Safe Computing at NC State

The Internet allows new ways for thieves to exploit your personal information, so it is becoming increasingly important to protect yourself online. Someone intent on identity theft or some other illegal or malicious act isn't likely to use their own account. Instead, they'll want to hijack someone else's, and it could be yours.

There are a number of computer security measures in effect at NC State. However, the ultimate responsibility for access to your Unity account and password lies with YOU. The do's and don'ts on this page can help you stay legal as well as protect both your information and the persons you share it with.

Regulations, copyright and software licenses

Do read and follow NC State's Computer and Network Regulations and Rules.

Do understand and adhere to copyright laws. Copyright infringement is against university policy as well as state and federal laws. You are responsible for understanding what constitutes legal use of the materials you purchase or find on the Internet (e.g., text, recorded music, DVDs, images, software, Web site designs). It is illegal to download, copy, distribute or sell such works except as allowed by the copyright holder. If you electronically copy and distribute copyrighted work illegally, even if you don't benefit commercially from it, you can be criminally prosecuted under the No Electronic Theft (NET) Act of 1997, with punishment of up to three years in prison and a $250,000 fine.

Do read and follow the End User License Agreement (EULA) for each piece of software that you own or use. Violating it is against the law. Among other things, it tells you how many computers you can install the software on and how many copies you can make. Some software (e.g., Firefox) is freely available but copyrighted, so it is illegal for you to distribute it without permission.

Do be aware that under specific conditions, University officials have the right to examine personal electronic information stored on or passing through the University system.

Operating system and related programs

Do keep your personal computer's operating system up to date. Install all available security patches and bug fixes promptly. Windows Vista and Windows XP automatically alert you when new updates are available. For more information on automatic updates, see the Security Center, located in the Control Panel. To download updates manually for Windows, open Internet Explorer and select Windows Update from the Tools menu. For Macintosh OS X, choose Software Update from the Apple menu.

Do keep your applications, e.g., Web browsers, Microsoft Office, Instant Messaging programs, updated to patch any security flaws that may have been discovered. Some applications, e.g., Mozilla Firefox, will notify you when updates are available.

Do monitor the network services that are running from your computer and disable all those you don't need. Otherwise, your computer could be hijacked and used for illegal or commercial purposes without your knowing it. Most operating system Help menus include instructions on how to identify and disable unneeded services. Look under the keyword "servers" or "services." A weekly check is good.

Do stay informed about the latest security risks. For example, see http://securityresponse.symantec.com/

Antivirus

Do install antivirus software, available free to NC State students, faculty and staff for home and campus use. Download it from http://www.ncsu.edu/antivirus.

Do update your antivirus software and virus definitions every few days. This is extremely important, as new viruses and other threats are being created all the time. Your antivirus software can't detect threats it doesn't know about, so make sure it stays informed.

Password

Do change your Unity account password at https://sysnews.ncsu.edu/tools-obin/password-change as soon as you receive it. You will need to change it again at least once a year in order to use the MyPack portal. Also change it anytime you think someone may have seen you type it.

Do create a new password that meets the latest NC State requirements for security. See the page on Unity Password for details.

Do keep your password secret. Don't write it down or share it with anyone.

Don't access your Unity account from any computer that may have been programmed to log keystrokes and capture passwords; e.g., airport, Internet cafe. If you know in advance that you'll have an urgent need to use a potentially unsafe computer, create a temporary password to use just for that situation (allow at least one hour for the change to occur). Then create a new one as soon as you return to a computer you know is safe.

Log out

Do remember to log out of a computing session whenever you are out of eyesight of the computer and again when you are finished (e.g., lab workstation, kiosk, wireless connection, online service).

Downloads and email concerns

Do be wary of all email. Some fradulent email looks almost identical to what might come from your bank, stockbroker or other financial institution. It may entice you to enter an account number or password, which would then be stolen and result in financial loss. Don't respond to such an email. Instead, go directly to the Web site in question by your usual means and take care of your affairs there. Simply opening a fraudulent email may result in information-stealing crimeware being installed on your computer.

Do scan all downloaded files and email attachments for electronic threats before you open them.

Don't open email attachments that you weren't expecting or that came from someone you don't know. Viruses can hijack email addresses, so even an email that appears to be from a friend may be coming from somewhere else. If you are unsure about an attachment, check with the sender before you open it.

Don't click on a link inside an email that urgently claims that you need to update or provide personal information such as an account number or password. This is probably a phishing attempt. In addition, clicking on a link inside an email can result in a virus or similar threat being silently downloaded onto your computer. Avoid doing so unless you are expecting to receive such an email.

Other control measures

Do make wise decisions about who uses your personal computer. You can be held responsible for their actions.

Do make certain that your highly valuable information remains safe. For essential or difficult to re-create documents, such as your resume or research papers, make several backup copies. Keep a copy in at least these two locations:

• your network file space
• a separate, portable storage medium (e.g., CD, removable drive)

Don't attempt to gain unauthorized access to others' computers or accounts (hacking).

Do get a free copy of your credit report each year from https://www.annualcreditreport.com/cra/index.jsp to see if any unauthorized person may have stolen your personal information and used your accounts.

Do erase your hard drive using special software when you dispose of your computer. Deleting files does not erase them, and a knowledgeable person can retrieve them. Software for erasing your hard drive is available to students, faculty and staff.

For additional information on computing security, see:

• Free antivirus software and virus alerts
• C.L.E.A.R. Security at N. C. State
• Viruses and similar threats
• PureMessage @ NC State
• Identity theft
• Internet Fraud
• Phishing
• Vishing
• Spyware

Last updated September 13, 2007 by cawalker