SECURITY CHECKLIST

How to Protect Computers, Data, and Personal Information

Taking Action

Taking action to personally ensure computer security helps protect everyone from data and identity theft, viruses, hackers, and other abuses. Everyone who uses a computer makes Purdue’s computing environment more secure by following these strong recommendations.

Create Strong Passwords

Strong passwords are critical to system security. A strong password is:

  • Something other than a word found in the dictionary
  • Something other than the name of a person, character, or pet
  • Without personal information, such as birthdates and telephone numbers
  • Something unrelated to your institution or department name or other identifying information
  • At least eight characters
  • Both capital and lowercase letters and numbers, as well as punctuation; for example: “AgbdF&04”
  • Up to 1,000 times harder to crack than a weak password

Change Passwords

Over time, even strong passwords lose security.

  • The best practice is to change passwords regularly.
  • Use the password-changing frequency recommended by the system administrator.
  • Password-changing frequencies are commonly monthly or quarterly.
  • Use password-creation techniques to create strong, yet easily remembered, passwords.
  • Don’t write down passwords. The most easily cracked password system is a password written on a sticky note under the keyboard.

Avoid Untrustworthy Downloads

Virus writers use downloadable screensavers and other files to infiltrate computer systems. Only download and install applications from verified sites.

Scrutinize Attachments Carefully

Email and instant messaging are major vehicles for viruses. Spammers are very skilled at making virus emails and attachments sound legitimate. Open only expected email attachments sent from known addresses.

View Email Messages Individually

Spam emails often contain code that automatically incites more spam or attempts to install viruses and spyware.

Avoid this problem by viewing email messages individually, rather than in a previewing pane. To toggle the Preview Pane in Microsoft Outlook, click View»PreviewPane.

Install Free Antivirus Software

Install and use antivirus software and set it to automatically update daily. 

Ensure Antivirus Software is Running

After starting up a computer, check that an up-to-date antivirus program is enabled. 

Ignore Unsolicited Emails

Spammers send emails that pretend to be from legitimate sources to trick you into providing your personal information. This practice is known as “phishing.” Never click on links in an email. Phishers can make fake email links that:

  • Browse to the legitimate Web site, but sneak in a pop-up window from a phisher’s Web site that asks for personal info.
  • Browse to a fake Web site that has a nearly identical look and address to the legitimate Web site.
  • Cover up the browser address window with an image that makes it appear to be the legitimate Web site.
  • Invisibly download a key-logging program that records and reports back every keystroke made on the computer, including entered passwords and credit card numbers.

Secure Internet Settings

Change the security settings on your browser to “high,” and adjust downward as necessary for your Internet use. The “high” security setting may prevent some Web sites from functioning properly, so use the highest setting that still allows for effective Web browsing.

Back Up Data

Back up critical data regularly. Keep a copy of important files on removable media, such as CDs, DVDs, or USB thumb drives. Securely store the copies out of sight and under lock and key.

Use Firewalls

Install and use firewall security. A firewall is a hardware or software barrier designed to prevent unauthorized network activity. 

Reduce Incoming Spam

Spam is the common term for unsolicited email and instant messages. Spam is most effectively reduced by keeping email addresses private and by using a properly secured Web browser and email client. For a list of best practices against spam, browse to https://www.purdue.edu/securepurdue/forms-and-resources/spam-filtering.php. For answers to questions regarding spam at Purdue on Purdue machines, email it-security@purdue.edu.

Get Updates and Patches for Operating Ssystems and Software

As new ways to exploit computer software vulnerabilities are discovered, it is critical to system security to regularly patch and update software. For Windows patches and updates, browse to http://www.windowsupdate.com.

Log Off or Turn Off the Computer

When you leave your computer, make sure to lock it (Windows key + L) or log off. If you are leaving for an extended period (a weekend, for example), turn the computer off.