The Orange Coast College Information Technology Department recommends the following information security guidelines for students and their private personal computers while connected to the OCC computer network. They are based on sound security principles and best practices found in higher education environments. There are no guarantees with information security. However, following these generally accepted best practices will help protect the safety of your personal information as well as the integrity of the OCC computer network.
Operating System Updates:
- Security vulnerabilities are identified in operating systems on a regular basis. Whether you have a Windows, Macintosh, or Linux computer, make sure your operating system is up to date with the latest security patches supplied by the vendor.
- Just as operating systems need updates, applications are the same way. Make sure to update applications such as Adobe Reader, Microsoft Word, iTunes, various browser plug-ins, and others that you may have on your system on a regular basis.
- Install a good anti-malware or anti-virus program and keep the definitions up to date. If you are not able to or do not want to pay for such a program, there are free alternatives. For Windows there is Security Essentials (link), for Macintosh ClamAV (link) and for Linux Avast (link).
- We recommend turning on the firewall built into the Windows, Mac, and Linux operating systems. This is especially important if you are using your personal computer or laptop to access a wireless network, including the OCC wireless network. For a higher level of security, do not allow for inbound exceptions.
Do Not Share Account Info:
- Do not share your OCC computer network student account with anyone else. Not only can this put your own information at risk, it can also violate computer use guidelines and college district policy.
- Make sure your computer has a password for each local account. Example: Do not leave the Admin account password blank. Make your passwords are at least 8 characters long and easy enough to remember so you don't have to write it down.
- Never leave a computer, especially a laptop, unattended in a public area. There is a good chance it will be stolen. This is also why it's good to require a password when logging on to your computer and turning on the screen saver lockout for a period of 15 minutes or less. This will make it that much harder for a thief to access your data. It's also a very good idea to encrypt any data that you do not want public just in case your computer is stolen.
- One of the more popular vectors of viruses and worms is via an e-mail attachment. If something looks suspicious, do not open it up. Delete it immediately. If it turns out to be legit, it's always safer to ask someone to resend than take the chance of opening up a bogus attachment.
- Phishing attacks often come in the form of an e-mail and try to get the user to give up some kind personal information or account information. In the case of Orange Coast College, we will not ask you for your username or password. That is something for your eyes only. If you get locked out or can't remember your password, we can reset it for you. However, we do not ask students for their username or passwords in an e-mail.
- Hurting our computer network hurts the community we serve. If you witness a violation of OCC's computer use policy or a network hacking incident, please report it as soon as possible to the IT Department via phone 714-438-8111 or e-mail
Social Networking Sites:
- Be careful with the personal information you share on sites such as facebook or Myspace. If not configured properly, they can easily allow a person to gather information about you that you would not normally share with a stranger. This can lead to issues ranging from identity theft to stalking if you are not careful. If there is an HTTPS option, use it. This will help prevent wired and especially wireless account compromises. Also keep in mind that many social networking sites are targets for malware. Do not click on suspicious links to reduce your exposure to malicious websites.
Sensitive Personal Information:
- Be careful with the amount of sensitive information you store on your computer or other devices such as USB flash drives and smart phones. If it's absolutely necessary to store such information, make sure to use AES-128 or better encryption. This way if your computer or other storage device is stolen, the data will be extremely difficult for a malicious person to read.
Illegal Downloading of Copyrighted Material:
- Do not use or install peer to peer applications such as Gnutella or BitTorrent or any other type of software client to illegally download or upload copyrighted material while on the OCC computer network. This action is against college district policy and OCC guidelines. It is also against the law and the illegal files can be traced back to the end user. Many of these peer to peer file sharing applications can also put your personal and private data at risk and allow for the spread of malware.
- Some alternatives to downloading copyrighted material are available at Educause (link).