2. Install anti-virus software and maintain current signatures

Always use caution when opening attachments; email attachments are the most common means of spreading computer viruses (though not the only means). Sender addresses can be spoofed by viruses; if in doubt, don't open it until you contact the sender to confirm.

Email sent to your TC mail address are scanned for viruses by the TC mail server.  If an infected attachment is found, it is removed and replaced with a harmless text file called <Replaced infected file.txt> 

Recent versions of Microsoft Outlook offer additional protection by blocking executable attachments.

We are now blocking most executable file attachments types

Attachments that can execute by simply clicking on them are a common method of spreading computer viruses on Windows computers. Therefore, the Teachers College mail server is now configured to remove most types of executable email attachments. The message will be delivered but with a message file attached
explaining the action. This applies to both incoming and outgoing mail. This step has been taken by many mail services; Columbia has been blocking executables for some time.

Windows uses three-letter extensions on files to determine the type of file. Many of the standard file types are executable files, meaning that Windows will automatically start running them as a program as soon as they are 'clicked' on. Following the suggestion in a Security Update from Microsoft, we are currently blocking transmission of the following standard file extensions through our email system.

ade adp app bas bat chm cmd com cpl crt csh dll exe fxp hlp hta ini ins isp js jse ksh lib lnk mda mdb mde mdt mdw msc msi msp mst ocx ops pcd pif prg reg scr sct shb shs sys vb vbe vbs wsc wsf wsh xsl

We allow all other extensions, including doc txt xls rtf ppt zip, so that Microsoft Word, Excel, PowerPoint, and ZIP attachments are not affected.

Note: Zip files are often used these days for spreading viruses, so we are ocasionally required to block zip attachments until anti-virus signatures have been updated. STATUS: ZIPs are currently being allowed.

What if you need to send email with a disallowed attachment type?

In many cases, the mail message with the executable attachment will have been sent to you by a virus/worm program, in which case you should just delete the message.

If you think that the message is legitimate, you probably want to contact the sender and ask them to rename the file extension before attaching it, using an extension that is not blocked -- make sure they tell you how you need to rename the file after you receive it. CAUTION: before renaming and running a file, make sure it's a file you are really expecting -- don't rename and open any unknown attachments!!

 [top]

Virus/Worm-generated messages

You may receive unwanted mail messages generated by virus/worm programs that generate spurious mail messages.

How this happens: a virus (such as the Sobig virus) that has infected a computer scans files on that computer for email addresses, then sends messages to some or all of those addresses or perhaps to random addresses, with attachments that may carry the virus. If a recipient opens the attachment, their computer is infected, repeating the cycle and resulting in exponential spread. Some viruses insert bogus email addresses in the <From:> field, making it appear (falsely) that the message is from someone you know. It may even insert your email address in the From: field of some messages if your address is in someone elses email contact list. In those cases, you may receive a "bounce" message from an email system for an email message you know you never sent; you can ignore and delete those 'bounce' messages.

The TC mail server scans all email sent to your TC address, deleting infected attachments and replacing them with a file called [Message from CIS Help Desk.txt], rendering it harmless. There is currently no way to keep the messages from being delivered to your mailbox; the messages can simply be deleted.  If the number of such messages in your Inbox is a problem, you can handle it with an Outlook Rule.

 [top]

Spam

You probably receive unwanted email messages, called spam, from people taking advantage of the low-cost of sending messages via the Internet. Spammers may send millions of messages, accepting that most will be invalid addresses.  They also use lists of email addresses collected by automated programs that scour the Internet looking for email addresses (found on web pages, listservs, mailing lists, etc).  One way to reduce the amount of spam you receive is to keep you email address off publicly-viewable web pages or listservs, but this is sometimes difficult.

Delete it! If you suspect a message is junk mail, treat it as such by deleting it, even without opening it.

Don't reply! A reply can perpetuate what you're trying to stop. Especially with advertising, your reply verifies to spammers that they have reached a valid e-mail address, thus making certain you're included on future lists. Advertisements frequently offer a URL or toll-free number to delete yourself from future mailings; before you do, reread this paragraph. 

 [top]

Backup of important files

The best protection against disaster is a backup of your important documents.  Make regular backups of your Word, Excel, etc. documents on a ZIP disk, a recordable CD, or on a network drive.  Exchange files (mail, contacts, schedule, etc) in standard locations (Inbox, etc) are stored on the TC mail servers, which are regularly backed-up by CIS.  However, if you move messages to Personal Folders or Archive folders, the messages in those folders are on your local computer's hard drive and you need to back them up yourself.  Outlook personal folder files have <pst> extensions; use the Windows Search/Find utility to locate them for backup. Please contact the Help Desk for assistance and consultation on backup.

 [top]

Firewalls

Installing a personal firewall provides another layer of protection for a computer.   However, deploying a personal firewall on your TC computer may prevent your computer from attaining full functionality within the TC systems environment, so CIS does not recommend installing personal firewalls at this time. CIS will soon be deploying an enterprise-wide firewall that will provide significant protection for all computers on the TC network.

For home computers, installing a personal firewall is a prudent step, although they require careful configuration on your part. Windows XP and Mac OS X come with built-in firewall capabilities. Otherwise, reasonable choices include Sygate Personal Firewall (Windows), Norton Personal Firewall (Windows) and Norton Personal Firewall (Macintosh).

 [top]

 

Passwords & privacy

A password allows you to authenticate, or prove, your identity. Never give your TC username and password to anyone; TC support staff will never contact you for that information.  Protecting your password is very important to guard against unauthorized access and misuse of services in your name.

TC password requirements are as follows:

• Minimum length of 8 characters
• Must include a character from at least 2 of the following categories:
• lowercase letters
• UPPERCASE LETTERS
• Numbers (1,2,3...)
• Symbols (@,#,$...)
  
• Cannot be blank, "password", similar to your username, or a dictionary word. View the dictionary here.
• Must change 3 times per year (i.e. it expires every 120 days)
• Cannot be either of the previous 2 passwords when it is changed.
  

Best practice is a passphrase with some abbreviations, acronyms, substitutions, etc.  For example, "What goes around comes around" could be used as "WG@comes0."  Once your fingers learn it, it becomes habit.

Other privacy concerns

Be wary about entering personal and/or financial information on a website that you followed from a link contained in an e-mail. Companies are most unlikely to send email requesting your credit card info. You should only enter sensitive information like credit card numbers if you have taken positive action yourself to go to an e-commerce web site, and you can choose a secure server for the transaction. Don't send sensitive information using wireless networks, since they are usually relatively easy to 'eavesdrop'.

Note that the text displayed for an embedded web link can be different than the underlying hyperlink address, and fraudulent websites can be created that resemble legitimate websites exactly. Double-check the actual web address of the site after you are connected. Ideally, you should open a new browser window and type in the url for the HOME page of the site, and then browse through the site to get to the proper page.

Never store personal or financial information on TC computers, especially laptops.  It's also advisable not to store any personal or financial information on personally owned laptops as they are susceptible to being stolen.

 [top]