1051 NW 14th St., Suite 165
(UM mail routing R-26)
Miami, FL 33136
Hours: 830am - 500pm, M-F
Help Desk: 305-243-5999
General fax: 305-243-6417
Admin. fax: 305-243-2622
Computer security at home
Why is this important?
If you don't take basic steps to protect your personal computer, you put at risk all the information on it. You are the security administrator for your home system, and if you neglect that responsibility you may pay a severe price, such as identity theft.
With the advent of high-speed Internet connectivity for residential users, ever-more-common attacks on vulnerabilities in operating systems and software applications, and the ability to quickly transport malicious software via electronic mail, securing your personal computers and data is becoming more and more challenging.
For business, legal and ethical reasons, the University of Miami requires that you keep workplace computers secure, and we provide comprehensive, free Help Desk support to help you do that. We also have a guide to securing your work computer.
Unfortunately, we cannot provide extensive Help Desk support for home systems as well. However, following this guide will take you a long way to securing your personal computing environment.
Technical measures like login passwords, anti-virus and anti-spyware, and firewalls are essential. (More about those below.) However, a secure physical space is the first and more important line of defense.
Whether at home or while traveling, a computer deserves the same protection as any valuable object. Keep it locked up and, ideally, hidden from view. Remember that it can take only seconds to steal a computer, particularly a portable one.
Human threats are not the only concern. Computers can be compromised by environmental mishaps (e.g., water, coffee) or physical trauma. Make sure the physical location of the PC takes account of those risks as well.
Few if any home settings offer an electrical connection free of power surges or other electrical fluctuations. Consider a surge protector or uninterruptible power supply (UPS) with surge protection features.
Access passwords are an essential protection unless you are absolutely sure no one can gain physical access to your computer. Unfortunately, that's almost never the case.
To protect the whole system, activate the operating system's login and screensaver password features. (For Windows PCs, search for "password" in Help and Support to find instructions.) You should also consider setting passwords for particularly sensitive applications (e.g., your personal accounting program), if the software provides that capability. Also, only grant "administrative" rights to the user account that needs full access write/read rights on a computer.
If you're not sure about how to pick a strong password, or protect it once you've picked it, see the guide to password safety. It applies to home computer security as well.
Note that while passwords will deter most casual intruders, they can often be bypassed by a determined, knowledgeable intruder given sufficient time and access to special tools. (That's why physical security is also essential) For computers containing particularly sensitive data, the supplemental protection of data encryption based on a password is strongly recommended.
For systems at work, we can install McAfee for you. For personal systems, you must install McAfee yourself -- by downloading it from the Software Downloads section of this Web site.
Once you have it, you should keep it up to date. You should set the anti-virus software to scan all the files on your computer regularly, as well as all inbound and outbound e-mail and any files you import from portable storage media.
While anti-virus software may catch some spyware, it generally won't get it all. It is best to have a product specifically designed to identify and remove spyware. The more eclectic your Web surfing and file downloading habits become, the more you will need it.
For Windows systems, Microsoft Anti-Spyware is available free at http://www.microsoft.com (in the "At Home" section). If you really want to layer on the protection, free anti-spyware is also available from Lavasoft (called Ad-aware) and Spybot (Search and Destroy).
As with anti-virus, once you have it, you have to use it and keep the definition files up to date. Set the anti-spyware software to scan all the files on your computer regularly. If available, enable any "active protection" that scans files and communications in real time. You might be surprised by what you find.
Anti-virus and anti-spyware products inspect files on your computer, in incoming and outgoing email, and on removable media. Firewall software and/or hardware monitors the communications between your computer and the outside world (the Internet).
The medical campus network has its own firewall protections so you do not need it for your workplace computer. However, it is recommended for your computer at home, particularly if it is connected to the Internet using a broadband cable or DSL connection. If you use a laptop for both home and work use, we recommend enabling the built-in firewall as part of your operating system.
The University does not currently license any firewall software for personal use. Outside of both Microsoft and Mac OS X built-in firewalls, there are a few free firewalls available – e.g., from Zonelabs at www.zonelabs.com -- or you can use other commercial (non-free) products. ***CAUTION***.....We recommend only advanced users install personal firewalls outside of built-in operating system firewalls from Microsoft and Apple. Installing one of these firewalls and turning on the filters can create problems with application access at home or work.
It is critical to keep your software up to date, especially the operating system, anti-virus, anti-spyware, email and browser software. The newest versions will contain fixes for discovered vulnerabilities.
To make this a manageable task, enable automatic software update features where available. Where not available, remember to check the software company's Web site periodically for newer versions.
Almost all anti-virus and anti-spyware have automatic update features. Keeping the "signatures" (digital patterns) of malicious software detectors up-to-date is essential for these products to be effective.
Most operating systems and applications provide Web sites to scan your computer system for missing patches, hotfixes and service packs.
When you download and install new software from the Internet, you are taking a risk. Malicious software, such as viruses and spyware, are commonly embedded in software from freeware sites and virtually unavoidable in peer-to-peer (P2P) content.
Even software from what appears to be a reputable source has the potential to be damaging to system performance and can put at risk the confidentiality or integrity of your data.
For that reason, downloading and installing unsupported, unapproved software is generally prohibited for workplace systems. That's the policy at the medical campus.
For your home computer, it's your personal data and your system that is at risk. Use caution, particularly for peer-to-peer downloads. And make sure you have your anti-virus and anti-spyware software running and up-to-date.
Unfortunately, neither physical protections nor technical measures like firewalls, anti-virus and anti-spyware can assure security on their own. Your behavior is also critical.
For email, that means using caution when opening any attachments you receive, particularly from an unexpected or unknown source. It also means using caution about clicking on Web links in email you receive.
Your ISP might be making an effort to filter out spam and other junk e-mail for you, particularly of the data-extracting phishing variety. But don't count on that to be 100 percent effective. Filters are not perfect; some dangerous stuff gets through even the best defenses. Be vigilant.
For more detailed recommendations, see the guide to email safety and security.
Caution is also necessary when you surf the Web. As in the physical world, not all the virtual locations are equally safe to visit.
Be sure your Internet browser is configured with appropriate security settings. If it's not, even just a few seconds at a Web site can result in installation of malicious software.
For more detailed recommendations, see the guide to web safety and security.
Keep secure backups
Even if you take all these security steps, bad things can still happen. Be prepared for the worst by making backup copies of critical data, and keeping those backup copies in a separate, secure location.
For example, use supplemental hard drives, CDs/DVDs, or flash drives to store critical, hard-to-replace data. While at work, keep your critical data stored on your personal network Home Directory or department File Share; we'll take care of the backups for you.
Many home users use software applications to manage their home finances or file their taxes. We recommend you store this very sensitive data on removable media, such as a flash drive with security features, not your home computer's hard drive. Password (or fingerprint) protect these files and store the media in a safe place.
Why can't you rely on the hard drive? Because hard drives fail more often than you might imagine. When they do fail, they generally fail in an instant. Recovery of data from a "crashed" hard drive, if it is possible at all, is generally very expensive. From a security perspective, if your computer is compromised, all the data on the hard drive may be exposed.
Never rely on just a single copy of critical data, regardless of the storage medium. And always keep all the copies of your critical data in secure places.
Keep track of the kids
If you have children that use your home computer, monitor their activity to ensure they are not downloading applications that may contain malicious code or giving out any personal information (like home address, phone number, names, etc.).
Give it a rest
Turn your computer off when it is not in use. This is a good practice because you give your computer the opportunity to rest. "Rest" means your computer's RAM memory is flushed, the hard drive and other internal components get an opportunity to cool off and any updates can then be applied the next time you reboot.
In addition to increasing the useful life of your hardware, you'll also lower your electricity bill.
Cyber Security Tips (US-CERT)
A broad range of short documents on security topics relevant to home users
Home Computer Security (CERT/CC)
A very thorough treatment of all the steps to secure your PC
Protecting Your Computer (UM Privacy Project)
Click-thru content, at a basic level, on all aspects of protecting your PC
Home Network Security (CERT/CC)
A somewhat more technical treatment of home computer and network security issues