Best Practices

Main Content

SIU IT BEST SECURITY PRACTICES

The following information consists of "Best Practices" recognized within the IT community as being good rules to follow that can assist in keeping your computer, your credentials and any information that you might not want exposed, safe from attackers.

Windows Update/Patching Best Practices:

  • Download the latest Service Pack to a thumb drive or CD (and any other updates that have been deemed easily remotely exploitable)
  • Apply the service pack(s) and updates (for both Windows and Office) without having the machine connected to the network
  • Reboot and make sure that both the included Windows firewall and Automatic Updates are enabled
  • Connect to the network and go to the Microsoft Update Site to install any additional patches that have been released:    (https://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us)
  • Installing updates may require that you install certain updates, reboot for them to take effect, and then return to the update site to retrieve additional updates.
  • When you are "done" patching, reboot the machine one additional time prior to returning to the Microsoft Update site.  Doing this will help to insure that there are not any additional patches that may have failed to apply during previous visits to the update site.

Email Best Practices

For general email safety information, please check out the SIU IT Security Scam page, which contains specific information about "phishing" scam email, but also contains general information about email client usage.

Web Browser Best Practices

We recommend installing Firefox and making it the default web browser.   If you add the following plugins, it is more secure than Internet Explorer and less likely to be the source of a  malware infection. One of the plugins we recommend is "noscript"  which will block script activity on a website and give the user the opportunity to permit scripts by source (for example if you go to a web site that has scripts running from both the host site and scripts running from advertisers, you can permit only the content from site you are actually viewing.) 

Another good plugin is "Flashblock"  which will stop flash scripts, ads, movies and applications from starting without user interaction.  This way, even if you permit "scripts" to run from a site, Flash block will still keep the flash objects on the page from starting automatically. 

No Script can be found here: 
https://addons.mozilla.org/en-US/firefox/addon/722