Malware, hackers and scams oh my!
There are tools to help you be safe
But you have to be AWARE at all times
Requirements for network use @ Stanford
Script kiddies just want to be annoying, but it can still be a mess to clean up afterwards.
Criminals want identities and financial information to sell or use.
Terrorists and/or foreign governments want to destroy and/or control and will use your weak link machine to access resources they can use.
Don't get me started on the NSA and Google . . .
Tools to help you
My Devices - shows you what you already have on the Stanford network. This site will tell you if your devices are compliant with security standards for Stanford.
Desktops and Laptops -> Essential Stanford Software: http://ess.stanford.edu
BigFix: helps keep your software up to date and lets Stanford know you are compliant.
Use VLRE if you want to control when updates are done. NOTE: W10 will often reboot without your permission even then.
Stanford Desktop Tools: helps set up your computer properly to close holes hackers use.
Whole Disk encryption: SWDE is required. Works on external drives too.
CrashPlan: makes an encrypted backup of files you choose to main campus server
Phones, Pads, Pods -> Mobile Device Management: https://mdm.stanford.edu/
MDM will lead you to the correct programs for iOS and Android to password protect and encrypt your device(s). You will be able to 'kill' your information if the device is ever lost or stolen. No one will be able to use your device to attack Stanford or access your accounts. see Apple and Android for detailed instructions on how to install
It is recommended that you encrypt your entire disk at time of install. This is easy to do with most distros. There is no BigFix or Anti-Malware for Linux at this time.
Nearly all devices will be hacked sooner or later. The bad guys are getting better and better at tricking you to give up information and in infiltrating your machine through holes in security.
ALL modern operating systems offer updates, especially security updates. DO ALL UPDATES! This is your first defense. Keep your Anti-Virus up to date and do regular scans.
No program can stop them all, especially if you click on a bad link or use an infected website.
Be suspicious if:
Your search engine suddenly changes.
Your friends all start getting email from you that you did not send.
You get pop-up windows unexpectantly.
There is suspicious activity on your bank accounts.
Watch VERY carefully when installing new software, especially free software, as there are likely to be check boxes that if not unchecked will install "crapware" which in only one degree away from malware.
When you get a new machine, go to the control panel, programs and features, and remove any crapware you find BEFORE putting your files on the machine. Use a seach engine if you are not sure what a program is.
Stanford University requires ALL internet capable devices connected to the Stanford network to follow certain rules.
Visitors not wanting to follow these rules can connect wirelessly through Stanford-Visitor, but will not be allowed access to sensitive or restricted areas, including many library resources.
Even if you only use VPN, you are connected, and the rules still apply.
Even if you personally own the device and don't have sensitive information (you think), but are connected through Stanford (other than Stanford-visitor), the rules still apply. Your machine can be used to attack others.
See "Tools to help you" above for the list of required software. John Lee and Amanda Whitmire can help you with any/all of the installs.
It is possible to get an exception for a device used only in the lab and not connected to the net. Not easy, takes time, have to be renewed each year. Pain.
Of course, if it is NOT on the net, then none of this applies. Oh, except for that infected thumb drive. hmm....