Information Technology Security Office . . . . . . . . . . . . . . . . . . . . . 703-993-4183
The Information Technology Security Office is committed to presenting technology security awareness sessions to anyone associated with George Mason University. If you are interested in learning more about this educational opportunity, visit the IT Security web site at http://security.gmu.edu. The web site also features links to security news; rules and regulations; system administrator resources; information about spam; security tips; virus alerts; and much more.
What You Can Do To Minimize IT Security Risks
Security awareness training is the most effective means of securing the world’s cyberspace. The adage “think globally and act locally” aptly applies to cyberspace and its legion of users because IT security is difficult to achieve unless a cooperative and layered approach is employed by everyone. IT security begins with collective user awareness and shared responsibility. George Mason University’s central computer support group, Information Technology Unit (ITU), works cooperatively to secure the enterprise systems and the network infrastructure. It is the individual user’s responsibility to understand the university policies and apply safe computing practices when using Mason’s resources. Secure computing practices for Window’s desktop users are suggested below.
Familiarize yourself with the Responsible Use of Computing (RUC) Policy 1301 found online at <http://www.gmu.edu/facstaff/policy/newpolicy/1301gen.html>.
Profile of a Responsible Computer User:
Knows what policy governs all computer use at George Mason University.
The Responsible Use of Computing Policy 1301 was written to preserve the security, availability, and integrity of Mason’s computing resources, and to protect all users’ rights to an open exchange of ideas and information. The policy sets forth the responsibilities of each member of the Mason community in the use of these resources. The full text is available at <http://www.gmu.edu/facstaff/policy/newpolicy/1301gen.html>.Knows where to find technical assistance at Mason.
A resident technician program is offered during the regular academic year (fall and spring semesters) to provide computer support for resident students. See http://itusupport.gmu.edu/restech and click on About for more information about the Resident Technician Program. The Res Tech Hotline is (703) 993-5111, and you can also report problems from the Resident Technician web page by clicking on Contact Us.
Knows that Mason has a site license for Symantec AntiVirus Software.
If you are affiliated with George Mason University, you are entitled and encouraged to install and use Symantec AntiVirus software both at the office and at home. A copy is available to download from the ITU Support web page or you can drop by Patriot Computers in Johnson Center, Room 115 to pick up a CD ($10). Call Patriot Computers at 703-993-4100 for additional information.Verifies that their AntiVirus Software is up to date.
George Mason University has a Site license for Symantec AntiVirus. Go to http://itusupport.gmu.edu and click on "Downloads" to get a copy of Symantec. AntiVirus software needs to be regularly updated to be effective. Malicious virus and worm writers are constantly letting loose new strains. Symantec AntiVirus (NAV) has a feature called “Live Update” allowing you to get the latest virus definitions. Once you have installed the program, click on File, then Schedule Updates.Knows what Windows Update is and regularly uses Windows Update to protect their systems from vulnerabilities.
Microsoft has created a web site that checks for the latest service packs and security patches customized for your operating system. Often 4 –6 patches a month are released. If you fail to update your computer regularly, a compromise can occur. Instructions on how to use Windows Update are available at <http://itu.gmu.edu/security/practices/MSupdate>.Creates “hard to guess” passwords.
The best passwords are pass phrases. Pass phrases include uppercase and lowercase letters, numbers, or symbols. “Cracking” a user’s password or the administrator account is easy if your password is a word found in any dictionary, in any language. Intruders have files at their disposal that contain almost every word known in any language. They feed those into a program that attempts to “guess” your password and voila’. Make it harder for them by using a pass phrase. Read <http://itu.gmu.edu/security/practices/guidelines.html> for additional guidelines on how to set passwords.Shuts down their system or logs off when away from the computer for an extended period of time.
Hackers routinely roam the Internet looking for untended machines so they can exploit any available backdoors to do malicious and destructive damage. To prevent this from happening, make it a habit to log off when you are away from your computer for an extended period of time.Archives important files by copying to disk or CD.
Remember to back up the data you use on a regular basis. “Archive” data on to a memory stick. Label and date the copy and keep it somewhere safe.Avoids identity theft by following the basic precautions listed below.
- Never gives out passwords
over the phone, e-mail, or chat session, not even ITU staff.
- Doesn’t share passwords,
writes them down or leaves them on or near their computer or under keyboards.
- Sets screen saver password
to lock after 10 minutes of inactivity
- If your login site was
reached through an Internet browser, don’t forget to log out or
close the browser, especially when using public computers!
- Never uses the Internet
browser or mail application feature to “remember” passwords.
Responsible computer users do not hesitate to ask for assistance. Call ITU Support with any questions or concerns 703-993-8870.
Last Revised: May 15, 2007
