A-to-Z Index

Computing Homepage

Information Technology Help Desk

Mon -Thu: 8:00am -9:00 pm
Friday: 8:00am - 5:00pm
Saturday: Closed
Sunday: 3:00pm - 9:00pm

(when classes are in session)

Exceptions for the year


Preparing for Security - Employees and Affiliates




Computer Setup

Proper setup and ongoing maintenance of today's desktop and laptop computers is both complex and necessary in this age of constant internet threats. With proper setup and maintenance, a computer can be quite impervious to many of today's threats. With improper setup, it can quickly and silently become a cesspool of malicious software and a tool for criminals.

JMU IT is in the beginning stages of rolling out comprehensive management services for JMU Windows computers. Services for other platforms will follow.

Currently, computers set up by JMU IT follow our StartSafe recommendations. Additionally, through a series of infrastructure and support upgrades, we have the ability to maintain and secure the computers on an ongoing basis when subscribed to our management services. When you see what is involved in doing the job right, you'll gain more appreciation for having someone else do it for you.

Unmanaged computers are maintained by their operators and security is almost entirely up to them. Current recommendations for initial setup can be found on the StartSafe web pages

More information on JMU Desktop Management project can be found at http://www.jmu.edu/computing/deskmgmt/itmanaged.shtml

Backups

Hardware failures and malicious software can both result in lost, irreplaceable data. Ensure your important data is backed up. Most data should be backed up on the campus or departmental network drives provided for that purpose. Those drives are regularly backed up enabling recovery should your computer have a problem - like a hardware failure, virus, or fire. 

For home use, most computers today have either a CD-RW or DVD-RW drive that can be used more than adequately for small backups. USB storage devices can be used for larger ones. Online services also now provide free storage that can be used. In all cases, care should be taken to adequately protect sensitive data on your backups. Physical security and/or encryption can be used to protect the data. JMU constituent or sensitive data should never be stored on personal computers, storage devices, or internet online storage services.

 

USB Storage Devices

USB drives, thumb drives, cameras, picture frames, music players, and other devices all look like generic storage to a computer. And to a computer virus. Many of these viruses are in circulation. If you plug your device into an infected computer, it may infect your device. If you let someone plug an infected device into your computer, it may infect your computer. Use appropriate caution and conservative behavior when dealing with work computers or sensitive data.

On a Windows computer, holding down the shift key while inserting the device into the USB slot and holding it down until Windows reports it is ready for use will prevent an infected device from automatically infecting your computer. Operating the computer with a regular user account also reduce risk considerably.

 

Physical Security

Electronic devices today are small, valuable, and very easy to walk off with. Treat them accordingly.

 

Sensitive Data

Whether on your computer or on a backup device, you should take extra steps to protect sensitive data. Some options include:

  • Not storing sensitive data unnecessarily - avoid doing so at all costs
  • Physical security
  • Encryption - IT Security Engineering (it-security@jmu.edu) can set up encryption on your JMU laptop computer using native tools. We also back up the passwords and encryption keys. Losing an encryption password has the same results as losing the data so if you decide to do this yourself, make sure you have any passwords or encryption keys backed up in a secure location.
    • Truecrypt will work on all computers and can be downloaded free
    • MacIntosh has a File Vault utility included.
    • Windows XP and Vista have Encrypted File System (EFS) included
    • Windows Vista has BitLocker included
  • Not storing sensitive information unnecessarily - avoid doing so at all costs

 

Servers

If you want to bring up a server, some extra steps are necessary, both of which can be initiated at http://start.jmu.edu.

  • Apply for a static IP address and DNS name
  • Request exposure of the server to the Internet if necessary

 

Risk Assessment

Information Technology projects associated with sensitive data, constituent data, or sensitive services should undergo a risk assessment. As all such projects now go through the Project Initiation Questionaire, this should be automatic. But if for some reason you are starting a new project or technology that involves or connects to sensitive data or services outside the PIQ process, IT Security Engineering (it-security@jmu.edu) can help you identify risks and ways to reduce them.

RUNSAFE

Security is interwoven into all day to day operations and decisions.  View the RUNSAFE web site for a more comprehensive look at how operational behaviors and strategic planning affect security.