Tuesday, November 13, 2012

November 13, 2012

Hello, let me start by introducing myself. My name is Alexander Waitkus and I am the Point University Network Engineer. I have worked in the Information Technology field for over eight years and have worked in education and corporate environments. I have worked in many parts of IT including cleaning and building PCs, managing networks, designing and building networks, and managing servers. Currently, I manage the wireless and wired network at all of the Point University locations. We do quite a bit to secure our network and protect our users, from faculty and staff to students and guests.

Today, I am starting a series about the basics of computer protection and security. This is a broad topic, so we will start with the general and work to more specific topics. This series will have four parts: basic web security, basic personal security, reviews of antiviruses both free and paid, and tips and tricks about how to protect yourself and keep your devices clean. This will be a lot of information, and if you have any questions or would like to know more, please email ITSupport@point.edu.

To start the topic of basic web security, I am going to explain why we find it so important to protect all of our users from risks on the Internet. In the last five years, there has been a big shift from desktop devices to mobile devices. Most students no longer buy desktops for their dorms. They also no longer have only one device that can search the web. On average, students throughout the country have three mobile devices. These can include a laptop, tablet, phone and a handheld gaming device. All of these access the Internet and are susceptible to risks. With users accessing the Internet, email, banking information and games online, we needed to decide how to protect these users and their devices.

So, what are we in the Point IT Office are doing to protect you when you are on campus? With the main campus move to West Point, we started upgrading security at all of our locations with a firewall. We chose a next generation of firewalls. This firewall offers much more than just website blocking and network routing. The main reason we chose these firewalls is for data and personal protection. With the majority of students having at least two devices that access the Internet while on campus, we needed a sure way to protect students and their devices. The first way we are protecting you and your devices is with web filtering. Included in the URL filtering list that is used to protect you is botnets, spam sources, key logging and spyware and adware. Botnets are a collection of Internet-connected devices that have been infected so that a user or program can control or use the device's resources for hacking or spamming. Key loggers can track your keystrokes on a particular webpage or with everything you are doing. Next we offer anti-spyware and malware, as well as antivirus, at the edge of our network, providing added protection to your personal firewall and antivirus programs. Most threats are stopped here and never make it you your devices. We also participate in a program with our firewall vendor called Wildfire. This program allows us to send unanimous information to them with executable files and other known vulnerabilities to help find new instances of spyware, malware or viruses. In most cases, all threats are caught before they can infect.

We protect your devices on campus, but you should protect yourself off campus. Your mobile devices should be protected wherever you go, whether you are on your home network, your cell data, a friend’s house or an open guest network. Wherever you are, you need to be sure that your devices are secure. There are threats for Macs, iPhones/iPads, Android, Linux and Windows. You can easily secure yourself for free (with a little more work) or you can purchase software to protect your documents, emails, photos and contacts and to be sure that your devices run the way they should. The first way you can protect yourself is with the highest level of paid software; these are the Internet security suites offered by McAfee, Norton, Kaspersky and Trend. These can range from $29.99 to $49.99 per year, but with these total protection software programs, you don’t need anything else. There is free software that you can use as well, but they lack all the features and you may need to use multiple software types to keep your computer clean. The two best free antiviruses are AVAST and Microsoft Security essentials. These will keep most viruses off your computer and provide you with basic protection. With the use of free antivirus software, you will need some anti-spyware/malware software. The best on the market is SUPERANTISPYWARE and MALWAREBYTES ANTIMALWARE. Both are easy to find with a quick Google search and the free versions, if up-to-date, will keep you clean. The spyware/malware protection should be used once every week or two. The free versions do not allow scheduled scanning, but are user friendly and will scan all parts of your machine. There are other free programs out there, but these are the ones we at the Point IT office recommend. IPhone and Android phones have a host of antivirus programs available to them, a few of the top are for iPhone: Sophos, ESET and Trend, and for Android: Avast and Lookout.

Password Security is an important part of your personal/device security. There are those with one password for every account you have. This is looked down upon because if one account gets hacked, then the hacker has the password for all of your accounts. A good rule of thumb is to have a password of 10 characters, using numbers, capital and lower case letters and, if you can, some punctuation. An example may be Myp@2$woRd. There are programs you can set up on your phone, Android and iPhone, to store these passwords (KeePass for android and Password Manager Secret Server for iPhone). These apps let you only remember one password if you cannot remember multiple. You can also use programs to generate secure passwords for you.

Browser add-ons can also help secure your devices. For Internet Explorer, your options are limited: the built in pop-up blocker should be a must and the Web of Trust or WOT toolbar is a great way to filter websites based on reliability. Chrome offers many extensions to help protect you, and these include: WOT, Site Advisor, AdBlock, Site Advisor and Secbrowsing. Firefox also offers multiple choices; these include WOT, AdBlock Plus and BetterPrivacy. Safari also offers add-ons to help secure your web experience, and these include SafariBlock, and FB Ads Blocker. Depending on the browser you use, there are many options, but with the open source browsers, you do have more choices to help secure yourself.

Email security starts with knowing who is sending you mail. The biggest mistake most people make is opening emails or attachments from unknown senders. This junk/spam email may look legitimate, but in most cases it is used to gain information from you. This information can include your email account info, Social Security Number, other personal information, your contact lists, credit card info and other information so someone can use your information for their own gain. Some easy ways to avoid this include deleting email from unknown senders, never opening attachments from unknown senders, knowing that your bank will never ask you for any information over email. You can report these senders by moving this mail to your spam folder and your email provider will start flagging these senders as spammers and can help stop or disrupt the mailers. Your email security also affects others that you may send email to as well as your computer. Emails may contain viruses and other malicious software that can adversely effect your machine.