Secure Computing Best Practices

To protect the security and integrity of your data it is important to follow some basic best practices outlined below.

Account and Password Security

  • Set strong passwords by meeting the following criteria
    •  At least eight characters in length
    •   One or more punctuation characters (non-letter, such as ! or &)
    •   Can not contain a dictionary word (a word that can be looked up in a dictionary)
    •   Can not contain any part of your name or account/login
  • Do not write passwords down
    • If you must write a password down, do not write the account (login) associated with it
  • Never share password or account information
    • If someone else requires shared access to your computer, contact the ITS Support Center
  • Never use a Colby account password with any non-Colby account (or non-Colby ITS managed account)
  • Use strong passwords (see the first line under Account and Password Security) on any account tied to personal, financial or otherwise sensitive information
  • Never use Colby passwords for such accounts on ‘junk’ accounts, such as hotmail or gmail.
  • Never send account or password information (in text form) through electronic text communication (email or chat/instant messaging) - use the telephone or deliver passwords in person.
    • “Phishing” attempts (usually e-mail and web scams) often ask for passwords, account and/or financial information (credit card or bank account numbers).  Visit the ITS fraudulent email page for more information on email scams.
  • Never have web browsers, e-mail or other programs save (or ‘remember’) accounts and passwords
    • If a web browser prompts to ‘remember me,’ choose ‘never.’
    • Regularly clear browser history, temporary files, and other stored information
      • Contact the ITS Support Center for assistance in configuring these options
    • If you suspect that your password has been compromised for any reason, change it immediately and notify the ITS Support Center.
    • Remember that if someone else can use your Colby computer because they have your password, they can also access all other campus resources to which you have permission.

Workstation and Computer Security

  • Require a password to log on to your computer
    • Never log on as ‘administrator’
  • Ensure there are no unnecessary accounts on the computer
  • Log off or password-lock computer when not in use
    • Set the screen saver to require a password
    • Lock the computer whenever leaving the workstation
  • Do not allow anyone else to use your computer unless they use their own account
    • If someone needs access to your computer, contact ITS support
  • Do not leave removable media (discs, CD’s, flash drives, etc) inside or connected to your computer if not in use
  • Secure your workspace by locking doors and windows as appropriate
  • Turn  your computer off at night (so it is off the network)
    • Check with ITS support if this conflicts with your backup schedule

Internet and Software Security

  • Regularly check for and download software updates
    • College-owned Windows computers will prompt for updates automatically
    • For non college-owned or Apple computers, check with ITS support
  • Employ anti-virus software
    • Ensure that it is kept up-to-date
      • College-owned computers have Sophos installed to automatically update and run daily; however, users should notify support if regular updates do not occur
    • Ensure that system scans are automatically run on a regular basis
  • Delete (never respond to) unsolicited emails or any messages from an unknown sender or source
    • Never send account or password information through email or chat/instant messaging
    • Never click an a web link in an unsolicited or unknown email, even if it appears to be from a legitimate source (such as a greeting card or retail company)
    • Never forward virus or other warnings to people other than support as the warning may actually be a hoax
  • Never download files (through a web browser or other means) or open email attachments unless you are sure of the provider/source and the contents
  • Do not click on web browser popup windows unless from a trusted source
    • Activate popup blockers within all browsers and only grant permission to trusted sites
    • Contact ITS support center if you constantly receive popups or any other browser behavior problems (such as a changed homepage or bookmarks)

Data Security

  • Be organized – keep track of where your data are, both on your computer and in physical form (CD/DVD, flash drive, paper copy, etc).
  • Verify access permissions for the folders in which you store files with sensitive information to make sure other accounts on your computer cannot access those files
    • Contact ITS support with any questions about access permissions
  • Backup all important data
    • College-owned computer owners, ensure that central backups are being made and contact ITS support if you have problems or questions
  • Password protect and/or encrypt files containing sensitive data
    • Assume that your computer will be stolen and that the thief will have access to all your files - what will they be able to access?
  • Securely delete sensitive documents
    • Use secure file deletion that overwrites the file, making it impossible to recover the contents

Network Security

  • Use the Colby VPN (virtual private network) when sending sensitive data (via web, email) or connecting to campus servers over untrusted network connections, such as:
    • Wireless networks (including the ‘Colby Wireless’ open network)
    • Off-campus networks (home DSL/cable networks, hotels, airports, other offices)
  • Turn off the wireless network radio in your computer when not in use to avoid accidental use and/or compromise
    • Contact ITS support for assistance on locating the on/off control
  • Be wary of any wireless networks (even those with registration or WEP encryption) especially those in public places (hotels, airports, businesses)
    • Use strong encryption (WPA or WPA2) whenever possible
    • If encryption is not available, use the VPN.
    • Do not use email client software (Eudora, Outlook, Entourage, etc.) over a wireless connection without first connecting to the VPN
  • Maintain awareness of wireless network connections and profiles stored in software
    • Avoid automatically connecting to open (and especially public) wireless networks
    • Do not store open/public networks in wireless profiles
    • Contact ITS support for assistance on managing wireless profiles