InfoSec Blog - System Security Health Check
September 10, 2020
As we start a new semester, now is a great time to take some proactive steps to ensure that your computer and the University network remain safe and secure. Whether are you are returning to your campus workspace or continuing to work remotely, these important actions should be part of a regular system security health check.
- Connect to University VPN - If you are continuing to work remotely, it is important for your computer to connect back to the campus network periodically to ensure your system stays updated.
- Backup your Critical Data - If you have important files that are only stored on your local hard drive, you should take some time to back that data up to a shared network drive or your OneDrive account. This is good protection should you have a hardware failure, or if your system becomes infected with malware. Make sure to review the Data Storage Guidelines to ensure that you only store data in locations that are approved for the sensitivity of that data.
- Remove work documents from personal computers - If you have been using a personal computer at home to complete your work, move any work documents to your OneDrive account, work computer, or CFS shared drive. Once you have done so, delete them on your personal computer and make sure to empty the Recycle Bin (Windows) or Trash (macOS) as well.
- Remove unnecessary software from your computer - If you have installed applications on your work or personal computer that are no longer needed, remove them. If you are unsure about any software that is installed on your computer, contact the CCS Help Centre (519-824-4120 ext.58888 or ITHelp@uoguelph.ca) or your local IT admin before removing it.
- On Windows PCs, start typing 'Add or Remove' in the Windows Search area in your taskbar. Click on 'Add or Remove Programs' above and then locate the unneeded software in the list to remove it. More information can be found here - https://support.microsoft.com/en-ca/help/4028054/windows-10-repair-or-remove-programs)
- In macOS, open the Finder and go to the Applications folder. Simply drag any unnecessary applications to the Trash. More information can be found here - https://support.apple.com/en-ca/HT202235
- Update your Operating System and Installed Applications - Software vulnerabilities are a common cause of data breaches and malware infections. For most applications you can make staying updated simple by enabling automatic updates.
- For CCS Managed Desktop clients your system will be updated automatically. To verify that your system is up-to-date, connect to VPN and then run the Software Center tool. Start typing 'Software Center' in the Windows Search area of your taskbar, then click on 'Software Center' above. Within the application choose Updates on the left navigation bar to see if any additional updates are pending.
- For other University owned systems, you can contact your local IT administrator to verify that your system is up-to-date. You can also run Windows Update (https://support.microsoft.com/en-ca/help/4027667/windows-10-update) or Software Update on macOS (https://support.apple.com/en-ca/HT201541).
- Run a Full Anti-Malware Scan - Running a full anti-malware scan on your computer on a regular basis is a good security hygiene practice. University managed devices should have the McAfee Endpoint Security client installed.
- To start a full scan with McAfee, right-click on the McAfee icon in the taskbar and choose 'McAfee Endpoint Security'. At the top right click 'Update Now' to ensure you have the latest client and anti-malware definitions. When that has completed click on 'Scan System' and choose 'Full Scan'. This process will take time to complete and will vary by the speed of your system and the amount of data you have stored on it.
- If you do not have the McAfee client on your work computer contact the CCS Help Centre or your local IT administrator.
- McAfee is also available for your personal computer and can be downloaded from the Software Distribution site (https://guelph.onthehub.com/WebStore/Welcome.aspx).
- Verify your System is Encrypted - Encryption is an important protection for University data in case your system is lost or stolen. Centrally managed systems should be encrypted by default with Bitlocker (Windows) or FileVault (macOS). To verify that your system is encrypted you can do the following:
- On Windows PCs, start typing "Bitlocker" in the Windows Search area in your taskbar. Click on 'Manage Bitlocker' and the following screen should indicate that Bitlocker is on.
- In macOS, open the Apple menu and choose System Preferences. Click on Security & Privacy and then click the FileVault tab.
- If your system is not encrypted or you are unable to verify the settings, contact the CCS Help Centre or your local IT administrator.
Security is the responsibility of everyone in our campus community, so thank you for doing your part to keep your system and the University of Guelph secure.
Written by: Stephen Willem (Chief Information Security Officer)