DISCLAIMER:   Information provided on this page has been tested in multiple scenarios with various hardware.  However, no solution is perfect for all situations and all computers.  Please make sure that you keep a current backup of your PC and data prior to making any modifications.  Additionally, Richard Bland College Information Technology Services assumes no responsibility for individual's home computer systems.  Should you encounter a problem with your home computer, consult your manufacturer for support.

First steps to a secure PC:

Make sure that your PC is running the latest virus scanning files.  For your RBC PC, click here for step-by-step instructions on updating your "dats"!:

http://www.rbc.edu/ITS/dats.pdf

Make sure that your PC (home or RBC) has the latest Microsoft Critical updates installed. 

    Click here: http://v4.windowsupdate.microsoft.com/en/default.asp

Not sure if your PC is "safe"?  Stinger is an excellent application to check your PC.  Click here and follow the instructions to download and run Stinger:

     http://vil.nai.com/vil/stinger/

Phishing!

Most of you all have received emails that were phishing emails and you may not have realized it.  Recently these types of email have supposedly been coming from SouthTrust, SunTrust, Washington Mutual and Citibank.  These emails are more than just junk mail as the intent of phishing is to get information from you by falsely claiming to be someone else.  Never give out personal information- most financial institutions have information posted on their websites regarding fraudulent emails like these so be sure to check them out.

Protect you personal and financial information by making sure you stay informed.  Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them.

A link to the Anti-Phishing Working Group:

http://www.antiphishing.org/

(This website includes info on phishing attacks and you can see examples of phishing emails.)

 

A link to a Federal Trade Commission Consumer Alert:

http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm

Spyware and Adware!

Here are some startling statistics about Spyware from the 2004 Aladdin Knowledge Systems  article "The Spyware Epidemic: Dealing with "Legal" Malicious Code"

90% of all Windows PCs are infected by spyware

80% of all home computers are infected by spyware.

88% of owners of infected systems are not aware their computer is infected.

65% of all PC users do not run up-to-date anti-virus software.

Protect your computer from Spyware and Adware!  Several RBC computers have recently been infected with Spyware or Adware.  These programs are sometimes installed along with free programs such as music sharing, screen savers, and other similar applications.  Additionally, spyware can end up on your computer if you accidentally click the wrong button on a pop-up.  The applications can track your internet movements, steal your passwords, inundate your PC with pop up ads and web browser bars.  They also rob your PC of performance capability and will eventually grind your PC to a screeching halt! 

Of course, it is always better to PREVENT the installation of these programs than it is to recover from it!  Make sure you install all Microsoft Critical updates and patches (see link above).  Be very careful and selective when downloading programs. 

There are many applications that have proven helpful in detecting and removing Spyware, Adaware and Spybot.  Here are just a few:

    Spy Sweeper:  http://www.webroot.com

    Adaware:  http://www.lavasoftusa.com/software/adaware/

    Spybot: http://spybot.safer-networking.de/en/index.html

Before you download and install a FREE spyware program, please check out this link:
Roque Spyware

GOOGLE WARNING from VITA -Virginia Information Technology Agency

There are four settings in Google's desktop search tool that are of concern.

*       The first is the ability to search non-local drives.  This
setting has the ability to search any attached network drive, creating additional load on the network, as well as potentially including data that should not be part of the search.

       
*       The second is the ability to search e-mail. This has the same risk of searching non-local drives.
       
*       The third setting is a default setting that may have the effect of saving copies of files that were intentionally deleted. Users can turn this "feature off" but the default is to have it enabled.

       
*       The fourth and most troubling setting is the ability to "search across computers."  This setting creates a workspace on Google's computers and has the potential of transferring Commonwealth data to reside on those computers.  This is a concern, as Google makes no representation as to the security of those computers and they are Web accessible.  Therefore, Commonwealth data would have left Commonwealth networks without appropriate security controls in place.

       
VITA Security strongly recommends against the installation of Google's desktop search tool.  If the ability to search local drives is required for business purposes, and no other standalone products such as Microsoft's desktop search can be used, VITA Security recommends the Enterprise Edition (also free)  of the desktop search tool be used.  Agencies should take action via policy to prohibit employee installation of this tool unless agency head documented approval is obtained.

Make sure that you are familiar with all policies and procedures!

                        Security Awareness Training Power Point:  http://www.rbc.edu/ITS/Security_Awareness_Training_2006.ppt

                        Richard Bland College Computer Use Policy:   http://www.rbc.edu/ITS/RBCMP01rev1001.htm

                        Richard Bland College Email Guidelines:  http://www.rbc.edu/ITSTEST/email%20guidelines_10_2004.htm

revised:  27 September 2006