Ensure Secure Operating Systems – Hardening Checklist

If you support computers or systems at UA, or if you handle sensitive research data, be sure you are following these guidelines.

  1. Ensure the computer is running McAfee antivirus software, Malwarebytes, and (if applicable) Carbon Black.
  2. Ensure all software, including web browsers/media players, and operating systems are always up to date.
  3. Do not use a privileged or administrator account for daily use.
  4. Create a strong password – 12 characters at a minimum – longer is better. Use numbers, upper- and lower- case letters, and symbols. Consider a pass phrase – a combination of multiple words or a sentence. A password manager can help create and store strong passwords. UA provides LastPass free of charge to faculty, staff, and students.
  5. Configure your computer to lock itself after a period of inactivity – we suggest 15 minutes. Manually lock your computer before you leave it unattended.
  6. Ensure the computer’s firewall is enabled and blocking as much inbound traffic as possible.
  7. When on campus, use only use a wired connection or the Eduroam wireless network to connect to the Internet. When off campus, use the UA VPN to protect UA data over other networks.
  8. Ensure all UA owned laptops are encrypted. If you store sensitive information, ensure your desktop is encrypted as well.
  9. Keep your office door shut and locked when you are out of your office. Do not leave mobile devices unattended.
  10. Don’t store sensitive information on unencrypted media (including unencrypted flash drives, cds, etc.)
  11. To securely share data, consider using UA provided tools: O365 encrypted email, OneDrive, or UA Box. Use LastPass to securely share passwords.