Computer Security Tutorial Module 9 (Text-Only Version)

Home IT Security Awareness Computer Security Tutorial Module 9 (Text-Only Version)

Computer Security Tutorial (Text-Only Version)
Module 9: Additional Information and Resources

Current Campus I.T. Security Efforts

• UCSC's campuswide I.T. Security Program includes foundational policies and uniform minimum standards including:
  • Practices for the protection of restricted data
  • Password complexity and security guidelines
  • I.T. Security Awareness training (such as this tutorial)
  • The development of key technologies in support of compliance
    
    
• The I.T.S.Support Center is the central contact point for all Information Technology security breaches:help@ucsc.edu, https://itrequest.ucsc.edu, 459-HELP, 54 Kerr Hall

Protecting UCSC’s Networks

There is a high probability that inadequately protected computers will be breached if they are connected to the network.

• Computers posing a serious threat will be blocked or disconnected from campus network access
  • "Central campus network and security personnel take immediate action to mitigate any threats that have the potential to pose a serious risk to campus information system resources or the Internet. If the threat is deemed serious enough, the computer(s) posing the threat will be blocked or disconnected from network access."
    
    
• The “UCSC Guidelines and Procedures for Blocking Network Access” policy is available online at http://its.ucsc.edu/security/policies/blockingproc.php

Take Home Messages

1. Computer security at UCSC depends on everyone being responsible for the computing systems and data over which they have control.
2. Be wary of schemes to subtly or not-so-subtly get you to disclose sensitive or restricted information.
3. Use cryptic passwords that can’t be easily guessed. Never share your passwords, and don’t write them down.
4. Don’t open email attachments or click on web links in emails unless you know for certain that what you are opening is safe.
5. Be careful about providing personal, sensitive or confidential information on the internet. This includes Instant Messaging (IM) and chat rooms.
6. Always secure your computer before leaving it unattended, and make sure it requires a password to start up or wake up.
7. Protect Restricted and Sensitive data, and dispose of it securely.
8. Make sure your workstation has all necessary security “patches” and anti-virus software, and that they are kept up to date.
9. Don’t install unauthorized programs on computers.
10. Report suspected I.T. security incidents to your supervisor and the I.T.S. Support Center (459-HELP, help@ucsc.edu), or to security@ucsc.edu if neither is available.

Additional Resources

• I.T.S. Support Center- for general questions and information or to report security incidents: help@ucsc.edu or 459-HELP or http://its.ucsc.edu/support_center/
• I.T. Security Awareness Website: http://its.ucsc.edu/security_awareness/
• UCSC Password Strength and Security Guidelines: http://its.ucsc.edu/security/policies/password.php
• UCSC Practices for Protecting Electronic Restricted Data: http://its.ucsc.edu/security/policies/rd.php
• I.T. Security policies and guidelines: http://its.ucsc.edu/security/policies/

Additional Information and Resources Completion Cerificate

Other Training Modules:

Introduction to Computer Security
Social Engineering
Internet Privacy and Security
Practice "Safe Emailing"
Password Strength and Security
Ten Other Essential Security Measures
Protecting PII and Other Restricted Data
Reporting I.T. Security Incidents
Security Self-Test: Questions & Scenarios

Rev. January 2009