Information TechnologySecurity > Security Basics

Security Basics
Anyone who is connected to the internet should know about security. Take time to educate yourself on these issues. Vigilance is the best defense against system vulnerabilities.
How to Protect Your System
Ensure anti virus software is installed and up to date. If your work computer is out of date please contact the Help Desk. RMU also provides Sophos Anti Virus free of charge to all staff for home use. Remember, Anti Virus Software scans need to be run regularly in order to be effective.
www.rmu.edu/sophos (Login Required)

Ensure that your firewall is turned on. To check your firewall, go to Control Panel, System and Security, Windows Firewall, and then select “Check Firewall Status”

Keep your operating system up to date. The best way to do this if you are using Windows is to turn on auto update.

Data Backup
Backup Utility for Windows - This option also comes built into the Windows operating system. The utility creates a single backup file of all of your data, which you can store on your hard drive, a USB Key, an external hard drive, or burn to a CD or DVD. You can also use the same utility to restore your data from the backup file, should your data become corrupted or lost.

Third Party Backup Software - The best option to backup important files is to use Google Drive. You can save every kind of document here up to 10 GB in size, as well as photos.

Minimize unauthorized access to your accounts and computer
  • Never share your login ID and/or passwords
  • Remember you are responsible for any activities associated with your login and password.
  • Use strong passwords with both upper and lower case characters (e.g., a-z, A-Z) as well as digits and punctuation characters e.g., 0-9, !@#$%^&*(
  • Passwords should be at least 8 alphanumeric characters
  • Passwords should not be a word in any language, slang, dialect, jargon, etc.
  • Passwords should not be based on personal information, names of family, etc.
  • Passwords should never be written down or stored online. 

Malware
  • Malware is short for “malicious software." It includes viruses and spyware that get installed on your computer, phone, or mobile device without your consent. These programs can cause your device to crash and can be used to monitor and control your online activity. Criminals use malware to steal personal information, send spam, and commit fraud.
  • Keep your computer's OS and software current.
  • Configure your computer to update its operating system automatically and keep applications up to date.
  • Don't click on any links or open any attachments in emails unless you know who sent it and what it is
  • Download and install software only from websites you know and trust.
  • Use a pop-up blocker and don't click on any links within pop-ups.
  • Run regular virus scans and keep virus software up to date.

How to Protect Your Physical Self
  • Critical data must be protected from threats such as unauthorized physical access, theft, or destruction. 
  • Always keep laptops secured, do not leave them in a public place or exposed in a vehicle. Use cable locks if it is exposed to the public eye. 
  • Shred all papers that contain personal/sensitive information that are no longer needed. If they are needed, lock them up. 
  • Do not leave computers logged in if you are away . Always press “Windows key + L” OR “Ctrl +Alt + Delete” and click “Lock Workstation”. 
  • Never permit individuals into access controlled areas without proper identification or authority. Always check if you are suspicious. 

Social Engineering/Phishing

Attackers using social engineering techniques often use the telephone to convince network users that they are trusted partners, such as co-workers, information technology staff, or supervisors. These “trusted partners” often gain access to your computer or network by simply asking you for your password to gain access to your confidential data which can then be compromised. When internet fraudsters impersonate a business to trick you into giving out your personal information, it’s called phishing. Don't reply to email, text, or pop-up messages that ask for your personal or financial information. Don’t click on links within them either – even if the message seems to be from an organization you trust. It isn’t. IT Services and legitimate businesses will NEVER ask you to send sensitive information through insecure channels.