Security Guidelines

Computing Security Guidelines

Three basic procedures and habits can help you protect your computer against viruses or unauthorized access.

1. Logout and Shutdown Regularly

Staying logged in for days and weeks at a time makes you more susceptible to network viruses and hacker scanning. That is because if you do not log out at the end of the workday, especially on the weekends, your machine is connected to the Internet and Poole College of Management systems 100 percent of the time. Most of the hacker scans have occurred on this campus on the weekends and overnight when the hackers think there is less likelihood of systems being closely monitored. When your machine becomes compromised, it not only affects you, but also can affect the entire college’s systems, the building local area network (LAN), and even all of campus.

What IS hacker scanning?

It is a process whereby a program sends out specific commands to a whole range of IP (Internet) addresses to see if those machines will respond` appropriately. If the machine responds appropriately, the scanner may try additional commands to see if it can take control of the machine. It may also use it as a conduit to other resources. If you are logged in and a scanning program breaks into your system, it can send e-mail from your account, use your computer to attempt to infiltrate other systems, and basically make it look like you are sitting there issuing the commands. A scanner program might also use your machine to launch malicious attacks on other systems while hiding its trail masquerading as your machine.

What can you do about the problem? Make yourself a harder target. Make sure that your antivirus program is current on your machine and logout as often as possible, especially at night and on the weekends. Logging out and shutting down has other desirable benefits as well, it will clear the memory on your system and make programs run more smoothly during the day.

What happens if you don’t logout? If your system threatens the network by sending out lots of viruses or acting as a hacking conduit, NCSU-OIT (Office of Information Technology) will block your system from the network until the problem is solved and your system is secured. And it does happen. Several faculty and staff members have had their systems barred from the network for creating these kinds of problems. But doesn’t turning the machine on and off a lot weaken the components from constant heat expansion and contraction? To some extent it does, but in an office environment the temperature swing is not that large. Turning the machine on and off once or twice a day will not significantly contribute to component aging and you’ll be saving energy.

2. Keep a Current Antivirus Program Installed

Since viruses are constantly being modified to try to trick the antivirus programs and recipients, it is very important to have current antivirus software loaded and working on your computer with up-to-date virus definition files. This is your main defense against computer viruses. The antivirus software cannot keep viruses from being delivered to your computer; rather, it keeps those viruses from infecting your computer. When the program notifies you that a file contains a virus, it is doing what it was intended to do. It either cleans the virus or isolates the file so that it cannot infect your system.

Your office computer should have a managed version of the NCSU antivirus software installed that will automatically update itself.  For details, see: https://oit.ncsu.edu/it-security/antivirus/

For personally-owned computers: The university will no longer provide antivirus software licenses for personally-owned computers. Instead, the university will recommend using either the antivirus protection provided by the operating system vendor or an approved alternative. For details, see: https://oit.ncsu.edu/it-security/antivirus/recommended-antivirus-solutions/

3. Keep Programs Patched and Updated

Hackers are constantly looking for ways to exploit your computer. Some do it by releasing virus programs. Some attempt to find ways of gaining access through your computer to either hide their trail or use it for malicious attacks on other computing resources. Many of the features that make our operating system software and applications powerful and easy to use also make them vulnerable to abuse. Many behind-the-scenes events can occur when you simply click on an icon or a link. Software companies are constantly releasing patches and updates to fix bugs and reduce known vulnerabilities in operating systems and applications. Computing Services endeavors to keep supported software appropriately patched and updated within the college.

However, if you use software not supported by Computing Services, you could be at serious risk for exploitation. In particular, you should be vigilant for updates to e-mail programs, web browsers, and other programs like telnet and ftp that are used to connect to or send information to other systems.

Computing Services regularly receives notices of new vulnerabilities and available patches. We cannot list information for every operating system and application available, but we try to list those that we think might be in use by some college faculty and staff.

Please check potential security threats regularly for new additions. Computing Services will send an e-mail to faculty and staff whenever there are threats that could have significant impact within the college.