Skip to Navigation | Skip to Content

Getting Secure

about getsecure isitsecure getsecure documents contact

search the site

related pages

did you know?

Electronic attacks are performed on networks around the world on a daily basis, creating a high risk that your computer will be broken into if you do not take specific precautions. Please take the following steps to protect your computer and those of others who use NYU-NET. Every computer accessing NYU's network and data, including laptops and home computers, should comply with the Basic System Security Standard.
 

Basic System Security Standard


  1. Set an Administrator Password
  2. Download and Install All Security Updates
  3. Install and Run Antivirus & Anti-Spyware Software
  4. Activate Built-In Firewalls

Additional Security Controls


  1. Restrict Sharing
  2. Do Not Open or Reply to Suspicious E-mails
  3. Create Back Up Copies of Your Important Files
  4. Turn Your Computer OFF When Not in Use
  5. Review the ITS Policies
  6. Securely Dispose of Data

 

1. Set an Administrator Password

The first, and probably most important, precaution you can take is to set an administrator password on your computer. If you don't, your computer may be vulnerable to multiple worms and viruses that can exploit this single vulnerability.

Instructions

If you are using a Windows XP or Mac OS X 10.5 or higher, set an administrator password, and reset it at least once every six months:

Windows XP
  • Upon turning on the computer, press the F8 key on the keyboard.
  • Select Safe Mode.
  • From the list of accounts, choose Administrator.
  • When prompted, click Yes to the Safe Mode warning message.
  • From the Start Menu, open the Control Panel.
  • From the Control Panel, select User Accounts.
  • Within User Accounts, select the Administrator account.
  • Next, select Create a Password.
  • Type in a strong password in the appropriate fields and click Create Password when finished.
  • You may be asked if you wish to make this account's files private. Click either Yes or No (depending on your preference), then click Finish.
  • Make sure to set a password for all other administrator-privileged accounts.
  • Close all windows and restart your computer.
Mac OS X 10.5 or higher
  • In the Apple Menu, open System Preferences.
  • Click Accounts under the "System" heading.
  • Select the Admin user profile and click Reset Password.
  • In the "New password" and "Verify" boxes, type a strong password, then click OK.

Windows Vista and 7: The Administrator account is disabled by default. No password activation is required.

For tips on creating a secure password, see the Security Tips section. As a general rule, you should use strong passwords to protect all of your online accounts, and be sure not to share them with anyone.


2. Download and Install All Security Updates

To download security updates, establish an Internet connection and follow the instructions for your computer's operating system below.

Windows XP/Vista/7
  • Open the Start menu and choose Windows Update.
  • If "Windows Update" is not listed, open Internet Explorer, click Tools, and then click Windows Update.
  • After Windows Update has scanned your computer for updates, select Express from the list of options.
  • When prompted, click Install Updates. If prompted, restart your computer.
  • Configure your computer to check for updates automatically. To do so, follow the instructions on the How to Enable Automatic Updates page of this website.
  • Once updates have been installed, close all windows.
Mac OS X 10.5 or higher
  • In the Apple Menu, click Software Update.
  • If updates are available, click Install. If prompted, restart your computer.
  • Configure your computer to check for updates automatically. To do so, follow the instructions on the How to Enable Automatic Updates page of this website.
  • Once updates have been installed, close all windows.

Application Security Updates

You should also make sure to apply security updates to all your third-party software. This software can include, but is not limited to:

In general, updates for third-party applications may not download and install automatically. You should consult the application provider's website for instructions on how to download and install security updates.


3. Install and Run Antivirus & Anti-Spyware Software

A key layer of protection for your computer is antivirus and anti-spyware software. You can download a free copy of Symantec Antivirus (for Windows and Mac) from the ITS-Licensed Software page (NetID and password login will be required).

You should also install "anti-spyware" software which can defend against malicious spyware. Spyware is software that tracks your computer activity, collects your personal information, and degrades your system's performance. To download a free copy of Microsoft Windows Defender anti-spyware for Windows XP or Vista, visit Windows Defender.

Note: Windows Vista computers come pre-installed with Windows Defender. To find out if you have Defender installed and enabled, visit Windows Defender and click on "How do I get Defender?"

If you do not wish to install Windows Defender and would prefer an alternative anti-spyware application, you may download and install Ad-Aware Free from the Lavasoft website. Please note that running two anti-spyware applications concurrently may have adverse effects your computer's performance.

Once you have installed these software, be sure to update each with the latest definitions immediately, then run a full system scan.


4. Activate Built-In Firewalls

A personal firewall is a software program that creates a protective barrier between your computer and the Internet. It blocks unauthorized or potentially dangerous communications from reaching your computer. A firewall also ensures that unauthorized people can't access your computer when you're connected to the Internet.

Most operating systems already come with a built-in firewall, such as Windows XP, Vista, and 7 and Mac OS X. To activate your computer's firewall, follow these instructions below.

Windows XP
  • Open the Start menu, then click Control Panel.
  • In the Control Panel, click Security Center.
  • Select Windows Firewall.
  • In the General tab, verify that On is selected.
  • Click OK and close all windows.
Windows Vista & 7
  • Open the Start menu, then click Control Panel.
  • In the Control Panel, click Security.
  • Click Windows Firewall.
  • Click Turn Windows Firewall on or off. Type in your Administrator password if prompted.
  • Click OK and close all windows.
Mac OS X 10.5 or higher
  • In the Apple Menu, click System Preferences.
  • Click Security under the "Personal" heading.
  • From the Security panel, click on the Firewall tab.
  • Click Allow only essential services.
  • For added security, you may select Advanced and place a checkmark next to Enable Stealth Mode.
  • Click OK and close all windows.

Note: Mac OS X 10.5 firewall is OFF by default. It is imperative that you enable the firewall upon purchasing a new Mac or if you've recently reinstalled Mac OS X 10.5.

Third-party firewall software is also available from the NYU Computer Store and at most commercial computer stores.


5. Restrict Sharing

Your computer may be set up to allow other computers on the Internet to access your computer in order to share files. Unfortunately, this type of sharing capability can be used by others to infect your computer with a virus or to look at your personal files.

If you do share files, don't set your computer up to act as a server, and be sure to respect copyright laws. For information about file sharing applications and the rules governing their use at NYU, see www.nyu.edu/its/p2p/. To disable file sharing, follow the steps for your operating system below:

Windows XP
  • Open the Start menu, then click Control Panel.
  • In the Control Panel, click Security Center.
  • Select Windows Firewall.
  • In the General tab, verify that On is selected. Do not place a check by the option "Don't allow exceptions."
  • Click OK and close all windows.
Windows Vista & 7
  • Open the Start menu, then click Control Panel.
  • In the Control Panel, click Security.
  • Click Windows Firewall.
  • Click Turn Windows Firewall on or off. Type in your Administrator password if prompted.
  • Click OK and close all windows.
Mac OS X 10.5 or higher
  • In the Apple Menu, click System Preferences.
  • Click Sharing under the "Internet & Network" heading .
  • Verify that there are NO checkmarks next to any connection.
  • Hit the back arrow above, choose Security from the Personal heading, followed by Firewall.
  • Click Allow only essential services.
  • For added security, you may select Advanced and place a checkmark next to Enable Stealth Mode.
  • Click OK and close all windows.

6. Do Not Open or Reply to Suspicious E-mails

As a general rule, if you don't know the person who has sent you an e-mail, you should simply delete the entire message without opening it. If you do know the person sending you the e-mail but the message contains an unexpected attachment or web link, you should check with them before opening the file or clicking on the URL. Remember that many computer viruses use fake "From:" addresses. It's easier to ask someone to resend a message to you than it is to clean a virus off of your computer!

In order to reduce the likelihood of falling victim to malicious e-mails, be aware of the following security threats:

  • E-mail attachments from untrusted, suspicious, or unexpected sources: Opening malicious e-mail attachments will often result in a computer compromise. Once infected, the computer may send the same malicious message to other recipients in your address book, provide the attacker remote access to your computer, or use your computer to attack other systems.
  • Requests for your NYU password or other personal info: If a message purports to be from NYU, ITS, or any other organization affiliated with NYU requesting your personal information such as name, date of birth, password, etc., it is almost certainly a phishing message. Do not reply to the message. ITS will never request your password information.
  • Pushy or Account Closure Warning messages: If a message informs you of an impending account closure or similar action unless you comply with its demands, it is often a sign that the message is a phishing scam. Do not comply with its requests.
  • Spam and phishing messages: You can help train NYU's spam filtering software and report phishing messages by following these instructions.
  • Malicious HTML code: Spam and phishing messages tend to contain HTML code intended to fool the recipient into believing the message is legitimate or to conceal the real destination of embedded URLs. Set your local e-mail client to render e-mails as plain text only to remove the HTML code and reduce the likelihood of clicking on a suspicious link.

7. Create Back-Up Copies of Your Important Files

Preserve your important files and the time it took you to create them by saving back up copies on a weekly basis. Files 2.0 provides 50MB of file storage, allowing you to save whenever and wherever you need to, or you can back up data to external hard drives or CDs. It's also a good idea to keep your original operating system and software start-up disks on hand in case your computer files get damaged.


8. Turn Off Your Computer When You're Not Using It

Turning off your computer when you don't need to use it lessens the chance that someone will be able to break into your computer and infect it with a virus or use it to harm someone else's computer.


9. Review the ITS Policies

Access to the Internet and NYU-NET is made available to the NYU community as part of the educational computing and networking resources of the University. Such resources and use of NYU's network are privileges and must be exercised in conformity with all applicable NYU policies and guidelines (available at www.nyu.edu/its/policies) and all applicable federal and state laws. Failure to abide by these policies can result in suspension of network privileges and referral of the matter to the appropriate disciplinary process.


10. Securely Dispose of Data

When you wish to dispose of a computer (desktop, laptop, or server), you must first remove all the data (sensitive or otherwise) that is on it. The easiest and most secure way to remove the data is to use a "wiping" program that not only deletes the data, but also overwrites each sector with garbage data multiple times. For more information on secure data disposal, visit the Computer Disposal Guidelines webpage.

Page last reviewed: July 17, 2013