UC Santa Cruz - Information Technology Services - IT Security Awareness - Computer Security Tutorial Module 3 (Text-Only Version)


Home About ITS Services ITS News Policies Governance ITS Staff Site Jobs Find An Answer Feedback

IT Security Awareness

UCSC | Campus Safety

Web Statistics by Google Analytics

Computer Security Tutorial Module 3 (Text-Only Version)

Home IT Security Awareness Computer Security Tutorial Module 3 (Text-Only Version)

Computer Security Tutorial (Text-Only Version)
Module 3: Internet Privacy and Security - Be distrustful when using the Internet

Internet Privacy

Privacy on the Internet is a growing concern, especially as more and more people are using it for their professional and personal business, socializing, and entertainment.

Social Networking and Blogs
Social networking sites (such as MySpace and Facebook), personal web pages, and blogs have also become notorious as public sources of personal information and uncensored opinions.

Do not reveal personal details or confidential info online. Assume that anything you post to these websites is public and could potentially be used against you.
- A good rule of thumb is to only post information you would be willing to write on a banner that is displayed in a public place.
- Seemingly innocent information about your interests, family, or history could be used by hackers for identity theft, or by stalkers or social engineers.
Also keep in mind that once you post something online, it can be very difficult to take it back. Even if you delete the information, copies can still exist on other computers, web sites, or in search engines.

Internet Privacy Cautions

Always remember: The Internet is not private.

Don’t give out personal or sensitive information to anyone you don’t know or who doesn’t have a legitimate need for it.
Don’t provide personal, sensitive or confidential information to Internet sites, surveys or forms unless you are using a trusted, secure web page.
- Get to these web sites by typing the web address in directly. Don’t click on links in unsolicited e-mails or cut and paste links from these e-mails.
- Remember that links and web sites that look legitimate, can really be bogus sites designed to steal information.
At a minimum, look for “https” in the URL and check for the little lock that appears in the corner on most browser windows to indicate that there is a secure connection.

Be certain you don’t put sensitive information in locations that are accessible from the Internet.
- Even unlinked web pages can be found by search engines.

Internet Security

The Internet can be a hazardous place. Without up to date system and security software, any computer is vulnerable to takeover and corruption. How many attacks to computers on campus do you think take place everyday?

Thousands of attacks per minute bombard our campus network.
An unprotected computer can become infected or compromised within a few seconds after it is connected to the network.

A compromised computer is a hazard to everyone else, too – not just to you. A couple of examples:

“Malware” is harmful software, usually installed without your knowledge. Here is one example of what malware can do if gets on your computer:

The malware reads email addresses on your computer…
Sends its own malicious emails using those addresses…
And the emails look like they were sent from the people whose addresses you have on your computer.

“Spyware” (a type of malware) can slow computer processing down, hijack web browsers, spy on key strokes and cripple computers. It is usually downloaded via the Internet without the user’s knowledge while using the web.

Internet Security Cautions

Just opening a malicious web page can infect a poorly protected computer. Make sure you know where you’re going before clicking on a link.
- Use only known, trusted, secure websites when you enter sensitive or personal information online.
- Instead of clicking on a link, look up the company (e.g. Google it) and go to their website independently.
Beware of scams, even on well-known sites such as ebay and craigslist.
To help avoid viruses, don’t use Internet Explorer unless you have a specific business need to do so. More secure alternatives may include Firefox and Safari, or ask your computing coordinator.

How about Instant Messaging?

Exercise caution when using Instant Messaging (IM), file sharing (P2P) applications or “chat rooms”

This area of the Internet is not private.
Do not reveal personal details or sensitive information via IM or while in a Chat Room.
Use separate passwords for IM, since it is generally insecure.
Maintain up-to-date virus protection and firewalls, since IM may leave networks vulnerable to viruses, spam and open to attackers / hackers.
- Talk with your computing coordinator or go to the ITS Security website (http://its.ucsc.edu/security/)for information about either of these.
Do not open files sent to you via IM or chat rooms.
- Viruses and other malicious code can be spread this way, and many anti-virus programs cannot detect viruses in IM/chat files .
  - Note: This also applies to files sent via peer-to-peer (P2P) programs!

A Special Note about Copyrighted Information

The University of California is committed to upholding copyright law. Copying, downloading, using, or sharing copyrighted materials, including movie, music and video files, must be with the permission of the copyright owner or in accordance with fair use laws.

You can be sued for copyright violations.
Information about UC’s commitment to copyright law: http://www.ucop.edu/irc/policy/copycommit.html
UC’s Copyright Education Web Site:http://www.universityofcalifornia.edu/copyright/

Internet Privacy and Security Completion Cerificate

Other Training Modules:

Introduction to Computer Security
Social Engineering
Practice "Safe Emailing"
Password Strength and Security
Ten Other Essential Security Measures
Protecting PII and Other Restricted Data
Reporting I.T. Security Incidents
Additional Information & Resources
Security Self-Test: Questions & Scenarios

Rev. January 2009