6 things every college student should know about computer security
Within the next three years, 90% of all U.S. colleges and universities are predicted to have widespread Wi-Fi networks. That's great news for students and faculty, but with mobility also comes responsibility. If you're not careful, your laptop, netbook, tablet, or smartphone can reveal private information, like your passwords to e-mail, social networking, and banking sites.
Even if you don't have an iPad, iPhone--or even a laptop--these tips are worth a read. Even when you are using a wired connection (does anyone do that anymore?) many of these tips for safer surfing still apply.
1. Know your wireless network
This is an important one. Your campus may have more than one type of wireless network and it's important to know which one you're on. Increasingly, schools are deploying some combination of these three types of wireless networks:
- Open (unsecured) wireless for guests
- Open (unsecured) wireless for registered members of the campus community
- Encrypted (secured) wireless for registered users
Connecting to an open network for guests is your least secure choice. Not only does this network lack any encryption for the data you are beaming through the air, but anyone standing on campus can use it, even if they have no business there. With the right software, someone like this could potentially intercept data that you are transmitting. (Of course, if you actually are a guest on campus, this may be your only choice.)
At the very least, connecting to an open network limited to registered users is one step above in security. In case someone on campus does engage in malicious behavior, the school can trace his or her machine to a registered user.
By far, your preferred choice is an encrypted wireless network, which will always be limited to registered users. Better yet, your school should be using WPA or WPA2 encryption, which significantly enhances your security.
How can you tell what kind of network you are connecting to? In Windows 7, you can click the wireless icon in the taskbar to view a list of available networks. Networks which are open, or unsecure, will display a small shield icon. Networks without a shield icon are secure and encrypted. In Mac OS X, the display works in the reverse. When you click the wireless icon on the top menu bar, a list of available networks appears, and those which are secure display a lock icon. Those without a lock icon are open and unsecure.
2. Firewall it
Both Windows and Macs include built-in firewall software. Your firewall can prevent many types of intruders from invading your machine from within the campus network, or out on the Internet. Some users do not always run an active firewall, but when using a campus network, you should. At least, check that it is enabled.
Windows users can go to the Control Panel/Security settings to view the status of the firewall, and turn it on, if necessary. Mac users can open System Preferences/Security and click on "firewall" and select "essential services."
3. OS updates
Both Microsoft and Apple frequently publish updates to secure your machine against newly discovered vulnerabilities. It is very important to accept these updates. It can also be very annoying, especially when they interrupt your work. But it is still very important.
Since we're being frank here, let's talk honestly--if you are running an "illegitimate" copy of Windows, some of these updates are designed to smoke you out. It is tempting to disable Windows Update entirely, but doing so will deprive you of important security patches and will leave your machine vulnerable. People in this situation (you know who you are!) need to research which updates can safely be ignored.
4. Shared folders
Lots of us setup shared folders to access files from our or other people's machines. But shared folders may be visible to users on the same local network, and when you are on campus, that could include everyone else on campus (or at least, a bunch of them).
The safest choice is to disable shared folders altogether, especially if you do not even use the feature. In Windows Vista or 7, you can navigate to Control Panel/Network and Internet/Network and Sharing Center, Advanced Sharing Settings, and finally, Turn Off Public Folder Sharing (yes, they should make this easier).
On Mac OS X, click to System Preferences/Sharing and then uncheck "File Sharing."
If you actually do need to use shared folders and cannot disable the feature completely, you need to configure your shared folders with password-protected security. Consult more detailed instructions for Windows Vista/7 and OS X.
5. P2P file sharing
Frankly, it is no secret what many college students do online--No! Not that!--file sharing. These days, that usually means torrents. Movies and music are the most popular commodities on peer-to-peer networks. Our lawyers require us to say that you should not engage in copyright infringement.
Both the recording and film industries are putting increased pressure on colleges to restrict, prevent, and prosecute students who share copyrighted media. Some colleges block torrents entirely.
Running torrent software on a campus wireless network is a bad idea. For one thing, it can consume a lot of network resources, potentially affecting performance for others. Not very nice. But also, it is easy to trace you, because if you are using a secure wireless network (and you should be--see above!), the college knows that the machine being used is registered to you.
People who still run torrent software anyway, and do not wish to be caught and fined, should at the very least avoid sharing files back to the network. Your torrent software looks for files to share in a default folder. Either disable this feature or set it to an empty folder, because the legal hammer comes down hardest on people who actively share files back to the network, moreso than people who "only" retrieve files.
6. Enable HTTPS for Facebook
If you must use an open, unsecure campus wireless network, your social networking accounts are at risk. It is important that you only connect to accounts on sites that support secure web browsing, or HTTPS (your browser will display a lock icon on these sites, such as when you connect to a banking site). A site like Google Gmail automatically uses HTTPS by default, so you're safe there.
But Facebook does not (yet) default to HTTPS. But you can tell it to. Log into your Facebook account and go to Account/Account Settings/Account Security and click to enable the "https" option (pictured above).
As with most things in life, a little preventive medicine can go a long way. Take the time to practice safe surfing and we promise you'll be glad you did.