Securing your Computer
If your computer has been compromised, Information Technology Services (ITS) reserves the right to block your IP/MAC Address from connecting to the network in order to protect the integrity of the University of Hawaii network. Information on getting your computer unblocked can be found at: http://www.hawaii.edu/askus/686. For Manoa campus, please call your IT department or the ITS Help Desk for additional assistance.
The information below will provide you with information on how to best secure your computer from being compromised by unauthorized intrusions and viruses. Please note that despite one's efforts, there is no product that will stop a determined hacker.
- Keep your software up-to-date. Periodically, companies will release updates that provide software enhancements and security fixes. For Microsoft Windows, Microsoft provides an auto-update feature. You should also install security updates for application software such as Microsoft Office, Adobe Acrobat, Adobe Reader, Adobe Flash Player, Firefox, Chrome, Safari, etc.
- Install anti-virus software and update the virus definition file regularly. Active University of Hawaii faculty, staff, and students may download anti-virus software.
- For email attachments, if you have any hesitations, please do not open attachments you receive. Email attachments are a common source of viruses. Gmail automatically scans attachments for viruses when the attachment is delivered to you, when you open the attachment, and when you attach a file.
- For further protection, a firewall product might be needed. Most desktop systems don't necessarily have to have this, as it requires someone with some technical knowledge and time to manage well. However, firewalls will lower the odds of an unauthorized access to your computer and might be necessary if the data is extremely confidential and requires additional security. It should be noted that with a firewall, ITS standard network troubleshooting techniques can no longer be used (firewalls will also block our efforts to ensure that your Internet connections are working). Users are required to have their own IT Specialist to troubleshoot their firewall and any network connections for their computers behind a firewall.
Security Updates and Operating System updates
Microsoft Windows has an auto-update feature. This auto-update feature periodically connects to the Microsoft website to see if they are any updates to your Windows Operating System, Internet Explorer or Microsoft Office (if installed). If any updates are available, the auto-update feature will let you know. It will then give you an option to install, install later, or deny the new updates. To manually check for updates:
- For Windows 7: click the Start button, click All Programs and click Windows Update.
- For Windows 8/Windows 8.1: hold down the Windows key + Q key; enter windows update in the search bar; click windows update; click check for updates in the left pane.
- For Windows 10: Open the Start Menu and click on the settings wheel, Update & Security settings, in the Windows Update-Update Status click on the updates button.
macOS also has an auto-update feature through the Mac App Store. Like Microsoft Windows, the auto-update feature will periodically check the Apple website for updates. If updates are found, the feature will notify you. If you would like to manually check for updates, click on the apple icon in the top left corner of the menu bar and click “App Store…”, then navigate to the “Updates” tab. You can also visit https://support.apple.com/downloads.
MS Office Updates
Microsoft releases updates for their Microsoft Office software. These updates provide feature enhancements, bug fixes, and security fixes. Microsoft Office updates are included with Windows Updates.
If you use a departmental email server, please check with your IT support person to see if anti-virus protection is provided. If anti-virus protection is not available, you can still protect your department issued email account by forwarding email through your Google@UH email account first. In addition to setting up email forwarding you should advertise your @hawaii.edu account so that email messages will be routed through the Google@UH email server and scanned by the anti-virus and SPAM scanner before it reaches your department-issued email address.
Active UH faculty, staff, and students are eligible to install anti-virus software provided by ITS. NOTE: UH faculty, staff, and students must remove the software from any personal computers once they are no longer affiliated with the University. You may download it here.
Spyware is defined as malicious software that gathers user's information through the Internet without his or her knowledge. Once installed the software monitors user's activity on the Internet and transmits the information to a third party.
ITS-Recommended Anti-Malware Malwarebytes (MBAM), SuperAntiSpyware and Windows Defender are described at http://www.hawaii.edu/askus/670
Other anti-malware programs are listed below.
Spybot S&D (Search & Destroy) is a free spyware removal program that we also recommend for home use. You can download the Spybot software and view the instructions at http://www.safer-networking.org/en/index.html.
If you have any problems or questions, please send email to firstname.lastname@example.org.
Although, ITS does not support any particular firewall product, there are several you may want to try. If you feel that you may have discovered a firewall software that ITS should test and support, please send email to email@example.com.
All user accounts on your computer should have a password, especially your Administrator or Power User accounts. If you are mapping any drives from/to your computer, please make sure they are password protected. Some viruses propagate via unprotected drive mappings. The following password guidelines article can help you select a strong (difficult to guess or to break) password: http://www.hawaii.edu/askus/705
If you keep any sensitive information on your computer, the information should be encrypted. Current versions of Windows and Macintosh operating systems have built-in encryption features. For more details on using Windows encryption, please read: http://www.hawaii.edu/askus/1285. For Macintosh encyption, please read: http://www.hawaii.edu/askus/676 .
There are also third-party encryption applications like GPG. As of 5/29/14, ITS is no longer suggesting TrueCrypt as an encryption method.
Access control: Physical access to machines should be controlled and monitored. Unknown individuals should NOT be able to walk up to any unattended computer unchallenged. In open environments, physical lockdown devices (cable security locks, CPU locks, etc.) should be considered. Lock individual office doors at the end of the day. Provide as many layers of defense as possible.
Partitioning of physical environments into security zones: More sensitve computers should be located in areas that can be more tightly locked down.
Alarm systems: Depending on the sensitivity of the information stored on servers and computers, 3rd party alarm systems may be a consideration.
Education: People are the best alarms. If someone does not belong in the area, they should be physically challenged: ask the unknown individual if they need help, what business they have, who sent them, and call to check credentials (but call a number from a trusted source). You can always ask them to return at a pre-arranged date and time. If it's legitimate, they will return.
Make regular backups of your critical data (at a minimum) and test your backups to ensure that they are readable. ITS supported versions of Windows and macOS have a backup features built-in to the operating system. To learn more about each, visit their websites at:
last updated: August 2018