 |
| Top Ten Personal Computer Security Requirements
Kent State University recognizes the need for vigilant
security measures necessary to maintain the integrity of the electronic
information produced by the university community. As information technology is
often changing, the university recognizes the need for an office dedicated to
ensuring that university information services are secure and utilized properly.
Members of the University community must be aware of any federally-protected
data (FERPA, HIPAA, GLBA) and of other sensitive data such as Social Security
Numbers that is stored on their workstations and servers and take these
mandated steps to protect it. Those that do not have protected data must still
comply with steps 1 - 7 to ensure that their workstations do not become
compromised gateways that can be used to attack other university assets.
Information Services will work with all departments to
assist them in becoming compliant with the appropriate mandates. The federated
desktop support model will be leveraged to assist in this effort. Compliance
will not be forced in a manner that would adversely affect the operations of
any one area, but will be accomplished cooperatively in order to impact
efficiencies in the least way possible.
- The operating system (OS) must be patched and up-to-date.
- You must subscribe to automatic updates if that feature
is available for your workstation or server.
- In cases where automatic updates would interfere with the
integrity of research, violate support agreements, or interfere with
critical application software, exceptions will be granted after review by
the Office of Security and Compliance.
- You must run an anti-virus product and make sure that you
update the signature file on a daily basis.
- You must regularly run an anti-spyware product such as
Spybot.
- Your workstation must be password protected.
- All default or blank password entries must be removed. Use
strong passwords that contain a combination of letters, numbers and
punctuation marks. Do not record your password and save it in a location
near your workstation. Do not share your password with others.
- Your
University workstation must be physically secure.
-
If you can lock your office during your absence, do so. Keep
your laptop locked away in a safe area as often as possible. If possible,
secure your workstation with a strong security cable.
- Use
a firewall on your workstation or laptop. Windows XP and most versions of
Linux come with one provided.
-
You must
use a locking screensaver that requires a password to be entered after a period
of inactivity.
- If you frequently leave your work area, consider a time-out
period of as little as 5 or 10 minutes.
- Be aware
of the data that is on your workstation and what you need to do to properly
protect it.
- If you have protected or sensitive data on your laptop, delete it or keep it
encrypted.
- The University has licensed “Cryptainer” data encryption software.
This is now available to all University employees for use on University-owned
workstations.
- When connecting from remote
locations, always use a secure connection such as a VPN or secure wireless
channel.
- Many free wireless services offer no protection whatsoever. Do
not use them unless you are also using a VPN when using protected information. Never
e-mail protected information unless it can be encrypted such as with the
encryption function of Lotus Notes.
If you have questions or problems in implementing any of
these requirements, please call the University Help Desk at 2-HELP or contact
your federated services zone coordinator or department IT support professional.
|
Current KSU (Security Related) Services Available
·
The University site licenses McAfee anti-virus and anit-spyware
software which is available to all faculty, staff and students for free.
·
The University has site-licensed software from Cisco that
assists us in assuring the security of workstations attached to the network. The
on-going pilot in the Residence Services area isvery successful. This service
will be made available to other areas of the institution.
·
The University is licensing Altiris desktop management software
that will assist in keeping software on desktops up-to-date and secure. The software
is now in use at the Michael Schwartz Center, College of Nursing and the School of Library Science. This software is being made available to other
areas of the University.
·
A VPN service to provide secure remote access to mainframe
datasets is now being implemented. After mainframe access is secured, secure
access for other information resources will be incorporated.
·
An Intrusion Detection/Intrusion Prevention system is being
implemented to improve the security of all protected and sensitive data.
·
The University has purchased an anti-spam appliance that will
give e-mail users a resource that will virtually eliminate their need to wade
through spam e-mails. Check your settings at https://spam.kent.edu
|
Future KSU (Security Related) Services Available
·
If you have data that is protected or sensitive, make sure to
take the appropriate precautions that outline the required protection for
that data (HIPAA, FERPA, GLBA, University policy). The above ten steps are a
good start. Additional tutorials on this information are provided as
required by federal law or contractual agreement.
·
Policies and AUPs are being updated to better protect sensitive
information. The Security Advisory Committee (a subcommittee of UCT) is reviewing
drafts of the proposed University policies and workstation security requirements.
·
The University has licensed “Cryptainer” data encryption
software that is now available to all University employees for University-owned
computers.
|
|
