Securing Windows Systems
Microsoft Windows is one of the most widely used Operating Systems ever. The great popularity of the feature-rich operating system has come at a price: With millions of lines of code in Windows, the Operating System has required hundreds of patches to ensure that it can be securely used on the Internet.
Unsecured computers that are directly connected to the Internet pose a threat to all users of the network. By compromising a single computer on a network, it may be possible an intruder to gain access to files, gather personal information, and disrupt the normal operations of the network. It is therefore imperative that we take precautions when connecting any computer to the campus network and Internet.
There are several steps one should take to ensure to secure a Windows computer when connecting it to the campus network:
- Activate the Windows Firewall before connecting the computer to the network. Attacks can happen very quickly once a computer is connected, often with in minutes or even seconds. You may not have time after plugging in the network cord to activate the firewall before your computer is compromised.
- Apply all current patches via Windows Update. It may be necessary to reboot the computer several times during this process. You should repeat this step as needed until there are no more critical or recommended patches that need to be applied. You may be able to simplify this step by running our BUVS tool.
- Turn on Automatic Updates so that your computer will continue to receive patches as they are released.
- Make sure all local accounts including the built-in local administrator or owner account have strong passwords. A strong password will be 6 or more characters in length, contain both numbers and letters as well as special characters, and not be found in a dictionary. Microsoft has advice on how to create strong passwords.
- Install and use virus protection software.
- Install and use spyware removal software.
It is important to realize that the methods used to compromise computer security are constantly changing. Minimizing your computer’s risk of compromise is therefore not a one-time task. It is instead a process that must be repeated and reviewed to ensure your computer remains secure.
Learn about IS&T’s mailing lists for computer administrators and join those that are appropriate for you. Also subscribe to your vendor’s security notification service. In addition to Microsoft Technical Security Notifications, most software and hardware vendors have some sort of means of notifying their customers when security patches and or upgrades become available. Make sure you and your IT staff are on the list to receive relevant notifications.
Keep your software current. Many vendors, Microsoft included, only make security patches available for the most current releases of software. Be sure to know your vendor’s policies and plan accordingly.
Every piece of software installed on a computer adds to the risk of compromise. Some software will install unexpected extras that may include viruses, spyware, or just unseen components that may be compromised later to gain access to your system. Unneeded software will often be neglected and left without updates, eventually leading to a compromise through neglect. Therefore we encourage you to install only the applications you need and only from trusted sources. When installing new software, be sure you have a backup of your system and do not install unknown software on critical servers.
Web browers and instant messenger clients are a common source of malware. While these products are often inextricable from a desktop system, their use on a server system should be carefully avoided. Many unpatched vulnerabilities exist for today’s browsers and websites with malicious code hidden within exist just waiting to trick unsuspecting users into accessing them. When using a web browser as a user with administrator privileges be sure to only browse known websites such as www.microsoft.com.
Protect University Data!
University data, including student data, financial records, and health information require special protections and handling. Contact your Data Security Administrator for advice on safe handling of university data.
Do not install any unnecessary applications or free/share ware on any system you care about or can not easily restore from scratch.
Many modern viruses are taking advantage of all versions of instant messaging applications such as IRC, MSN, and AOL to install trojan and spyware software on systems without your knowledge. Applications of this nature have no business on a workstation housing university data. Use caution when using any application of this type and be sure to read the product documentation indicating how to secure the application on workstations determined to benefit (if any) from this type of application.
Refrain from browsing the web from a “critical” workstation. Use caution when browsing any untrusted websites.
Promote Awareness about Computer Security
Many of our incidents originate from end-user actions whether they have installed new software, answered a phishing email, or disabled antivirus software. Computer administrators cannot hope to keep computer secure unless we make computer users more aware about the importance of computer security.