Desktop Device Protection

Protect Your Home Computer's Operating System

The protection of all home computers that have access to the University of Western Ontario network is the responsibility of the individual accessing the network.

You must ensure that your home computer system:

  1. Does not provide any unauthorized access point into the University network;
  2. Does not spread any virus infection to the University network;
  3. Does not compromise the network or any data on the University network in any way.

Protecting the Device

As technologies advance, computers, phones, tablets, laptops etc. are becoming more and more common. All these devices are capable of storing and processing large amounts of information. Once a unprotected device is lost or stolen there is little that can be done to retrieve or protect the data stored locally.

Listed here are some best practices to secure your device:

  • Use a firewall, either hardware or software;
  • Use updated antivirus software;
  • Keep up-to-date with patches and updates;
  • Protect against spyware;
  • Have secure passwords;
  • Use uwosecure-v2 wireless on-campus;
  • Use Western ROAMS at home.

Detailed information on each of these items can be found on this site.

General Recommendations

  • Think Security
    • Whenever using mobile data, always keep in mind the question:"What could happen if an unauthorized person gained control of this information?". Look for and try to use the most secure methods for handling data.
  • Don't be a target
    • Turn your system off when it is not in use. Your machine will be less of a target for break-in attempts, and less valuable as a 'robot' machine in a cracker's collection of compromised hosts.
  • Get training; understand your equipment
    • Read the instructions. New electronic devices have more features, which means that you will have more of a “learning curve” to be able to understand and use these items properly. Default settings are often the least secure for devices, and everyone who has the same device will have the same default settings. Read the manuals that come with your items and be sure you understand the settings and how to change the default settings, especially anything related to security.
  • Don't knowingly expose yourself to security threats
    • WTS strongly recommends you do not install Peer-to-Peer (P2P) file sharing software on your computers. Some Examples of P2P software are: LimeWire, Ares, Azureus, BearShare, BitTorrent, DC ++, eDonkey, E-mule, Gnutella, Kazaa, Morpheus, and WinMX. P2P technology can undermine network security and can leave computing devices open to threats ranging from violations of intellectual property laws (copyright), viruses, malware (malicious software) that is undetected by antivirus protection, password and data theft, to Denial of Service (DoS) attacks that flood the network with data and incapacitate computers. Many P2P programs install Trojans, backdoors and other privacy compromising software onto systems they are installed on. Besides the obvious copyright violations that can occur with audio/video sharing, you may be sharing personal information such as your e-mail password or bank account PIN number.

These recommendations help ensure a safe home computing environment and should be followed by all individuals who access the University network.

At a basic level, this means strong passwords, antivirus and antispyware software, consistent security updates, a firewalled router with Wi-Fi Protected Access (WPA2) enabled, encryption and backup.

Linux, Windows and Apple typically provide distributions that you can use without modification for most purposes; however, sometimes it's necessary to upgrade. The most effective way to mitigate a worm and its variants is to download security updates and patch all vulnerable systems.

Useful Links:

Home Security

Tighten security

Base installations of Operating Systems often have standard defaults that leave the system vulnerable. Find and use techniques to tighten the security of your system. Use and enable your firewall. Firewall Guide.

Disable File and Print sharing

Having file and print sharing enabled on your home computer makes your system vulnerable to intruders. Often your Internet Service Provider recommends disabling file & print sharing. http://support.microsoft.com/kb/199346

Use strong passwords

Having a strong password to access either your device, your email account or any other internet-based account helps mitigates the possibility of exposing sensitive data. Password guidelines

Secure your browser

If possible disable ActiveX, Java and JavaScript. Update your software as frequently as possible. Visit your vendor's website for more information on how to secure your home browser. Check this page for more information on how to securely configure a few of the most popular web browsers.

Secure wireless

Secure your home wireless network connection to prevent unauthorized use from outside.

Keep up to date with patches

Most vendors provide simple notification and update procedures. Even if you just bought brand new software or a brand new device, check for updates.

Check security

Windows Live Safety Center is a new, free service designed to help ensure the health of your PC. It checks for and removes viruses and spyware. It also improves your PC's performance by finding and removing unnecessary files. WTS recommends that you run the “Full Service Scan” provided by the Windows Live Safety Center service from Microsoft, found on this page: Microsoft Safety Scanner

Another security checking tool is the Microsoft Baseline Security Analyzer (MBSA). This tool can be downloaded for free from Microsoft and includes a graphical and command line interface that can perform security scans of your system. Microsoft Baseline Security Analyzer

Firewalls

A firewall can either be software based or hardware based.

A software based firewall is a complex but inexpensive program that filters information going both into and out of the computer. It will protect only the host on which the application is installed on and you can create inbound and outbound rules based on UDP and TCP ports. You can also create rules for a specific executable network access, regardless of the port number used.

A hardware firewall is a physical device that sits between your computer(s) and your network. It also filters the information going in and out of your computer. These are useful if there is more than one computer on your home network.

Use of a firewall is strongly recommended. It will effectively defend a computer from many of the most pervasive and dangerous network attacks. Used properly, it will keep out miscreants. However if the security measures are too restrictive, they deny access to legitimate users/ applications.

Currently there are numerous software and hardware firewall products on the market. Both are usually easy to deploy. You will need to follow the manufacturer's instructions for safe and secure configurations.

Know what and to who your home system is talking to and why. Be prudent in your choices, and know how to fix/ use your firewall so that you can correct any errors if you made the rules too tight or too loose.

Useful Links:

Spyware Tactics and How to Protect Yourself

Introduction to Spyware and Adware

Spyware

A spyware program is one that usually installs itself without user consent or with consent obtained in a misleading manner. Spyware monitors user activity and reports this information, confidential or not, back to its controller.

Adware

An adware program is similar to spyware, but its purpose is to force the display of advertisements on the infected computer. However, these definitions are loose as certain adware may go further by having spyware abilities and spyware may also display ads.

Symptoms of spware/ adware

  • Pop-up ads are appearing constantly.
  • Your brower's homepage changed unexpectly and cannot be undone.
  • New toolbars that you did not install appear in your browser and keep on reappearing even after uninstalling them.
  • Your computer may run significantly slower than what you are used to (so sluggish that the system produces errors and eventually crashes).

Spyware Tactics

Spyware and adware can infect a computer in many ways. They are often bundled with supposedly free software. Certain reputable freeware libraries have spyware/adware-free policies but this is not always the case.

They can also infiltrate computers via a rigged website where the only mistake of the user is having visited the site. This usually occurs when the browser executes an embedded ActiveX controller that secretly installs the spyware/adware. This technique is referred to as drive-by downloading.

At times, when a user visits a website they may suddenly receive a browser prompt requesting permission to install a piece of software that is needed to view the website. Many of these are actually attempts to introduce spyware into the system of the user. Users should always read the agreements before accepting the request.

Many spyware and adware programs are hard to detect and even harder to remove without dedicated antispyware software. Spyware uses a variety of techniques to elude detection and removal:

  • Process injection is when a piece of adware/spyware injects its code into a running program which allows it to bypass security restrictions, evade detection, make changes and self-regenerate even if its files are removed.
  • Watchdog processes monitor for any changes to the files of the spyware.  If the spyware/adware is terminated or has its files deleted or altered, the watchdog will restore and restart the spyware/adware.
  • File lock is a method used legitmately to prevent potential errors when multiple programs try to access the same resources or critical files.  This feature can be abused by spyware/adware to block its own removal.
  • Automatic update allows spyware/adware to change constantly to avoid detection.

Protection and Prevention

If you suspect that you have a spyware infection, launch Task Manager and mark down any suspicious processes you see. Perform a Google search on them. You will quickly find information on whether they are legitimate programs or not.

Install an antispyware program and run regular spyware scans with up-to-date signatures. Select an antispyware scanner carefully as some are not effective at all, or could possibly be spyware/ adware posing as legitimate antispyware software. Research products online before installing.

Read the license agreement prior to installing any software, especially free programs. Pay attention to sections related to "Sponsor Program", "Third Party Agreements", or collection of anonymous user statistics.

Keep your system up to date with the latest software patches. This prevents spyware from using security exploits to install itself.

Keep your antivirus program up to date with the latest virus definitions and run scans regularly. Some spyware are packaged with viruses, worms and trojans. Some are viruses themselves. The line separating malware grows grayer as technology advances.

Ensure that the firewall that comes with your operating system is running, or install a reputable firewall.

Configure your browser and firewall to either block ActiveX components or to ask for your permission before running them.

Spyware detection and removal tools:

Keep Up to Date with Patches and Updates

Keep the patches up to date! Most vendors provide simple notification and update procedures.

Check for patches for brand new software and equipment. New items often have undiscovered software issues, until they are released to the public. Even if you just bought brand new software or a brand new device, check for updates.

Operating System Updates

MacOS notifies you when updates are available. You have the option to always update automatically.

Linux uses Software Updater which is usually located in System Settings -> Software Management -> Software Updates.

Microsoft Windows Update service will scan a computer and provide the user with a selection of updates tailored just for their environment.  You can find this service by clicking the Start button and searching for Windows Update.

NOTE:  It is recommended that you upgrade to a current operating system to be able to take advantage of current services and current security patches.

Application Updates

For MacOS X, the following software updaters are available:

- MacUpdate (free to try, Paid) - https://www.macupdate.com
- Software Update - accessible from the Apple menu, will automatically open the Mac App Store applications and activate the Updates tab.  The application checks all the apps you've downloaded from the Mac App Store to make sure they're up to date. 

For Linux, we recommend yum and/or apt-get.

For Windows, we recommend using SUMo (Software Update Monitor) in conjunction with DUMo (Driver Update Monitor).  Both products can be found at http://www.kcsoftwares.com/?download.

Other Useful Links:

https://alternativeto.net/software/personal-software-inspector-psi/ (this link will list alternatives to FlexeraPSI (formerly SecuniaPSI) which has reached end-of-life and was formerly our preferred method for updating 3rd party software)

Sensitive Data

To ensure that you do not run the risk of unauthorized individuals gaining access to sensitive University information on your home computer, do not download Western confidential or proprietary information onto your home computer.  Ask yourself “Is it really necessary that I carry a copy of this sensitive information?”.  If the answer is no, then do not copy the information.  If it is mandatory that you have access to sensitive information, some basic steps need to be taken to ensure that the information is maintained with the highest integrity.

For more information about the Data Classification standard that has been formally adopted at Western.


Published on  and maintained in Cascade.