Basic Security for Computers and Other Electronic Devices

Basic Security for Computers and Other Electronic Devices

The software on computers and other electronic devices must be set up and maintained to help protect the data and the computer. Basic Security for Computers and Other Electronic Devices requires:

• Authentication (Password, Pass phrase or other strong authentication)
• Configuration
• Firewall
• Use of Flash drives
• Anti-Virus Protection
• Security Patches

Authentication (Password, Pass phrase, M Key or other strong authentication):

• Password or pass phrase must be used for all devices and software supporting authentication, unless using a higher level of authentication (e.g. M Key).
• Must be eight or more characters long. Longer passwords are better.
• Must be periodically changed as required by each system, but at least annually.
• Must contain a minimum of three types of characters (lower case, upper case letters, numbers, special characters).
• Unique user accounts and  passwords must be managed to a security level appropriate for the system, based on the data stored or accessed through them.
• A password is required upon resuming use from an inactive state (Hibernation, Sleep, Screen Saver) to prevent unauthorized access when unattended.
• Password protected Screen Saver must activate within a maximum of 30 minutes of inactivity.
• The desktop/laptop computers must be logged off when not in use during non-work hours.

Configuration:

There should be restrictions in accessing the computer. The account should be divided with the user and the administrative rights.

• Access to an account with administrative level privileges for desktop/laptops must only be provided to the senior level. Such administrative access must be approved annually in writing by the supervisor. Use of the administrative level account must be limited to those actions which require administrative access.
• A separate standard user level account must be used for daily tasks such as email and web surfing.

 Use of Firewall:

• A firewall puts a protective barrier between your computer and the Internet. Turning it off for even a minute increases the risk that your PC will be infected with malware.
• A software firewall, hardware firewall or other network filtering (e.g. port or IP address filtering) technology must be used to help protect the computer/device while on the network.
• Desktops and laptops should use the operating systems built-in or other software firewall.

 Use flash drives cautiously:

Minimize the chance that you'll infect your computer with malware:

• Don't put an unknown flash (or thumb) drive into your PC.
• Hold down the SHIFT key when you insert the drive into your computer. If you forget to do this, click   in the upper-right corner to close any flash drive-related pop-up windows.
• Don't open any files on your drive that you have not expected to see.

 Anti-Virus Protection:

Computers are required to maintain and use an up-to-date version of anti-virus software (or virus filtering software for Unix). Other electronic devices are required to use anti-virus protection, if available.

Minimum Configuration for Anti-Virus Software should be:

• Live Update should be enabled
• Live Update Schedule Frequency should be on daily basis.
• File System Real Time Protection is enabled 

Security Patches:

Operating systems and application programs have periodic security patches released by the vendor that need to be installed. Installation of newer versions of the operating system or application program may be needed.

• Software applications, whether installed by a user with access to the administrative level privileges or technical support staff, must be maintained.
• Patching for designated high risk software applications is required as soon as possible but not more than 30 days after availability from vendor.
• All other operating system and application program security patches/updates must be installed as soon as possible but not more than 30 days after release by the vendor.
• Desktop and laptop computers must have automatic updates enabled  for the operating system.

Some free protections are available to secure your computer against malware:

Build up your computer's defenses:

Install antivirus and anti spyware programs from a trusted source.

• Never download anything in response to a warning from a program you didn't install or don't recognize that claims it will protect your PC or offers to remove viruses. It is highly likely to do the opposite.
• Get reputable anti-malware programs from a vendor you trust.
• Windows 8 includes antivirus protection called Windows Defender. It’s turned on by default.
• If your computer is not running Windows 8, download Microsoft Security Essentials for free.
• Choose security software that is compatible with Windows 7.

Update software regularly:

Cyber criminals are endlessly inventive in their efforts to exploit vulnerabilities in software, and many software companies work tirelessly to combat these threats. That is why you should:

• Regularly install updates for all your software—antivirus and anti spyware programs, browsers (like Windows Internet Explorer), operating systems (like Windows), and word processing and other programs.
• Subscribe to automatic software updates whenever they are offered—for example, you can automatically update all Microsoft software. Windows 8 and Windows 7 turn on automatic updating during installation.
• Uninstall software that you don't use. You can remove it using Windows Control Panel.

Use strong passwords and keep them secret:

• Strong passwords are at least 14 characters long and include a combination of letters, numbers, and symbols. Learn more about how to create them.
• Don't share passwords with anyone.
• Don’t use the same password on all sites. If it is stolen, all the information it protects is at risk.
• Create different strong passwords for the router and the wireless key of your wireless connection at home. Find out how from the company that provides your router.
• Use our password checker.

Don't be tricked into downloading malware:

• Be cautious in  opening an attachment or clicking a link in an email, instant message, or post on social networks (like Facebook)—even if you know the sender. Call to ask if a friend sent it; if not, delete it or close the IM window.
• Avoid clicking Agree, OK, or I accept in banner ads, in unexpected pop-up windows with warnings or offers to remove spyware or viruses, or on websites that may not seem legitimate.
• Instead, press CTRL + F4 on your keyboard to close the window.
• If the window doesn't close, press ALT + F4 on your keyboard to close the browser. If asked, close all tabs and don’t save any tabs for the next time you start the browser.
• Only download software from websites you trust. Be cautious of "free" offers of music, games, videos, and the like. They are notorious for including malware in the download.
• Take advantage of technology—such as Windows Smart Screen in Windows 8—designed to help protect you from new virus.