If you have an SSD or a locally supported and managed system then Antivirus and Malware protection is managed for you. Contact your local IT support or the Helpdesk for details.
If you manage your own system then you are responsible for ensuring that your system has the most up to date Antivirus and Malware protection installed. The University supplies or recommends a number of solutions that can be used.
If you have an SSD or a locally supported and managed system then your systems Firewall protection is managed for you. Contact your local support or the Helpdesk for details.
If you manage your own system then you are responsible for ensuring that your system is protected with a firewall. Most systems now have a firewall installed and enabled by default. It is your responsibility to ensure that this is the case and to manage the firewall rules to protect not only your system but to protect other systems on the University network. See your system and software documentation for help with this.
If you have an SSD or a locally supported and managed system then your systems updates are managed for you. You are responsible for ensuring any third party software which is not managed or supplied by your IT support is kept up to date on your system. Contact your local support or the Helpdesk for details.
If you manage your own system then you are responsible for ensuring that it receives updates for the operating system and any software that is installed. The University provides update services for Microsoft operating systems and software. For all other types of systems pleases refer to the suppliers documentation.
Smartphones and tablets may contain a lot of confidential information, possibly including banking details.
- Treat a smartphone like your wallet or purse.
- Treat a tablet like your laptop.
Steps that can be taken to increase the security of your smartphone:
- Use a PIN to protect the phone/tablet from casual unauthorised use. (do this right now)
- Set a timeout to lock the device.
- Consider configuring remote wiping.
- Some manufacturers provide remote wiping as a service. Contact your supplier for details.
NOTE: Devices which use 'Activesync' (iOS, Windows mobile, some Android) to connect to your University email can be remotely wiped using the appropriate email web interface( at http://www.gla.ac.uk/it/webmail) under options > mobile
- Be careful which apps you install and the permissions you give them.
- If you configure GPS location services, be aware of what information they share.
- Email security rules apply for smartphones and tablets.
- Keep a copy of your IMEI number (if applicable) in case of loss or theft.
- Backup the information on your devices.
- Ensure secure disposal of your devices at end of life.
Theft, data loss, and physical damage are all threats if individuals can access your computer without your knowledge. Reduce this risk by:
- Controlling access to the computer itself. Only authorized people should have access. If someone can get physical access to your computer they can get full control of it.
- Ensuring your computer is in a room that can be locked when unattended.
- Securing the computer to non-movable furniture (such as desks).
- Locking your computer so that the case cannot be opened (protects internal components).
- Positioning your computer so that people cannot watch passwords being typed in. If machines are in front of windows, behind glass walls, avoid having the monitor or keyboard in a location where they can be seen from the outside.
It's important not to forget that physical security is as much about preventing computers or their components from being stolen as it is about preventing access to the operating system or data.
The use of P2P applications is strictly prohibited. BitTorrent is an example of a P2P application. P2P applications are commonly used to download copyrighted material.
It is an offence under UK law to make copies of commercially-produced music recordings, videos, images and computer software. You are not permitted to make copies for personal use. You must have permission from the rights holder to copy any such material.
Copyright infringements may result in legal action against the individual concerned and the University, with resulting impact on the University's image and reputation. This will also be in breach of both the University of Glasgow IT regulations and the JANET Acceptable Use Policy.
Many P2P applications automatically make downloaded files available to other P2P users. This is dealing in digital contraband, resulting in increased seriousness of the copyright breach committed.
P2P applications can lead to abuse either by those supplying the software or by third parties. Applications can include license agreements whereby the licensee allows the licensor the right to use all available CPU and network resources on the installed machine for any reason they see fit. The University cannot accept such a condition.
Many P2P downloads contain malware (viruses, worms, trojans). It is often impossible to know whether a file being downloaded via P2P is really what it claims.
Users of P2P can also share more than they intended to with other users. Such as sharing your documents folder by accident and putting your data at risk.
If you have a legitimate use for P2P applications, please inform IT Services at email@example.com; we can provide advice on reducing the risks involved.
Sanctions for inappropriate use may include:
- Temporary or permanent loss of access to University's computer and network resources.
- Legal proceedings from copyright holders.
- Action under University disciplinary procedures.
IT Services does not support Skype as a desktop collaboration tool. The Multimedia Communications Unit can advise on use of standards-based IP telephony applications.
If you must use Skype, IT Services requires that you follow these steps:
- Use the latest version of Skype and keep it up to date.
- Configure Skype as follows.
- In Tools / Options / General / General Settings:
- Untick the box labelled "Start Skype when I start Windows"
- In Tools / Options / Advanced / Connection:
- Set the port for incoming connections to 41234
- Untick the box labelled "Use port 80 and 443 as alternatives for incoming connections"
- Quit and restart Skype.
- Only launch Skype when you need to use it - this may require co-ordination by other means e.g. email, instant messaging or calendar
- Keep calls as short as possible
- Close the Skype application when it is not in use. Right-click on the Skype system tray icon and choose quit from the menu