Security

Tips for staying safe online

Password security

Passwords are a simple defence (often the only defence) for your device as well as many online operations – so make sure your password is easy for you to remember and hard for others to guess.

For a secure password:

  • Never give your passwords to anyone. Ever.
  • For strong passwords, use long passwords – at least 16 characters.
  • Create a different password for every account.
  • Do not re-use any password that you previously used for any service.
  • Do use personal details or any combination of letters used in the account username.

IT Services and your local BSG IT support staff will never ask for your password.

If someone else does find out your password, you must change it immediately via IT Services’ self registration website. Change your BSG password via https://account.bsg.ox.ac.uk/#/SelfPasswordReset. For further advice on setting secure passwords visit the Information Security website.

Public computers and wireless networks

Public computers and open wireless networks can be targeted by criminals who are able to record everything; from the sites you visit to the details you type. If you do use a public computer – for example in an internet cafe, library, or open computing room – try to avoid activities that require you to input confidential information. If you do have to complete a financial or confidential transaction:

  • do not leave any information about yourself on the computer, simply clear the browser’s History and/or Cache when you have finished
  • consider changing your password (or other login details) when you get back to a computer that you trust
  • consider setting up a separate email account (on Google Mail or Yahoo for example) to use when you are travelling
  • if you have to leave your computer for any length of time, make sure that you lock the screen.

If you have a wireless network at home, make sure WPA security is enabled and a strong password is required. If you have control over your wireless network, consider allowing only designated computers to access it.

Secure your computer

There are thousands of pieces of software designed purely for malicious activity. We therefore recommend that you protect all of your internet enabled devices with anti-virus software and ensure that you install official software updates to minimise the risk of your computer being infected with viruses or other unwanted software.

Owners of computers connected to the University network are responsible for the installation and maintenance of up-to-date anti-virus software. Virus-infected computers can be barred from using the University network. For more information and tools for the removal of malicious software, visit the IT Services website.

Free antivirus software available

Members of the University can install the Sophos client on to their own computers for free. The Sophos anti-virus client is available for MS Windows, Apple Mac OS X and Linux. To obtain Sophos Anti-Virus:

  1. Visit Software Registration and Download
  2. Select Sophos Anti-Virus
  3. Click on Submit
  4. Download and install the appropriate Sophos client for your computer system.

Doing this also makes sure that you are registered on a mailing list so that you receive important announcements. Full instructions are given in the IT Services Anti-Virus web pages.

If you have alternative anti-virus software that you are happy with, please ensure that it is kept up-to-date. If you leave the University you must remove Sophos Anti-Virus from your PC(s) and/or laptop(s). It is recommended that you install an alternative anti-virus product at this point.

Back-up your work

If you value your data – notes, essays, project work or favourite holiday photos – you need to back up your files. This simply means copying the files to another storage device, e.g. USB drive, CD, or external hard-drive that you keep separate from your computer and which is free from any viruses.

For staff and graduate students, the University also runs a free back-up service, called crashplan. After registering your computer with this service you are able to back up your files on demand and/or on a weekly automatic schedule.

Protect your devices and documents

Online security isn’t always enough: you also need to guard against mishaps in the real world. For example, your computer could break, get damaged, or be stolen. If your computer is stolen, you have not only lost the physical device and your data but you have also given someone else access to any stored usernames, passwords, account details, etc.

While most areas in the University are secure from any non-University members, this can never be certain so make sure you take measures to secure personal items:

  • lock down laptops and portable equipment, including using desk encryption
  • always keep an eye on your laptop when it’s in a public place;
  • encrypt confidential documents before sending email and only use encrypted memory sticks;
  • in your room, keep devices out of sight and lock them away if possible; and
  • when setting an auto-reply email message, do not give any indication that you will be away from your room or house.