computing . msu . edu
tabs Home Students Faculty, Staff, and Departments

Secure IT Logo

Protecting Your Computer, Protecting Yourself

We encourage you to practice safe computing by protecting your computer from security dangers such as viruses, worms, spyware, intrusions, and other system vulnerabilities. Safe computing helps protect individual privacy, prevent identity theft, and protect computers and files from being damaged or lost.

Five Steps to Safe Computing

Keep IT Safe Booklet1. Turn on a personal firewall.
Connecting to the Internet opens your computer to attacks which could steal passwords, credit card numbers, or destroy data. Turn on your personal firewall to block attacks.
Search help.msu.edu for firewall.
2. Install anti-virus AND anti-spyware software.
Anti-virus software protects your system from viruses and other malware. Schedule daily anti-virus updates and scans of your computer. Anti-virus software may be purchased at the MSU Computer Store.
Search help.msu.edu for antivirus. Search help.msu.edu for spyware.
3. Protect Personal Information
Personal information should never be shared nor sent through e-mail, especially:
  • Social Security Numbers
  • Passwords
  • Credit Card Numbers
  • Bank Account Numbers
  • Driver's License Numbers
  • Names, addresses, phone numbers in conjunction with other personal data
  • Health, Financial, and Student Educational Records
4. Schedule automatic updates of the latest patches to your operating system and applications.
In Windows, use Windows Update. On a Mac, use Software Update.
Recommended Downloads and Patches from help.msu.edu.
5. Protect your passwords and pass phrases.
Your NetID and password define your online identity at MSU. Guard your passwords and pass phrases as you guard your bank card PIN. Never share them with anyone nor store them in obvious locations such as sticky notes, in your desk, or under your keyboard. Keep passwords in a safe place; consider a password vault.
Search help.msu.edu for passwords.

Pass Phrases

Many systems support the use of a pass phrase. Pass phrases are distinct from passwords in that they are typically more than 20 characters and may contain spaces. The phrase is typically a sentence that must be typed exactly each time. A pass phrase will typically be much stronger than shorter much harder to remember passwords.

Do all Systems Support Pass Phrases?

Some systems enforce various requirements on the passwords that you use. Most of these requirements come in the form of minimum and maximum lengths, requirements to use certain classes of characters. For example, MSU NetID's require that the password to be at least 8 characters long, and contain 3 of the 4 character types (upper case letters, lower case letters, numeric characters, symbols). Check with your system administrator to see if the system you are using supports pass phrases.

Strong Passwords

Even if your system does not support pass phrases, a sentence or several can be the basis of a strong password. Choose a sentence that is long and easy for you to remember. For example:

"The squirrels have created a nest in the tree outside the Computer Center. At least 3 of them live there during the winter."

Things to include in this sentence are proper nouns, numbers, and punctuation.

Using this as a base, apply at least 2 of the below techniques:

Continuing with the example above, a base phrase could have changed
into:

"The squirrels have crea ted a nest in the tree outside the Computer Center. At least 3 of them live there during the winter!"

Finally, Take the first letter of each word in your phrase, along with any
punctuation or numbers, and create your password, like this:

"TshctanittoCC.Aal3otltdtw!"

This password is reasonably long, contains all 4 classes of characters, and is based off a sentence that can be remembered, rather than a random number generator. Other variants include taking the second, or last letter of each word.

File Sharing and Copyright

Over the past few years, file-sharing - i.e., the sharing of files over peer-to-peer (P2P) networks - has become a popular way for people to sample and gather music, movies, and video games. File-sharing, however, can have a number of risks. For example, when you are connected to file-sharing programs, you may unknowingly allow others to copy private files you never intended to share. You may download material that is protected by copyright laws and find yourself mired in legal issues. You may also download a virus or facilitate a security breach.

The Digital Millennium Copyright Act (DMCA) of 1998 addresses copyright liability as it pertains to electronic forms of original works. With the law behind them, movie, music, and software companies are taking aggressive action. Organizations representing these industries, such as the Recording Industry Association of America (RIAA), are actively monitoring the Internet for illegal distribution of copyrighted material.

It is a serious violation of MSU's Statement of Acceptable Use and Federal law to share copyrighted files from your computer. If Michigan State receives a notice that you have been sharing copyright files from your computer system you will likely lose access to the campus network and may face additional disciplinary action up to and including suspension.

When you download or share copyrighted material without the owner's permission, you are breaking the law. But there are many legal alternatives that allow you access to songs and movies. To avoid being prosecuted or sued for copyright infringement explore legal alternatives available.

Four Steps to Safe File Sharing

  1. Be aware of what is and isn't copyright protected.
  2. Don't illegally download music from the Internet.
  3. Stream music from free sites like Pandora or purchase a subscription to sites such as Rhapsody, iTunes, or other legal music sites.
  4. Read MSU's statement of acceptable use to avoid inappropriate network use and any resulting discipline.

Be Aware of Phishing

Be aware of phishing, which is an online scam involving e-mail messages appearing to be from a trusted source. MSU or other reputable organizations will not send e-mails requesting your password.

How to protect yourself from being "phished"

How to report phishing attacks to MSU

Please report the phishing attack to MSU by forwarding the e-mail with full headers to postmaster@msu.edu. Or, use our contact form and paste a copy of the full headers into the form as part of your reporting. Then delete the message.

What to do if you are a victim of a phishing scam

In the event that you responded and provided the solicited information, or have input your information in the fraudulent Web site, it is important to act quickly to minimize possible damage to your finances and credit history.

If you have compromised your MSU NetID:

  1. Immediately change your password.
  2. If you need further assistance, call the the ATS Help Desk at (517) 432-6200.

If you have compromised other information such as your social security number or banking information:

  1. Contact your financial institution or trusted business immediately.
  2. File a police report. Obtain a copy of the written report as proof for creditors.
  3. After the attack, if your personal information has been compromised you should file a fraud alert with the credit reporting services and perhaps review your credit reports (there are 3 major credit reporting services) to determine if any fraudulent activity appears. The Federal Trade Commission (FTC) has more complete information and instructions. See the link listed below.