|
|
Last Updated: April 02, 2005
Security Procedures
We are not posting specific detailed procedures at this point in time, since appropriate security settings are dependent upon details of your specific computing environment. While we would like our Windows-based computers as secure as possible, tightening settings too severely may prevent users from performing their work. We recommend testing all settings before applying them in a production environment.
Some general suggestions for securing your Windows computer in our U-M environment follow:
- Subscribe to Microsoft's Security Notification Service for monthly email about recently release security patches. Information about this service and other Microsoft security information is available at the Microsoft TechNet Security Center.
- Run MBSA to determine which security patches are missing from each computer. We recommend keeping your Windows OS updated to the most current patch levels.
- Install anti-virus software on every computer and configure it to run and obtain updated virus signatures automatically. U-M students, faculty and staff may obtain this software at the U-M Virus Busters web site.
- Never use blank passwords! We recommend using a passphrase of at least 7 characters, which includes mixed-case alpha-numeric and special characters. For example: GoBlue2005! is *not* a secure password because dictionary words are very easily guessed, even in combination with other words and numbers. However, a passphrase such as: YnP,cA7 is a good password example. Although now it is not, because we printed it here...so don't use it!
- Don't open email attachments that look suspicious, and even if they appear benign, download them to your hard drive and scan them with your virus scanner before opening them.
- Review the Resources and Tools page on this site.
Information Technology Central Services at the University of Michigan
|
|
|
