Information Technology Services - Computing, Networking and Storage
Would you like to answer a few questions to help us improve our website?
Yes | No Thanks | Maybe Later
print this page   email this page

IT Security Update (October 2009)

October is National Cybersecurity Awareness Month, and USC's Information Technology Services (ITS) would like to remind you of important steps you should take to protect your personal information and computing equipment, as well as the USC network.

Update Your Antivirus and Other Software

You can download free antivirus and firewall software at software.usc.edu for home and campus use. (You will need a valid USC login.) To ensure that you are adequately protected, you must update your antivirus software frequently. Old versions of security software are ineffective against most worms and viruses.

If you are using USC's Symantec security software, be sure that you have updated your software to version 11. If your Symantec program is not called "Symantec Endpoint," you need to upgrade to version 11. See www.usc.edu/its/security/endpoint for help determining which version of Symantec you have.

Make sure to use the most recent version of your web browser and email program. Install all available updates for these programs and others, such as your operating system, Adobe, Flash, Microsoft Office, and Java. Please note that Microsoft released an important Windows Security Advisory on October 13, 2009. Make sure to install all updates that are relevant to your system. Go to ITS announcements for additional information.

Many current email clients, such as Outlook and Thunderbird, will alert you to illegitimate email and links. Current browsers, such as Internet Explorer version 8 and Firefox 3.5, contain security settings that can warn you if the website you are visiting is a suspected forgery. If you are not sure whether your browser is set to identify forged websites, call the ITS Customer Support Center at 213-740-5555.

Protect Your Password

Neither USC nor ITS will ever request that you submit personal information, including any passwords, over email. Treat any email that requests your password or other personal information as a phishing, or fraudulent, message; do not reply to such messages. Go to www.usc.edu/its/security/phishing to learn more about how to identify a phishing email.

Be sure to change all your online passwords at least once a year and preferably every 6 months. USC computing policies require users to change their USC passwords every 6 months. You can change your USC password at any time by going to the ITS home page and clicking the USC Password Change button. In the upcoming months, ITS will be adding security questions to the USC password change process for an additional layer of account security. See cio.usc.edu/password for tips about password security.

Use the USC VPN for Wireless Security

Remember that the USC wireless network is open; traffic across the network is not encrypted and it is possible that information you send over the network may be seen by others. USC's virtual private network (VPN) software will encrypt traffic. Be sure that you are using the Cisco AnyConnect VPN client; Cisco has stopped supporting the VPN 3000 client. See www.usc.edu/its/vpn for more information.

Exercise Caution on Social Networking Sites

Remember that personal information that you publish online in social networking sites, blogs, and elsewhere may be stored by Internet search engines, such as Google and Yahoo, long after you delete the information from the web page.

Hackers frequently target social networking sites, such as Facebook, by circulating spoofed versions of popular apps, which contain malware designed to infect your computer and steal your personal information and address books. Keeping your security and browser software up to date will help to protect you against these threats.

Important Reminders about USC Computing Policies

Please be aware of the following policies, which are designed to protect the USC network:

  1. It is a violation of USC policy to share your computer account or password with anyone. You are responsible for all activity that occurs on your account or on equipment that is registered to you.

    Remember to unregister equipment at www.usc.edu/etherreg before you sell it or give it away.

  2. It is a violation of university policy to install on the USC network any hubs, routers, and switches or other gateways that allow multiple devices to connect concurrently. See section 4 www.usc.edu/its/policies/computing for more information.

Have Questions?

If you have any questions or need help with ITS documentation, please contact the ITS Customer Support Center at 213-740-5555 or consult@usc.edu.



Last updated: Monday, October 19, 2009, 12:34PM PDT