Higher education, government agencies, and large companies were hit hard this year when millions of computers fell prey to viruses and worms. Wasted resources have been measured in billions of dollars-and the next attack could be just around the corner. To help the University to meet these growing challenges, Information Technology Services (ITS) is launching a security awareness campaign this October and November with an urgent message for students, staff and faculty to "take control" by proactively ensuring that their computers are protected from security dangers such as viruses, worms and other system vulnerabilities.
The University's security awareness campaign features five important steps that Kathleen Kimball, director of Security Operations and Services at Penn State, encourages all Penn State community members to perform to ensure that their computers are fully protected, including the installation of firewall protection, consistent and regular security updates, secure passwords, and the installation of current antivirus and spyware detection software.
"Users need to know to update their systems as a matter of routine, setting their operating systems and antivirus software to be updated automatically," said Kimball, "They also need to be reviewing their vendor sites periodically to help ensure their own safety."
Although completing the five security steps involves some time and effort, ITS has tried to make the process as painless as possible by providing a Web site with step-by-step instructions for carrying out each of the security recommendations. In addition, to encourage students, faculty and staff to take strong interest in safeguarding their files, ITS is sponsoring a contest with two digital cameras as first prizes. Two digital audio players also will be presented as second prizes. To enter Penn State’s computer security contest, go to the campaign Web site located at http://its.psu.edu/takecontrol/.
Individuals who would like assistance in completing the computer security steps outlined at the Web site should contact the ITS Help Desk at (814) 863-2494 or (814) 863-1035.
"With the frequency of Internet attacks–no matter whether you're connected via Penn State or through a commercial provider-you need to take action to protect your computer and to continuously update that protection," commented Kimball. "Don’t wait for a warning, because attacks spread too quickly; you need to make proper personal computer security a routine today."
The importance of keeping up with security patches on computer operating systems has been reinforced again, as Microsoft last week issued a critical security alert telling users that there were problems with the way certain image files are handled by Windows and any applications that use the vulnerable code. The alert said that, theoretically, a malicious attacker could take over a vulnerable machine using a carefully crafted image that contained code to exploit the bug. This could mean that users find their machine under attack when they view images on the Web or when their e-mail program previews images contained in messages. For details, check the Web at http://www.us-cert.gov/cas/techalerts/TA04-260A.html.
“Any critical Microsoft problem or update–as this one is–affects Penn State,” said Kimball.