Help Index > Security Information and Advisories

Protect your PC:

Become a responsible network citizen

Protecting your PC is a team effort; it requires the combined efforts of every student, employee and ITSS staff member. By following some simple guidelines you can do your part in keeping your PC safe and secure.

With respect to sensitive information and electronic protected health information (ePHI), it is expected that everyone applies the three rules of data security: confidentiality, integrity and availability (CIA).

Patch Your Operating System
The first line of defense in keeping your computer as secure as possible is through regular software updates and routine system maintenance to help avoid data loss, new viruses and other potential risks. Most of the university owned Windows based computers are configured to install updates from Microsoft via our Software Update Server (SUS). Every month Microsoft releases updates for Windows 2000, XP and 2003 which are considered to be "Critical Updates". Our SUS server automatically gets the updates, then one of our administrators will approve them. When that happens, every desktop PC on campus will receive these approved updates. If you are not certain that your system is configured properly to receive "Critical Updates" please contact ITSS.

Keep Your Antivirus Updated
The Medical College of Georgia has purchased Symantec antivirus software licenses to cover all MCG owned faculty, staff and student computers. In addition, licenses have been purchased to cover personally owned computers by faculty, staff and students. Most of the university owned computers are configured with antivirus software and centrally managed to receive regular virus definition file updates.

You may obtain a copy of Symantec Antivirus by contacting ITSS at 706-721-4000.

Set Screensaver Passwords to 5 Minutes
As more and more of our information is stored on our computers and network storage, securing data is an increasing concern. Most of us do not log out of our computers when we leave our office for short periods of time. Rather than logging off, you can lock your computer by pressing Ctrl-Alt-Delete and selecting Lock Workstation. This will secure your computer and leave any programs currently running while you’re away from your desk. You must re-enter your password to unlock the computer when you return, but the computer will not have to go through the complete login procedure.

Another security feature is to have a screen saver that requires your password to unlock the computer. This feature is accessed by right-clicking in a blank portion of the desktop and selecting Properties. The Display Properties dialog box will open:

• Click the Screen Saver tab
• Make sure the On Resume, password protect box is checked
• Set a wait time of 5 minutes
• Click OK.

Save Important Data to a File Server
ITSS encourages you to take advantage of our enterprise file services by saving important files to a network file server through your Novell logon. Files that contain important information should always be saved to an ITSS network file server where they are protected with a password, backed-up and availability is ensured.

Advantages of saving important data to a network file server include the following:

Safety - All files are automatically backed up nightly. So, if your hard drive crashes or if you accidentally delete your file, worst case, you may lose one day’s work. Files may be restored by the user from within the Novell Client’s Salvage function. Please contact the IT for assistance.

Spares Disk Space - Saving files and folders onto your network folder does not take up space on your hard drive.

Security - Only those who know your user name and password are able to access the files and folders on the network.

Policy Compliance - The Medical College of Georgia Information Systems Security and Computer Usage Policy asserts that access to information resources at MCG must be protected at a level commensurate with its classification.

Enables Remote Access - Your files can be securely accessed from anywhere on or off campus where Internet access is available. For more information see File and Print Services.

Provides Shared Access - Shared network storage areas are available to facilitate secured document collaboration. Additionally, public access network storage areas are also provided for file transfers. Please contact ITSS if you have special needs.

Do Not Write Down or Share Passwords
Never write down or share your passwords with anyone. The Medical College of Georgia Information Systems Security and Computer Usage Policy prohibits sharing passwords and the institution may hold you responsible for any misuse of university resources accessed with your account and password. If you think someone may know your password, change it immediately.Use Hard-to-Guess Passwords

Passwords will only keep outsiders out if they are difficult to guess! Mix upper case, lower case, numbers or other characters not easy to find in a dictionary and make sure they are at least 8 characters long. If someone should happen to guess one of your passwords, you don’t want them to be able to use it in other places. Change passwords regularly, at least every 90 days.

See "What is a Secure Password?" for more information on creating SAFE passwords.

Use hard-to-guess passwords
Passwords will only keep outsiders out if they are difficult to guess! Mix upper case, lower case, numbers, or other characters not easy to find in a dictionary, and make sure they are at least 8 characters long. If someone should happen to guess one of your passwords, you don’t want them to be able to use it in other places. Change passwords regularly, at least every 90 days.

See "What is a Secure Password?" for more information on creating SAFE passwords.

Delete suspicious e-mails and attachments
In today's Internet environment, it is especially important to use extreme caution when a message is received from an unknown address. Both spam and virus activity use a variety of addressing schemes and spoofs to trick the recipient into opening the message and/or attachment. If you are not expecting an attachment from a known address or the message subject or body is vague, scan the attachments for viruses by saving the file to your desktop before opening.

All e-mail coming from the Internet to the MCG e-mail system is scanned for viruses and various anti-spam checks are performed before a message is delivered to an e-mail account. Be aware that personal mail accounts for outside providers are not covered by MCG's e-mail security service. If a computer does not have local virus protection installed, then it is not protected from external threats which may arrive through personal e-mail accounts.

Please call the IT Sevice Desk @ 1-4000 if you suspect your PC has been compromised.