Desktop Security

skip to section links

Skip to page content

TU Home
About TU
Administration & Finance Division
OTS
Getting Connected
Information Security & Viruses
Guidelines & Standards

Desktop Security

Firewall Management

Network Security

Server Security

HIPAA Security Standards

Password Management Standards

OFFICE OF TECHNOLOGY SERVICES

Guidelines and Standards

The following are the minimum set of security standards required for all desktop computers on the Towson University campus network.

General Obligations

Users and custodians of desktop computers are subject to the Guidelines for Responsible Computing published on the campus web site.

Guidelines for Responsible Computing

Antivirus/Anti-Spyware Software

All desktop computers at Towson University must be running the latest version of anti-virus and anti-spyware software. Ensure that the software runs at startup and updates are installed automatically as they are made available. Ensure that mobile devices automatically check for updates at least once a week. When informed that a new virus has been detected, update your virus definition files immediately by clicking on the McAfee Antivirus icon and running Live Update. If you haven’t used your computer in a few days, be sure to check for updates for software and antivirus files before doing anything else.

Passwords

Utilize strong passwords to ensure that only authorized users can access the system. Where the desktop is located in an open space or is otherwise difficult to secure then consideration should be given to enhanced password protection mechanisms and procedures. All passwords must follow:

Length minimum eight characters in length
Not be a dictionary word
Must not be related to the individual such as spouse or kids names or dates
Do not write passwords down anywhere
Change passwords every 90 days or less
Do not include passwords in any electronic mail message

Change your password immediately if you suspect someone else may have guessed it.

Physical Security

All desktop computers must be secured at all times to prevent theft and loss of critical data. The following will help:

Restart the computer at the end of the day for better security
Lock offices. Office keys should be registered and monitored to ensure they are returned when the owner leaves the University
Secure Desktops in public areas. Equipment located in publicly accessible areas or rooms that cannot be locked should be fastened down by a cable lock system or enclosed in a lockable computer equipment unit or case
Secure hard disks. External hard disks should be secured against access, tampering, or removal
Install and use password protected screen savers
Store critical data backup media in fireproof vaults or in another building
Register all University computers

Confidential Information

All sensitive data used or stored on a desktop computer must be protected. Be sure to follow the following:

Encrypt sensitive and confidential information where appropriate.
Monitor printers used to produce sensitive and confidential information.
Overwrite sensitive files on fixed disks, floppy disks, or cartridges.

Software

Software is protected by copyright law. Unauthorized copying is a violation of University Copyright policy. Anyone who uses software should understand and comply with the license requirements of the software. The university is subject to random license audits by software vendors. Users of Desktop machines cannot install personal software. They can call the OTS help center which would grant them permission to install the Personal Software and then reset the permission for installing software on Desktop computers.

Print and File Sharing

Allowing shared print and file sharing can pass on viruses. Turn off all file and print sharing capability to prevent viruses. Use only approved printers and shared data storage devices.

Software Patching and Updates

All security patches and updates must be automatically installed at least weekly. All desktops must be registered with OTS Microsoft SMS and WSUS to receive updates. Also updates to the operating system, browses, and office software will be done at least weekly to maintain security and currency.

Computer Accounts

All computers utilizing the Towson University campus network must be authenticated. To login on any computer on campus a username and a password is required. Login accounts are created by the Office of Technology accounts office at Towson U. Local administrative accounts are created by the Lab Administrators. Passwords used by system administrators for their personal access to a service or device must not be the same as those used for privileged access to any service or device. All university-affiliated passwords shall meet or exceed password requirements. Guest accounts will be disabled on all desktops. Also local admin accounts will only be authorized on a temporary basis.

Browsers

Browsers must be tuned every six months or less for optimum security and performance. This includes deletion of cookies, temporary internet files, adjusting the cache levels, and clearing the history files. Also the security and privacy setting should be customized using the antivirus software. Pop-up blockers will be utilized to prevent introduction of viruses and worms.

Host-based Firewall/Intrusion Prevention Systems (IPS)

For best protected, recommend use of host-based firewall and intrusion prevention systems. Windows XP SP2 comes with a PC firewall. The current McAfee product under MEEC comes with a limited firewall and IPS capability.

Unnecessary Services

During the creation of the Towson University image for desktops all the unnecessary services will be disabled as part of the standard Towson University desktop image. Server services like Internet Information Service must not installed on desktop machines.

Network Access

Networked computers require more stringent security than stand-alone computers because they are access points to computer networks. While OTS has responsibility for setting up and maintaining appropriate security procedures on the network, each individual is responsible for operating their own computer with ethical regard for others in the shared environment. The following considerations and procedures must be emphasized in a network environment:

Check all files downloaded from the Internet. Avoid downloading shareware files.
Test all software before it is installed to make sure it doesn't contain a virus/worm that could have serious consequences for other personal computers and servers on University networks.
Choose passwords with great care to prevent unauthorized use of files on networks or other personal computers.
Always BACK-UP your important files.
Use (where appropriate) encrypting/decrypting and authentication services to send confidential information over a University network.
Never store University passwords or any other confidential data or information on your laptop or home PC or associated floppy disks or CD’s. All such information should be secured after any dialup connection to the University network.

Information Security Office
Office of Technology Services
Cook Library, 4
Hours: Monday - Friday, 8:30 a.m. to 4:00 p.m.
E-mail: infosec@towson.edu

Administration and Finance Questions

59% of the middleclass use broadband.

	© 2012 • Towson University	Last Updated: Wednesday, June 22, 2011
	Towson University • 8000 York Road • Towson, Maryland • 21252-0001 • 410-704-2000	Copyright Information \| Privacy Statement \| Clery Report \| Contact Us