The University of Massachusetts Amherst
Categories
Security

Cyber Security: Sound Computer, Sound Mind

Our computers hold a lot of information about our lives. With this being the case cyber security has become a topic of growing interest; however, many people at the consumer level only have a basic understanding of what cyber security is, and what steps they can take to help protect themselves.

 

What is Malware?

Malware comes in many shapes and sizes. If you are interested in the various types of malware and how they work we recommend reading the article found here. For the purposes of this article we will be working with a broad definition of malware. In general, malware is any program that has unwanted effects on your machine. This could be anywhere from causing annoying pop-ups, erasing your entire hard drive, or even stealing personal information like passwords and credit card numbers. While the different types of malware work in different ways, they all have the same goal in mind. Malware programs attempt to exploit weaknesses in a computer’s security in order to find ways to change settings or gain access to personal data.

Binary Matrix Security

Anti-Malware Programs

     The first step to protecting your computer from malware is prevention. There are many different software suites and programs that prevent and detect malware infections. As a member of the UMass community McAfee is available for free download from the OIT website here. McAfee and other anti-malware programs work by comparing files on your computer to a data base of files that are known to be malware. It is important to keep your anti-malware programs up to date so that it is checking against the most recent list of known malware. McAfee tends to be resource intensive, though many new machines are able to run the application without any noticeable performance decreases, but if you are working with an older machine and find McAfee to be too taxing on the hardware there are some lighter weight alternatives. These alternatives include AVG, Microsoft Security Essentials (Windows only), Sophos Free Anti-Virus for Mac (OS X only), Avast, and Norton. These are the biggest names in anti-malware, but by no means is this a complete list; the most important aspects when choosing an anti-malware suite are 1) make sure you have only one anti-malware suite installed at one time, 2) resources needed for the application to run, and 3) make sure that the program you are using is trustworthy (more on trustworthy browsing and downloading later).laptop security

Safe Browsing Practices

     It is important to make sure that we are protected when we browse the Internet. The biggest component of safe browsing is password protection, but being aware and conscience of our clicks

Create Strong Passwords

There are many strategies for creating strong passwords, but here are some guidelines to follow. For detailed reading on creating strong password’s check out our article on creating strong passwords.

  1. Do not use personal information in your password. (i.e. your name, date of birth, pet’s name, etc.)
  2. Create a base password that is significant to you, that you will easily remember it, but unique enough that only you will know it. For example, maybe the first house you lived in was on Kettle Street. “Kettlest” would be a good place to start when creating your password.
  3. Use number-letter substitution and key-mapping to make your base password stronger. By substituting some numbers in for the letters Kettlest could become K3tt735t. You can also use a key-mapping strategy by moving the whole password one key up and to the right on the keyboard. So Kettlest would become o466p4e6.
  4. Modify your base password for every application you use in order to keep someone from being able to access all of your accounts by finding one password. This can be as easy as adding a two letter code to the beginning of the password that corresponds to the application. So your Facebook password could be “fbK3tt735t” and your online banking password could be “obK3tt735t”.
  5. Store your passwords or use a program like Keychain (Mac) or KeePass (windows: download here). If you need help configuring keychain or KeePass read this article. NOTE: Never store your passwords in an Excel spreadsheet on the Desktop of your computer as anyone who has access to your computer will have access to everything.phishing3web
  6. Be Careful What You Click On The internet is vast, and not everything on it should be clicked on or downloaded. When you are downloading anything, make sure that the site you are downloading from is a legitimate, trustworthy source. If you are in doubt do a Google search for “[sitename] scam” and see if you get any hits.
  7. Set expectations and meet them. Check to see that the file you are downloading matches what you are expecting. If you are expecting to download a “.pdf” and the file that is actually downloaded is a “.exe” file do not open it as it is almost certainly malware. Also, be careful not to click on ads, as most ads will link to pages that seem legitimate, but are actually scams. A good rule of thumb is if you have any suspicion about a site or a program, do not use it.

If You Like it You Should Back It Up

Most computers come with some means of backing up the user’s data, and many  users tend to not make use of these programs. In the event that your computer is infected with malware backups can be critical. Having a good set of backups will allow you to restore any files that might be lost to an infection. UMass Amherst offers two options for cloud storage, UDrive and GDrive. Keep in mind that backups are not the primary store location for your data. They are a copy to provide redundancy in the case of data loss and loss prevention. Another part of creating good backups, for Windows users,also includes having a restore point which can help you get back to a point before you were infected.

GDrive

Our computers contain a lot data that is very important to our lives, like our jobs and entertainment. One of the most devastating things that can happen today is to lose data and files that we have stored on our computers. By installing an anti-malware program, practicing safer browsing, and keeping good backups we can out ourselves, as computer users, in control of managing the risk.

For extensive reviews on anti-malware applications, visit: AV-Comparatives Independent

OIT urges members of the UMass Amherst community to secure their computers, guard against online fraud, and protect personal and University data. Our resources can help. Check the OIT website for more information on how to manage security risks and get help.