Working From Your Home Computer Safely: The Ten Commandments

1
Working From Your Home Computer SafelyThe Ten
Commandments

• Stephen Jones, GSEC, A
• With special thanks to
• Balakrishnan Ramachandran

2
1. Thou Shall Update the Anti-Virus Software On
Your Computer

• Secures you from viruses, spam email attachments
• Use McAfee its free
• Always update your virus definitions
• Schedule a daily scan of your hard drive for
  viruses

3
Exegesis 1st Commandment

• To install McAfee, go to http//www.umbc.edu/oit/d
  ownloads then scroll down to Antivirus. Pick
  the correct version for your operating system.
  Youll need to log in to myUMBC, but then you can
  install the software.
• To update McAfee, go to Start, Programs, Network
  Associates, Viruscan Console, double-click
  Autoupdate, and then click the update button. It
  automatically updates if youre on the Internet
  at the time indicated the time for the automatic
  update can be changed.
• To run a scan, follow above steps to get to
  Viruscan Console, double-click Scan All Fixed
  Disks.

4
2. Thou shall patch your Windows operating system

• Set your Windows XP/2000 for automatic updates
  (from Control Panel)
• Updates run in the background without affecting
  your work
• Periodically also check for updates for your
  Microsoft Office products

5
Exegesis 2nd Commandment

• To configure automatic updates in XP, go to
  Start, Settings, Control Panel, Automatic
  Updates. Choose to automatically download and
  install updates and pick a time when you know the
  computer will be on the Internet.
• In Windows 2000, follow the steps above to
  Automatic Updates. Then I recommend choosing to
  automatically download the updates and
  automatically install them at a time you know the
  computer will be on.
• For Office updates, open an Office application,
  go to Help, Check for Updates. The updates
  occasionally require that you have the
  installation cds.

6
3. Thou shall use Administrator privileges
rarely, but strong passwords always

• Create separate accounts for the people using the
  computer and give them User level privileges
  only. That includes you. Rename the
  administrator account dont let anyone other
  than you use it, and even then only when software
  needs to be installed. Disable all system
  supplied accounts (e.g., Guest).
• Strong passwords minimum 9 characters, with
  alphas (upper and lower case), numerics _and_
  special characters (e.g., asterisk).

7
Exegesis 3rd Commandment1st Rubric

• Creating accounts Log on as administrator. Then
  Start, settings, control panel, administrative
  tools, computer management, local users and
  groups, users. Then click on Action, New User,
  name the account. Click create and then close.
  The default privilege level is Users. Then right
  click on the account and assign a password.

8
Exegesis 3rd CommandmentRubric 2

• Do you have other people using the computer who
  will balk at only having limited privileges?
• If so, buy a computer for them and you use the
  safe one.
• Cant afford to buy another computer? Get your
  department to buy you one. (OIT is now
  discussing how to require departments to provide
  an OIT secured computer to persons working from
  home.)
• Department wont buy you a computer but other
  people at home will balk. Then its safe to
  assume that your home computer will be hacked and
  youll lose everything on it. Ouch!

9
Exegesis 3rd CommandmentRubric 3 (optional,
follow cautiously)

• Rename the administrator account/disable all
  system supplied accounts/create a dummy
  administrator account
• Follow the directions to get to Users in the 1st
  Rubric. Right click on the administrator account
  and select rename. Give it an ordinary sounding
  name. This will slow down hackers.
• Disable all other system supplied accounts (right
  click, properties, disable this account).
• After renaming the Administrator account, create
  an account named Administrator. Right click, go
  to Properties, Member of, Add, Advanced, Find
  Now, click on Guests, then click ok twice, then
  highlight Users, then click Remove. Then give it
  a strong password. This will also slow down
  hackers.

10
4. Thou shall use a Firewall

• Firewalls protect your PC from intrusions and
  hack attacks
• Install Service Pack 2 for Windows XP which has a
  built-in firewall
• You can also try Zone Alarm or McAfee Firewall to
  protect your computer, but this is recommended
  only if you have time to get them working
• Check for constant updates

11
5. Thou shall install anti-spyware software

• Spyware is software that sends personal data to
  the internet without your knowing it
• You are normally unaware that it has been
  installed and that it is running
• Update anti-spyware software and scan your
  computer daily

12
Exegesis 5th Commandment

• Currently the best free anti-spyware package, and
  one of the best free or otherwise, is Ad-Aware.
• http//www.lavasoft.com

13
6. Thou shall use a router if you using a
high-speed (cable, DSL) Internet connection

• Router is a device that allows you to connect
  more than 1 computer to your high speed Internet
  connection
• Most router models act as a Firewall to your
  entire home network
• It adds an extra layer of security to your
  software based firewall

14
Exegesis 6th Commandment

• Routers are relatively inexpensive - lt100,
  frequently 50 with rebates
• Linksys routers are fairly easy to set up
• Best to connect to them with Ethernet cables and
  not use wireless
• Want to use wireless? See 7th Commandment

15
7. Thou shall not provide free wireless internet
to thy neighbor

• If you use the wireless function on a router, the
  signal can cover a large area, potentially
  extending 150 feet in all directions (whether or
  not there are walls).
• Read the wireless router manual while setting it
  up and enforce some measure of security to access
  your Internet connection. Your neighbors/people
  driving by on the street can still see the
  network, but if you use the security provided, it
  will be very difficult for them to use your
  internet connection, or, even worse, eaves drop
  on your network traffic. Again, OUCH!
• If the router offers it, the best method is to
  use a hardware based access control list.

16
8. Thou shall use a VPN whenever applicable

• VPN is a virtual (i.e., software rather than
  hardware base), secure connection between your
  home computer and a server through the internet
• VPN software needs to be installed and enabled at
  both ends
• At UMBC, the main function using VPN connectivity
  are financially related, e.g., PeopleSoft.

17
9. Thou shall back up thy files and use good
surge protectors/ uninterruptible power supply

• CD/DVD recorders are now about 75. If you dont
  have one, buy one and use it to back up files
  from your hard drive.
• An old adage when do floppy disks fail? When
  you need them.
• At a minimum, get a surge protector that really
  works and isnt just an extension cord (35).
  Better yet get a UPS (uninterruptible power
  supply), which is both a surge protector and a
  line conditioner (power sag/brown out
  protection). A typical home computer needs one
  that supplies 650-725VA (150-200).
• http//www.apc.com is a good site.

18
10. Thou shall always use your computer
intelligently

• Dont install software from unknown publishers or
  websites
• Dont give install rights to users who are not
  very savvy
• Periodically change your passwords
• Follow Commandments 1-9.

19
Thank you for your Time.

• Stephen M Jones
• Manager, Library Computing Services
• stjones_at_umbc.edu
• 410-455-3040