Information Technology Services

Service Catalog       CIO       ITS Hours       Contact       Site Map                   

• About ITS
• Accounts
  • New NetID
  • NetID Information
  • Other Accounts
  • Password FAQ
  • Change Password
• Communication Services
  • Voice Communications
  • Cellular
  • Cellular Calling Plans
  • Long Distance
  • Calling Cards
  • Pagers
  • Telephones
• Computer Labs
  • Pods & Classrooms
  • Location Map
  • Hours
  • Holiday & Break Hours
  • Classroom & Conference Scheduling
• Email
  • Email Access
  • Webmail
  • Mailing Lists
  • Targeted Mailings
  • Spam
• General Services
  • Backup & Recovery
  • Calendar
  • Equipment Recycling
  • Hardware Maintenance
  • Instructor and Course Evaluation System
  • Mailing Labels
  • Test Scoring
  • Vendors
  • Conferences
  • Surveys & Elections
  • Other Campus IT Services
• Network & Internet
  • Blocked Ports
  • Branch Network
  • Dialup
  • National Lambda Rail
  • Network Backbone
  • Network Tools
  • On Campus
  • Resnet
  • Wireless
• Documentation
  • Design Guidelines
  • Instructional Guides
  • Voicemail
  • Login
  • Telephone User Guides
  • Quick Refs
• Security
  • Best Practices
  • Credit & Identity
  • Malware Information
  • Report Incident
  • Security Information
  • Virus Information
• Software
  • Software Distribution
  • Supported Software
  • Downloads
• Support
  • ECC
  • FastInfo
  • Newcomer's Guide
  • Support Center
  • Training
  • Voice Services Forms
  • Web Authoring
  • Contacts
• System Status
  • ITS Alerts
  • ITS Voice Alerts
  • ITS Network Alerts
  • Link Alerts
  • sysinfo-l

Desktop Security

Prevention is the best protection against computer vulnerabilities.

As a member of the UNM computing community, it is your responsibility to help keep computing resources safe and available for use.

Workstation & Data Security
OS & Software Updates
Malware & Phishing
Firewall
Backup
Copyright
Resources

Watch IT Security Basics presentation by Mike Burlison and Erica Gallegos, Security Days, October 2007

Workstation & Data Security

• Require password to log in to your computer.
• Change Administrator account name.
• Disable Guest account.
• Enable a screensaver/screenlock that requires a password when away from your computer.

• AVOID Windows file sharing. Use the Briefcase at my.unm.edu for file sharing.

• Encrypt files containing sensitive data where required, e.g., Social Security Numbers.

• Ensure the privacy of PERSONAL information. DO NOT store unencrypted sensitive personal information on computers. Encrypt sensitive personal information on removable media.

• Run the Microsoft Baseline Security Analyzer (MBSA). The MBSA is a simple tool that runs on Windows computers to determine the status of security settings and security updates. Please defer to any IT Support your department may offer when making changes to your workstation.

• Manage your Windows login: http://its.unm.edu/howtos/625.html
• Manage your Macintosh login: http://its.unm.edu/howtos/725.html
• UNM Portal: http://my.unm.edu
• Encrypt documents with PGP: http://its.unm.edu/security/pgp/
• ITS Desktop Security Guide: http://its.unm.edu/security/dsg.html
• MS Baseline Security Analyzer: www.microsoft.com/technet/security/tools/mbsahome.mspx
• ITS Security: http://its.unm.edu/security/

Back to Top

OS & Software Updates

Be sure to get all available critical updates and security patches for your operating system. Remember that an Internet connection is required, whether the automatic check feature is enabled or you manually check for updates.

Windows XP operating systems include an update feature, Start> Windows Update that connects to Microsoft’s Web site. (Internet Explorer is required.)

Macintosh OS X updates are available via Apple Menu> Software Update or, Apple Menu> System Preferences, click Software Update (if you’ve disabled automatic checking). If you have automatic checking enabled, set it to daily or weekly.

Most software companies provide incremental updates via their web sites, e.g., a security vulnerability may be discovered in an instant messenger program and the company will release an update to correct the problem. Check weekly for available updates for all applications.

• Microsoft updates: http://windowsupdate.microsoft.com
• Apple (recent) updates: www.apple.com/support/

Back to Top

Malware & Phishing

Malware (malicious software) is an umbrella term for any program or file that is harmful to a computer. Therefore, malware includes viruses, worms, Trojan Horses, adware and spyware.

In general terms, a virus appends or otherwise alters a file, while a worm resides in memory and self-replicates via unpatched vulnerabilities which consumes system resources. Viruses originally spread through removable media; more recent viruses and worms spread through network connections, exploiting vulnerabilities in operating systems, programs, and particularly email applications and web browsers.

Trojan Horse programs can be used by another remote computer to gain administrator rights to the desktop computer on which the Trojan is installed.

Spyware and adware describe malware applications that can be installed on your computer with or without your knowledge. The least damage these programs do is track what web sites you visit, and send that information to advertising companies. The more malicious programs can collect your personal information (email address, credit card number(s), Social Security Number) when you fill in forms on the Web, and send that information to criminals who then use the information for indentity theft.

Phishing is when carefully crafted Web pages and email messages falsely represent known and trusted sources, e.g., banks, credit unions, PayPal, to scam a person into divulging personal and financial information.

• Never open unsolicited or unexpected email attachments. A virus can be attached to an email with any subject, from anyone, even those with whom you correspond regularly.

• Buy and install antivirus software and keep the definition files up-to-date (check your specific software for version update and definition update procedures). Scan your computer daily for viruses.

• Anti-malware products available free for UNM-owned and for home computers include: Spyware Blaster and WinPatrol. Ad-Aware is available free for home use only, departments may purchase Ad-Aware from Software Distribution with a departmental or open PR.

• Like antivirus software, definition files for malware detection software must be kept up-to-date. See your specific anti-malware software for updating procedures.

Malware removal can be difficult. Contact the ITS Support Center (277.4848) for help.

• Spyware Blaster: www.javacoolsoftware.com/spywareblaster.html
• WinPatrol: www.winpatrol.com
• Ad-Aware: www.lavasoftusa.com
• More About Malware: http://its.unm.edu/security/malware.html
• Support Center: http://its.unm.edu/support/
• ITS Antivirus info: http://its.unm.edu/security/virus.html
• Virus/worm attacks affecting UNM: http://itsalerts.unm.edu
• UNM Credit & ID Protection: http://www.unm.edu/ID/

Back to Top

Firewall

ZoneAlarm is workstation software that helps protect Windows from malicious network activity. ZoneAlarm can provide additional network protection. ZoneAlarm is available from ITS Software Distribution, see http://its.unm.edu/swdist for current pricing (departmental or open PR). Visit the ZoneAlarm Web site (follow the Download & Buy or Free ZoneAlarm and Trials links) for more information about a gratis license. Personally owned computers may qualify for a free license.

Windows XP (Service Pack 2) installs a firewall that is automatically enabled. ITS recommends using this firewall if you are not using other firewall software.

• http://its.unm.edu/zonealarm
• www.zonelabs.com/store/content/home.jsp

Back to Top

Backup

Back up your important data. In the worst case, your computer could be seriously compromised and you could lose all your data. A backup ensures that you will have your most important files available. 20MB of space is available with the Briefcase feature at myUNM. Newer computers ship with CD and/or DVD writers and CDs/DVDs will store from 750MB to 9GB of data. The newest zip drives and disks will also store about 750MB of data. Removable media like CDs/DVDs or zip disks will meet most needs for larger data backup requirements. If you need to back up a larger amount of data, consider an external hard drive. If you prefer a more compact storage option, consider a 1 or 2GB USB flash (thumb) drive. Find basic instructions for burning multi-session data CDs at the ITS Web site.

• Windows (Roxio): http://its.unm.edu/howtos/617.html
• Macintosh: http://its.unm.edu/howtos/717.html
• SyncBack Backup Freeware: www.2brightsparks.com/freeware/freeware-hub.html

Back to Top

Copyright

The following information is provided by the University Counsel’s Office.

The Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA) are aggressively pursuing copyright violations effectuated through Peer to Peer (P2P) software like Kazaa, et al.

For several years, the RIAA has been filing lawsuits that included claims against individuals using computer networks at universities around the country. This year, the RIAA has specifically threatened lawsuits against individuals using UNM’s network.

Statutory infringement penalties for these cases (as provided for in the Copyright Act), can range from $750 to $30,000 per infringed work, though the amount may be raised to $150,000 per infringed work in cases of willful infringement.

While there are legitimate uses of file sharing technology, it generally is not acceptable to share copyright protected MP3 files over the Internet via P2P software. Neither the fact that the technology makes it easy, nor the fact that it is done for free, is a viable defense to a copyright infringement suit.

UNM Legal Counsel has assembled information on the DMCA, the TEACH Act, and “fair use” issues so that students, faculty, and staff can be aware of how best to protect themselves from legal action.

• P2P information: http://www.unm.edu/~counsel/research/copyinfo/cyberspace.html
• Copyright information: http://www.unm.edu/~counsel/research/copyinfo.html

Back to Top

Resources

• http://itsalerts.unm.edu
  ITS Alerts lists current issues affecting multiple clients/buildings, security threats and other major computer-related problems affecting the UNM Campus.

• http://fastinfo.unm.edu/
  Find answers to your computing problems online.

• http://its.unm.edu/download
  Some licensed software and other freeware for use at UNM (NetID required).

• http://its.unm.edu/swdist
  Find available software for faculty and staff only (UNM computers) for purchase (PR required).

• http://its.unm.edu/support/
  ITS Support Center hours and contact information.

• http://list.unm.edu/archives/sysinfo-l.html
  ITS Systems Information and Announcements (weekly archives).

• http://isc.sans.org/
  Internet Storm Center. A cooperative cyber-threat monitor and alert system.

• http://www.cert.org/
  Up-to-date information on current Internet vulnerabilities and activities.

Back to Top

The University of New Mexico, Albuquerque, NM 87131, (505) 277-0111
Copyright © 2005 The University of New Mexico. See our Standard Disclaimer and Copyright Information Page.
In accordance with the Americans with Disabilities Act, the information in this site is available in alternate formats upon request.
Comments to ITS Web Team