Loading
Document Actions

security practices

On your own computer you should always login with a password. Don't share that password with anyone. If someone else wants to borrow your computer, create a guest account for that person to use instead of telling her/him your password. If you don't know how to do this, ask someone for help (or use google).

Don't use the same password everywhere. It's always good practice to use different passwords for different applications. This way if one password gets found out or stolen, you haven't given away the keys to the entire castle.

Keep the software on your computer up to date. Using old crufty versions of applications (or operating systems) leaves one open to malware and also theft of credentials/identity.

Be aware of whether or not wireless connections are encrypted. When connected to an open (unencrypted) wireless connection, don't login to any websites unless they are secured with SSL (https).

If you have a laptop, make sure SSL (or TLS) is enabled for both sending and receiving of email. This is also highly recommended on a desktop machine.

If you use your computer in a location that is accessible to others, set it so that the screen will lock after a few minutes of inactivity.

Some rules for using public use computers follow.

Technically speaking, any computer where the login you use is (ever) used by someone other than yourself should be considered a public use computer.

If a public use computer does not have the latest up to date versions of software on it, you should consider not using it to login to any personal accounts. It would also be good form to report this to the owner(s) of the machine, as malware often spreads due to lack of timely updates on common desktop software (browsers, pdf-viewers, etc...).

There is another calculus that one should probably make on any public machine. Unless one knows the owner/administrator very well, it's always probably safer to be cynical. For instance I would never consider logging into my bank from a machine in any internet cafe. I might login to facebook though. Your decision might be different depending on how important the sanctity of your facebook account is to you.

Make sure you explicitly ask for SSL enabled sites. That is to say, type in the extra s after the http directly, don't just type gmail.com or facebook.com, instead type https://gmail.com or https://facebook.com. If you're logging in somewhere that https:// doesn't work.

Understand the different behavior of Apple (Mac) computers versus Windows (PC) computers. When you are using a Mac (Apple) the application doesn't shut down when you close the last open window like it does on Windows. This is also important to understand if you are using a friend's Mac. If you want to close an application completely, you should use Apple-Q (or select "Quit" from the applications menu, just to the right of the apple symbol at the top left of your screen).

Always click on the logout/signout links explicitly when you're done. Additionally, shut down the computer completely (if you can). If you can't shut down the computer, at least try to logout of the user account (so that the next user has to login before they can use the computer. Many public use computers are configured to additionally purge data when a logout or shutdown has occurred.