Ensure Secure Operating Systems – Hardening Checklist
If you support computers or systems at UA, or if you handle sensitive research data, be sure you are following these guidelines.
- Ensure the computer is running McAfee antivirus software, Malwarebytes, and (if applicable) Carbon Black.
- Ensure all software, including web browsers/media players, and operating systems are always up to date.
- Do not use a privileged or administrator account for daily use.
- Create a strong password – 12 characters at a minimum – longer is better. Use numbers, upper- and lower- case letters, and symbols. Consider a pass phrase – a combination of multiple words or a sentence. A password manager can help create and store strong passwords. UA provides LastPass free of charge to faculty, staff, and students.
- Configure your computer to lock itself after a period of inactivity – we suggest 15 minutes. Manually lock your computer before you leave it unattended.
- Ensure the computer’s firewall is enabled and blocking as much inbound traffic as possible.
- When on campus, use only use a wired connection or the Eduroam wireless network to connect to the Internet. When off campus, use the UA VPN to protect UA data over other networks.
- Ensure all UA owned laptops are encrypted. If you store sensitive information, ensure your desktop is encrypted as well.
- Keep your office door shut and locked when you are out of your office. Do not leave mobile devices unattended.
- Don’t store sensitive information on unencrypted media (including unencrypted flash drives, cds, etc.)
- To securely share data, consider using UA provided tools: O365 encrypted email, OneDrive, or UA Box. Use LastPass to securely share passwords.