Computer security is a vital part of keeping your information, your financial records and your personal, digital life secure. Whether you are at work or at home, the university, your internet service provide, cloud services and social media companies all employ IT security techniques to prevent attacks and secure their systems and yours. 

As end users, in our roles of staff, student or customer we are all responsible for the devices we use or carry and the data held on them.

Below are a few basic tips to help secure your computer, be it a Windows PC, Mac or even Linux

Anti- Virus

A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over the internal University network or the external Internet, or by carrying it on a removable medium such as a USB drive. Viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer. Viruses are sometimes confused with computer worms and Trojan horses. A worm can spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a file that appears harmless. All viruses may cause harm to a computer system's hosted data, functional performance, or networking throughput, when executed. Some cannot be seen when the program is not running, but as soon as the infected code is run, the virus starts. That is why it is so hard to find viruses and other malware.

Most university computers are connected to the Internet and to local area networks, facilitating the spread of malicious code if not protected.

Are you at risk?

Some viruses attach themselves to outgoing messages or email themselves to all the people listed in your address book. The sudden flood of email overwhelms mail servers, causing the system to crash. Other viruses are more destructive and may lie dormant until a certain date, then spring to life to do their work. Sometimes a strange message appears on your screen, or data and programs may be modified. In the worst case, all the contents of your hard drive may be wiped out.

What can you do about it?

Avoid programs from unknown sources especially the internet, and by only using commercial software, you eliminate almost all of the risk from traditional viruses.

You should make sure that Macro Virus protection is enabled in all Microsoft applications, and you should never run macros in a document unless you know what they do.

You should never double-click on an email attachment that contains an executable. Attachments that come as Word file doc, spreadsheets xls, images jpeg or GIF, are data files, are non executable and can do no damage. However, you do have to be aware of macro viruses as mentioned above. A file with the extension exe, com, vbs, is an executable, and executable files if harbouring a virus, once executed (double-click) will do damage within its programmed remit. A file with the extension zip or rar can hide other file types, e.g. exe, luring you into false security. Opening one of these attachments may cause an infection.

What we do

The directorate of IT and Library Services (ILS), on behalf of the university, subscribe to Microsoft Endpoint Protection anti-virus software. This is installed on all staff and student computers and is regularly updated to give protection against the latest problems. We have installed scanning software on the main email servers that attempt to detect and quarantine suspected virus-enabled email. They are also setup to check outgoing email for possible infected mail.

We separate networks, give advice but occasionally a virus or a hoax message will get through and appear on your system. These hoax messages cause alarm and confusion and are often 'spoofing attempts' i.e. look as though they come from a legitimate site and ask for your username and password. Do not reply to these.

Hoax viruses, spam or junk email and email chain letters

Hoax viruses, email spam and email chain letters are all now part of our IT lives. One of the unfortunate by-products of our email culture is the receipt of unwanted emails, often a hoax:

  • Telling us about the latest computer 'virus'
  • Warning us not to open particular email messages
  • Asking us to forward 10 copies of the email to friends (or risk unspecified bad luck)
  • Junk emails advertising all sorts of online goodies (usually in bad taste)

Please do not forward these messages on to your colleagues, however worrying the warnings are.

For more information on hoaxes visit:

Anti-Spyware

What are the risks?

On its own, spyware tends to be more of an annoyance than doing any harm. However, if there are enough spyware programmes on your computer, they could affect its performance or internet connection. Spyware is getting more dangerous as it can inform hackers of your online habits, making you an easier target. Hackers can then block your computer's access to the original sites you regularly visit and redirect it to their own replicated versions. This means that when you sign in or try to purchase something from the replicated site, your passwords or banking details can be stolen.

Other types of spyware will use 'pop ups' to pretend to be something useful, such as a security alert about infections. If you click on the link provided, you risk falling into the trap, downloading a malicious piece of software or programme.

What can you do about it?

There isn't one solution that will remove all spyware threats - the best solution is to have two different spyware tools that perform regular scans.

Free anti-spyware tools  (Remember to update the software every time before you scan for threats.)

  • Microsoft Windows Defender - Protect against spyware, pop ups and slow performance
  • Spybot Search & Destroy - Use to detect and remove spyware
  • Lavasoft's Ad-Aware - Real-time protection against viruses, spyware, Trojans, rootkits, hijackers, keyloggers and more.

Firewall

The University provides a firewall to protect you whilst you are using our network.  It is on constantly in the background and you don't need to do anything. It will protect your computer from Internet threats (from outside of our network) but it does not protect you from other users within the University network, so if a user's machine within the University's network attempts to pass you a virus, malicious file or compromise your machine in any way, the firewall does not protect your individual machine. 

In instances where other individuals whose machines are on the same network as you contract a virus or are compromised, having your own firewall (in addition to the University one) will minimise the risk to your machine and provide it with an extra level of protection. University imaged computers operate a local firewall (the one built into Windows which staff cannot access to deactivate) although non approved university imaged machines on our network may not.

If you have a machine at home or are connecting your own or a machine which is not an approved university image one to the University's network (via wireless connection or wired Mac OS for example), you should make sure it has some kind of firewall installed. 

Please bear in mind that a firewall is not enough on its own to protect you and should be used in conjunction with other measures like anti-virus and anti-spyware packages.

As with all other types of security, it cannot protect you if you give your password to others, give permission for other machines to connect to yours (by doing that you're agreeing to let them through your firewall) or let someone else use your machine.  It will also offer limited protection against many viruses, spam, spyware.  Finally it cannot protect you against fraud or activity using 'social engineering' techniques or if you have it turned off!