them, if they reconnect to the network.