Scheduled maintenance

Our internet provider will be conducting testing on our connection between 8:30 p.m. July 8 and 9:00 a.m. July 9.

Our website, and online renewals will be unavailable during the specific tests.

Safeguardng Your Data: Cyber Security Tip ST06-008

Cyber Security Tip ST06-008
Safeguarding Your Data

When there are multiple people using your computer and/or you store
sensitive personal and work-related data on your computer, it is especially
important to take extra security precautions.

Why isn't "more" better?

Maybe there is an extra software program included with a program you bought.
Or perhaps you found a free download online. You may be tempted to install
the programs just because you can, or because you think you might use them
later. However, even if the source and the software are legitimate, there
may be hidden risks. And if other people use your computer, there are
additional risks.

These risks become especially important if you use your computer to manage
your personal finances (banking, taxes, online bill payment, etc.), store
sensitive personal data, or perform work-related activities away from the
office. However, there are steps you can take to protect yourself.

How can you protect both your personal and work-related data?

* Use and maintain anti-virus software and a firewall - Protect yourself
against viruses and Trojan horses that may steal or modify the data on
your own computer and leave you vulnerable by using anti-virus software
and a firewall (see Understanding Anti-Virus Software and Understanding
Firewalls for more information). Make sure to keep your virus
definitions up to date.
* Regularly scan your computer for spyware - Spyware or adware hidden in
software programs may affect the performance of your computer and give
attackers access to your data. Use a legitimate anti-spyware program to
scan your computer and remove any of these files (see Recognizing and
Avoiding Spyware for more information). Many anti-virus products have
incorporated spyware detection.
* Keep software up to date - Install software patches so that attackers
cannot take advantage of known problems or vulnerabilities (see
Understanding Patches for more information). Many operating systems
offer automatic updates. If this option is available, you should turn it
on.
* Evaluate your software's settings - The default settings of most
software enable all available functionality. However, attackers may be
able to take advantage of this functionality to access your computer. It
is especially important to check the settings for software that connects
to the internet (browsers, email clients, etc.). Apply the highest level
of security available that still gives you the functionality you need.
* Avoid unused software programs - Do not clutter your computer with
unnecessary software programs. If you have programs on your computer
that you do not use, consider uninstalling them. In addition to
consuming system resources, these programs may contain vulnerabilities
that, if not patched, may allow an attacker to access your computer.
* Consider creating separate user accounts - If there are other people
using your computer, you may be worried that someone else may
accidentally access, modify, and/or delete your files. Most operating
systems (including Windows XP and Vista, Mac OS X, and Linux) give you
the option of creating a different user account for each user, and you
can set the amount of access and privileges for each account. You may
also choose to have separate accounts for your work and personal
purposes. While this approach will not completely isolate each area, it
does offer some additional protection. However, it will not protect your
computer against vulnerabilities that give an attacker administrative
privileges. Ideally, you will have separate computers for work and
personal use; this will offer a different type of protection.
* Establish guidelines for computer use - If there are multiple people
using your computer, especially children, make sure they understand how
to use the computer and internet safely. Setting boundaries and
guidelines will help to protect your data (see Keeping Children Safe
Online for more information).
* Use passwords and encrypt sensitive files - Passwords and other security
features add layers of protection if used appropriately (see Choosing
and Protecting Passwords and Supplementing Passwords for more
information). By encrypting files, you ensure that unauthorized people
can't view data even if they can physically access it. You may also want
to consider options for full disk encryption, which prevents a thief
from even starting your laptop without a passphrase. When you use
encryption, it is important to remember your passwords and passphrases;
if you forget or lose them, you may lose your data.
* Follow corporate policies for handling and storing work-related
information - If you use your computer for work-related purposes, make
sure to follow any corporate policies for handling and storing the
information. These policies were likely established to protect
proprietary information and customer data, as well as to protect you and
the company from liability. Even if it is not explicitly stated in your
corporate policy, you should avoid allowing other people, including
family members, to use a computer that contains corporate data.
* Dispose of sensitive information properly - Simply deleting a file does
not completely erase it. To ensure that an attacker cannot access these
files, make sure that you adequately erase sensitive files (see
Effectively Erasing Files for more information).
* Follow good security habits - Review other security tips for ways to
protect yourself and your data.
______________________________

___________________________________

Author: Mindi McDowell
_________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Note: This tip was previously published and is being re-distributed
to increase awareness.

Terms of use

<http://www.us-cert.gov/legal.html>

This document can also be found at

<http://www.us-cert.gov/cas/tips/ST06-008.html>

EBSCO scheduled maintance

EBSCO has informed us they will be conducting maintenance from Jan 31-Feb 1

You may experience difficulty connecting to:
EBSCOhost
Auto Repair Reference Center
NoveList & NoveList K-8
Kids Search
Searchasaurus
Student Research Center

Defending Cell Phones and PDAs Against Attack: Cyber Security Tip ST06-007

Cyber Security Tip ST06-007
Defending Cell Phones and PDAs Against Attack (View the article with links to related articles)

As cell phones and PDAs become more technologically advanced, attackers are
finding new ways to target victims. By using text messaging or email, an
attacker could lure you to a malicious site or convince you to install
malicious code on your portable device.

What unique risks do cell phones and PDAs present?

Most current cell phones have the ability to send and receive text messages.
Some cell phones and PDAs also offer the ability to connect to the internet.
Although these are features that you might find useful and convenient,
attackers may try to take advantage of them. As a result, an attacker may be
able to accomplish the following:
* abuse your service - Most cell phone plans limit the number of text
messages you can send and receive. If an attacker spams you with text
messages, you may be charged additional fees. An attacker may also be
able to infect your phone or PDA with malicious code that will allow
them to use your service. Because the contract is in your name, you will
be responsible for the charges.
* lure you to a malicious web site - While PDAs and cell phones that give
you access to email are targets for standard phishing attacks, attackers
are now sending text messages to cell phones. These messages, supposedly
from a legitimate company, may try to convince you to visit a malicious
site by claiming that there is a problem with your account or stating
that you have been subscribed to a service. Once you visit the site, you
may be lured into providing personal information or downloading a
malicious file (see Avoiding Social Engineering and Phishing Attacks for
more information).
* use your cell phone or PDA in an attack - Attackers who can gain control
of your service may use your cell phone or PDA to attack others. Not
only does this hide the real attacker's identity, it allows the attacker
to increase the number of targets (see Understanding Denial-of-Service
Attacks for more information).
* gain access to account information - In some areas, cell phones are
becoming capable of performing certain transactions (from paying for
parking or groceries to conducting larger financial transactions). An
attacker who can gain access to a phone that is used for these types of
transactions may be able to discover your account information and use or
sell it.

What can you do to protect yourself?

* Follow general guidelines for protecting portable devices - Take
precautions to secure your cell phone and PDA the same way you should
secure your computer (see Cybersecurity for Electronic Devices and
Protecting Portable Devices: Data Security for more information).
* Be careful about posting your cell phone number and email address -
Attackers often use software that browses web sites for email addresses.
These addresses then become targets for attacks and spam (see Reducing
Spam for more information). Cell phone numbers can be collected
automatically, too. By limiting the number of people who have access to
your information, you limit your risk of becoming a victim.
* Do not follow links sent in email or text messages - Be suspicious of
URLs sent in unsolicited email or text messages. While the links may
appear to be legitimate, they may actually direct you to a malicious web
site.
* Be wary of downloadable software - There are many sites that offer games
and other software you can download onto your cell phone or PDA. This
software could include malicious code. Avoid downloading files from
sites that you do not trust. If you are getting the files from a
supposedly secure site, look for a web site certificate (see
Understanding Web Site Certificates for more information). If you do
download a file from a web site, consider saving it to your computer and
manually scanning it for viruses before opening it.
* Evaluate your security settings - Make sure that you take advantage of
the security features offered on your device. Attackers may take
advantage of Bluetooth connections to access or download information on
your device. Disable Bluetooth when you are not using it to avoid
unauthorized access (see Understanding Bluetooth Technology for more
information).
_________________________________________________________________

Author: Mindi McDowell
_________________________________________________________________

Produced 2006 by US-CERT, a government organization.

Note: This tip was previously published and is being re-distributed
to increase awareness.

Terms of use



This document can also be found at

Greener Internet Searching

With "green" being so important now, did you know there is a greener way to search the internet?

http://www.blackle.com/

Blackle uses a Google Custom Search to display both the home page and search results on a black screen, reducing the amount of energy needed by your monitor.

Search results are provided by Google.