ComputersWhat is computer science without the computers? We all have one (or 5), but what can we do to keep them safe?
- Keep your software up to date: Installing software updates is essential to protecting your devices. Attackers tend to use exploits written for known patched vulnerabilities. Consider turning on automatic updates for your operating system and programs, and reboot/restart programs as necessary to make sure you're running the latest and greatest.
- Control access to your machine You should know and trust anyone who has access to your machine, especially admin access. Related to this, don't give your account's access to someone else, and especially don't leave your machine unattended and logged in! You are giving free reign to any passer-by to be you until you come back.
- Practice software hygiene Install software from reputable sites, and don't run anything you wouldn't bet your data on. Use an antivirus to scan files you download, and/or scan them with a service like VirusTotal. CSE also offers students, faculty, and staff free or discounted access to an array of licensed software (see the CSE's Software page) in addition to what you can get from the UW's UWare site.
- Firewall your machine Using a firewall lets you control what network traffic in or out of your machine is allowed. It's a good generic layer of defense that most modern operating systems ship with installed by default, but it may not be on by default. In an ideal world, you wouldn't actually need a firewall because each service would be correctly configured and never have any bugs that compromised that configuration.
- Protect laptops and other mobile devices from theft, protect them with a login password, and enable encryption when possible.
SmartphonesSmartphones are the computers in our pockets. They contain significant information on who you are, where you've been, and who you talk to.
- Encrypt the device to help protect the information from being accessed by unauthorized individuals if the device is lost or stolen.
- Select an alpha-numeric pass code or PIN to limit unauthorized access to the smartphone. Do not share your pass code or PIN with other individuals.
- Lock automatically after a few minutes of inactivity (for example between one and five minutes). The pass code or PIN should be required to be entered in order to unlock the smartphone.
- Configure the smartphone to completely erase itself or “wipe” after multiple consecutive incorrect attempts (for example 10 invalid pass codes or PINs)
- Configure remote wipe for your device. This can be accomplished through functionality in current versions of Microsoft Exchange, or through your cellular provider or phone manufacturer
- If the smartphone uses a SIM card, then configure SIM PIN and configure the smartphone to require the SIM PIN whenever the SIM card has been replaced.
- Back up the information stored on the smartphone on a regular basis to help recover the information in the event that the smartphone is lost or stolen and you initiated a remote wipe, you forget the pass code or PIN, or the pass code or PIN is accidentally entered incorrectly multiple times in a row and you have set the above wipe or erase feature.