General Tips for Safer Computing

1. Be sure to have an up to date anti-virus package installed on your computer that updates its virus definitions automatically. UC provides McAfee Anti-Virus and Anti-Spyware as a free download for faculty, staff, and students.
2. Never open e-mail attachments unless you scan them first or set your scanner to do it automatically.
3. It's a good idea to have your e-mail program set to send and receive "plain text" rather than enriched or HTML files. Those can have hidden malware, lurking programs that can cause trouble, waiting to be activated.
4. Do not run, download or forward any unsolicited executables, documents, spreadsheets, etc. Anything that runs on your PC should be virus checked and approved first.
5. Any email you weren't expecting should be treated with suspicion, even if it comes from someone you know. It is worth calling whoever sent it to you to check that they intended to send you the email.
6. Do not open any files with a double file extension, (e.g. iamavirus.txt.vbs). Under normal circumstances you should never need to receive or use these.
7. All Windows operating systems, by default, hide the known file extensions in Windows Explorer. This feature can be used by virus writers and hackers to disguise malicious programs as some other file formats, such as text, video or audio files.
   This can be turned off thus:
   • Go to Windows Explorer
   • Click Tools > Folder Options...
   • Go to the View tab
   • Uncheck "Hide extensions for known file types"
8. Keep security patches up-to-date on your computer. If there is no automatic update feature for your computer's operating system (OS), go to the OS manufacturer's Web site for the latest updates. A weekly check is good.
9. Be aware of what network services are running from your computer and disable all those not needed.
10. Keep informed about the latest network security risks, including programs that may enable your computer and the university's network to be used for illegal or commercial purposes.
11. All user accounts on a computer should have a strong password.
12. Your password should contain at least eight characters and should be something you can easily remember but not anything that people might associate with you, such as your name, friend's name, family member's names, pet's name, your initials or your name backwards. Also do not use birthdays, anniversaries or your login ID. Also, any word in any dictionary would be a bad choice for a password. Because passwords on many systems are case-sensitive, it's a good idea to use numbers, special characters and a mixture of upper and lowercase letters somewhere in the password to make it more difficult to guess. You may want to create a personal acronym, e.g. "Eagles may soar, but weasels don't get sucked into jet engines." = EmsbWdgs1Je. For more information and ideas, see the UC password standards page.
13. Never write your password on a Post-It and stick it on your monitor, your address rolodex, under your desk pad, or anywhere else where it can be easily found. If you must write it down, keep it in a locked drawer or cabinet where no one but you can find it.
14. Never leave sensitive information lying out in your work area.  Always lock up any paperwork or reports that contain sensitive information, such as social security numbers or other personal information.  When finished using the information, store it in a locked file or destroy it by shredding.
15. BACK UP your critical files and information. This is the single most important action that you can take to assure that you will not suffer a catastrophic loss.
16. Desktop Computers systems are not intended to be anything other than client systems. Using them as servers through file sharing can be very hazardous to your files and information. NEVER make files available for sharing without password protection.
17. Check for updates to anti-virus applications and critical updates for your operating system and programs weekly. Many vendors provide automatic mechanisms for online updates.
18. Use a screen saver with a password.