eHelp
Also Available: Guidelines for Faculty and Staff
Everyone needs to be vigilant in protecting their computers, the data on them and the Cal Poly Pomona University network. By following some simple precautions, many system vulnerabilities may be prevented - saving time, money and allowing for uninterrupted access to your computer, documents and network resources.
Cal Poly Pomona currently offers the McAfee antivirus software free for all staff and faculty members. Staff and faculty members are free to install the antivirus software on their office computers, servers, as well as home systems. However, the current McAfee license does not cover student computers. Students living with the dorms should check with their technical support person for information about available antivirus software.
You can tell if you have this software installed if the Symantec shield is in the Windows System Tray, located at the bottom right corner of your screen, by the clock.
If you do not have AntiVirus software installed on your computer, you may download the antivirus software from the Cal Poly Pomona network (you will eventually be prompted for your BroncoName and BroncoPassword).
Make sure you have McAfee 8.5i software installed; the manufacturer has already configured it to do automatic security updates.
Note: McAfee is pre-configured to do an auto update if your local campus IT professional installs it. Additionally, McAfee's EPO (ePolicy Orchestrator) agent is also installed, and the end-user does not have the option to change the security update schedule; the AutoUpdate happens automatically. The automatic update is enforced by campus policy (server side).
Note: For use at home, it is not necessary to install the EPO agent, but it is required for campus use.
Campus computers are managed by the respective local IT professional, and Microsoft's Windows Server Update Service (SUS) is used to install all Microsoft Windows operating system related patches and security updates. End users do not have the option to install updates manually as per campus policy.
WSUS is a management tool provided by Microsoft to help network administrators deploy security patches more quickly and easily. Instead of each workstation having to connect to the Internet to update Windows and a technician visiting all users, each workstation connects to the Microsoft SUS server (hosted on campus) instead and updates from there. Updates happen at random times or as scheduled by the network administrator during idle computer times. In some cases, critical updates are installed in the middle of a work day.
For more info on Microsoft's WSUS, visit http://technet.microsoft.com/en-us/wsus/default.aspx.
Setting a strong password on ALL your accounts makes it more difficult for an attacker to gain access to your computer or resources. See Cal Poly Pomona's password guidelines for more information about selecting a strong password.
Software available through a Cal Poly Pomona University site license is listed in the Campus Software Share.
You should be aware that many free software packages on the web install spyware (software that reports back web surfing habits and other personal information), adware (software that creates pop-up ads based on what web sites you visit or just periodically creates a spontaneous pop-up) or even Trojans (short for Trojan horse, a type of software that install remote control or remote attacking software on your machine without your explicit knowledge).
Even the full version of Kazaa installs a third-party program that may use computer processor time and disk space for purposes other than running Kazaa. If you are unsure about a program, you can usually find out more by doing an Internet search on "program spyware adware" to see what others are saying about the program. Most reputable software is available on CD from the vendor.
More than ever, people receive spam email, chain letters and viruses through email. You can prevent the spread of infection by following a few simple steps:
New exploits often appear first on cracker or warez sites. There may be scripts that can attack or get information from your computer. Some dishonest operators run look-alike web sites that may pretend to be well known companies like eBay or PayPal. Always check the website address closely when asked for personal or financial information and if in doubt, navigate to the known company address yourself. Become familiar with cookie settings and other browser security settings.
I&IT periodically issues security alerts about current attacks. Please read them and follow any instructions to help keep your computer safe and secure. Click to read the lastest security alerts and announcements.
Protect your computer by locking it or shutting down when you leave. An attacker can gain access to the network, change your password, change files, or even send email as you. An attacker who has compromised your computer can use it to attack other computers on the network too.
If your computer is in an unsecured area, you should get in the habit of locking the screen when you step away.
If you are finished working on the computer for a while (i.e.: morning break, lunch break or afternoon break), you should log out or lock your computer.
An attacker cannot attack or use your computer when it is off, so plan on shutting down your computer when you leave at the end of the day.
If you are using an Administrator account on your machine to log on, you should create a new account that is not a member of the Administrators group and use it for normal tasks. Use the Administrator account only when necessary.
If your regular account is a member of the Administrators group, you should consider creating a new account in the Administrators group and removing your account from the Administrators group for normal use
