Skip to main content
IT Service Status
IT Service Status

Desktop Security

Audience:

All members of the Northwestern Community and users of the University network.

 

Background Issues:

Computers are constantly subjected to attempts to exploit system and application vulnerabilities. NUIT offers these recommendations to bolster:

  • Use Antivirus/Endpoint security software. All computers (PCs and Macs) should have the NU provided version of Symantec Endpoint Protection and should retain the setting that schedules regular updates of virus definitions.
  • When a desktop computer is built, all operating system updates and patches should be applied. In addition, operating system updates and patches should be applied regularly, on an ongoing basis. If possible set the system to do automatic updates. The frequency will be a balance between loss of productivity (while patches are applied) and the need for security.
  • If applicable, use Microsoft Update instead of Windows update to ensure you also update Microsoft Office products.
  • Ensure that other products such as your browser, Java, iTunes, and Adobe Reader and Flash are the latest versions and set to check for updates.
  • Whenever possible, security policies should be set at the server level and applied to the desktop machines.
  • Do not use the administrator account as the regular login account. Create a separate login account for each user of the system.
  • To keep in line with netid passwords use the following rules to create a “strong” password, defined as:
    1. must be 8-31 characters in length
    2. must include punctuation such as ( ! ] & * , + =
    3. must not include the characters ^ $ ' " # < ?  @  | ` \
    4. Passwords should be changed every year at a minimum.
  • The guest account should be disabled.
  • New machines with Windows or OS X should activate the built-in firewall.
  • All compromised machines should be rebuilt from scratch (i.e. erase the hard drive and start fresh from installation disks).
  • Do not install Microsoft IIS or turn on any of its functions unless absolutely necessary.
  • In general, start from a position of security that is most secure (i.e. no shares, no guest access, etc.) and open up services as necessary.

In addition to the above suggestions, NUIT recommends a regular backup strategy. It should be noted that even with all the procedures listed above, there is still the possibility of a virus infection or hacker compromise. Backing up data on a regular basis (daily and/or weekly) will lessen the damage caused by the loss of a machine.

When a compromised machine is detected, Northwestern IT security may shut the port off or quarantine the device; this will isolate the desktop computer until it can be rebuilt.

NOTE: Do not move or connect a compromised machine to another active port – this will result in that port also being shut off as the compromised machine is detected.

Once the computer has been rebuilt and brought current, and NUIT security notified, the port will be returned to active status.

If a department has its own servers, Northwestern IT security personnel can scan the servers, Web sites and Web applications for vulnerabilities upon request. See the Vulnerability Assessment Program for details. These departments would also benefit from having their administrator join the UNITS listserv, the security listservs and the specific alert listserv (used when shutting off ports).

Important Dates

Original Issue Date:
  • July 2002
Revision Dates:
  • July 2003, August 2007, November 2011, December 2016