If you go online without taking steps to protect your laptop or desktop PC, you risk giving fraudsters free access to all your emails, photos, work and online accounts.
Malicious software ('malware') is so sophisticated these days, some programs can get inside your machine and send a record of everything you write or do. They can even take over your webcam.
There are a few simple precautions you can take to stop others stealing or destroying the contents of your computer.
- Install security updates to your operating system, web browser and other software as soon as they become available.
- Install anti-virus software, keep it updated and schedule regular scans. The University provides Sophos Anti-Virus software free to all staff and students.
- Never install pirated software or open attachments from sources you don’t know or trust.
- Schedule regular backups of all your files.
Even if you have anti-virus software which tackles adware, spyware, trojans, worms and malware, you still can't afford to get complacent or careless.
The most common (and easily avoidable) ways in which people let their machines get infected are:
- Opening email attachments from suspicious, unknown or unsolicited sources (and sometimes even from people they know and trust).
- Installing suspicious software (either pirated copies or downloaded from untrustworthy websites).
- Using infected USB sticks.
- Browsing the Internet with an old operating system and browser.
- Clicking phishing links on social media and in emails.
Cut out or cut down on these risky activities and you will dramatically reduce your exposure to malware.
Back to top
More ways to stay safe
Ways to reduce the risk even further:
- Install the latest security updates to your operating system.
- Install anti-virus software on your machine, keep it updated and schedule regular scans (note that Sophos is free for as long as you are at the University).
- Install the latest updates to your web browser and other software (the easiest way to do this is to turn on automatic updates whenever you install programs on your machine).
- Change your operating system or software if they are no longer supported (i.e. security updates are no longer released for them).
- Make sure the firewall installed on your machine is activated. Various open-source and commercial firewall products are also available.
- Only download and install software from reputable sources and never install pirated software – you can't trust what it might do.
- Turn off synchronisation when using document sharing sites to share with others.
- Log in to your computer as a normal user rather than as an administrator by default.
- Disable macros by default in Microsoft Office documents.
Back up your data
If your computer gave up the ghost right this minute, what would you lose? A day’s worth of admin? A whole chapter of your thesis? Irreplaceable family snaps going back years?
Computers are replaceable. The data on them often isn’t. Please don’t end up as one of those people who only thinks about backup when it’s too late. Here’s what you should be doing:
- Don’t put copies on regular USB sticks or cloud services like Dropbox as they don’t meet the University’s Data Protection obligations.
- Use your Z: drive or S:drive for work data or R: drive for research data
- Researchers have access to BOX for cloud storage and collaboration
Your local Campus IT support team or the IT Service Desk can help you set these up if you get stuck. You can never be too safe, so we advise you to make multiple backups.
Lock your computer
It is good to get into the habit of locking your screen whenever you leave your desk. Anyone with access to your machine can snoop on all your files, send emails from your account or create all manner of mischief.
In the worst-case scenario, you could give an opportunistic thief unfettered access to your usernames, passwords, account details and other private personal details.
Encrypting your laptop will stop anyone getting at your personal data in the event it gets lost or stolen.
If your laptop holds University data or your are processing substantial volumes of personal data then you should consider it confidential and encrypt. Depending on your model of computer, you can find instructions here for doing this with either Windows Bitlocker or Mac Filevault.
Confidential data is defined in the Information Security policy but some examples of data that are likely to be confidential are:
- student or staff records
- unpublished research data
- reserved committee papers and minutes
- information collected under a data protection statement
Back to top
The campus firewall is a device that sits between the campus network and the internet. It ensures that legitimate network traffic is allowed to pass through and that potentially malicious traffic is blocked.
The campus network is constantly being scanned and probed for weaknesses that would allow an attacker to gain unauthorised access to University IT resources. The firewall prevents this.
What network traffic is allowed?
The firewall operates from a set of rules that define what network traffic and services should be allowed through and which should be blocked.
The basic principle is that all network traffic should be blocked unless it is specifically required for the academic or business needs of the University.
What if the network service I need is not currently supported?
If you require access to a network service for academic or business use that is not currently allowed through the firewall, you must submit a firewall change request application to Information Services explaining the change you require and the benefits to the University of allowing the service through the firewall.
How do I submit a firewall change request form?
A firewall change request application can be made online through the Self Service portal.
- Select ‘My Services’
- Select ‘Firewall change requests’
- Fill in the online form
Your local Campus IT support team will be able to assist you in completing the technical parts of the form.
How does the firewall change request process work?
- Once you have submitted your application, you will be provided with a unique reference number. This should be used in all further correspondence.
- The process takes five working days to complete. Please take this into consideration if you need access by a particular deadline.
- Applications will be assessed within 1-2 working days to ensure the information provided is complete and in the correct format. You may be asked to provide further information.
- Our Security and Compliance Team will undertake a full technical assessment of the change considering any potential security risks to the University network. You will be notified of the decision.
- If your request is successful, the firewall change will be implemented on the day you indicated in your application provided you have allowed sufficient time. If your request is unsuccessful, you will be provided with justification for the decision. You will be kept informed at each stage of the process.
Back to top