You’ve just gotten a new computer. You connect it to your high-speed Internet connection and within seconds … the computer has been attacked thousands of times.
Most of the attacks will fail but a few may succeed. The result of the attacks may be undetectable and could be intentionally delayed. After all, you have little data on the system yet.
Many computer users assume that their new computers will protect important information “out-of-the-box.” While such products often contain security mechanisms, we must individually stay informed about security precautions and make a concerted effort to keep our systems safe.
Our computers contain information about ourselves (e.g., our tax returns), about others (e.g., work-related reports, databases), and about sensitive administrative and academic efforts (e.g., student grades and research findings) that you may not want to share openly with others. At risk? The theft of your identity, violations of your privacy, lost passwords, or destruction (or alteration) or key documents. Once an intruder gains access to your system, they might use your e-mail account to send out spam, launch virus-laden messages, or simply distribute inappropriate notes in your name.
At the October 15 Lunch ‘n Learn seminar, the University’s IT Security Officer, Anthony Scaturro, reviewed many of the threats that computer hackers pose to home and office systems, the kind of information that may be in jeopardy, and measures that we all can personally can take to reduce our exposure.
Passwords should be secure, at least eight characters long with both upper and lower case letters as well as numbers or symbols. Avoid using common names or words. The word “password” is an especially poor choice, notes Scaturro. To remember a strong password, you can try converting a memorable phrase. “I am one happy camper at Princeton University” becomes “Im1Hc@PU” Of course, adds Scaturro. Don’t use that one, emphasizes Scaturro, because everyone now knows it.
Other dangers? To avoid viruses, make sure that you have installed anti-virus software and be cautious about files that you bring into your computer.
To delete a confidential file effectively, use a commercial product that can completely destroy the contents of the file. And you can use Darik’s Boot and Nuke, a free program to erase your hard drive before you discard or donate your machine.
To avoid “worms” which seek to exploit vulnerabilities in your system software, take full advantage of automatic software update services provided by your vendor.
Look critically at e-mail messages before opening attachments or linking to web sites. Legitimate messages from Princeton and from your banks, for example, will never ask you for your password.
Anti-spyware programs (and avoiding untrustworthy web sites) will help to prevent others from learning about your interests and shopping patterns or deluging you with unwanted pop-ups.
Inexpensive devices will let neighbors to examine your network traffic. Be sure to encrypt your wireless connection at home.
And if you walk away from your computer, be sure to use the CTRL-ALT-DEL combination to lock your machine.
But remember, no security system is perfect. All we can do is to take such steps to reduce the risk.
A podcast and the presentation are available.