Why study with us

Fireside Analytics Academy - Computer Security

Computer security controls are based on the construct that the data on an individual machine/device influences the classification of that machine/device and, in turn, the multi-layer security strategy for defense against unauthorized access.

Safeguarding Computers for Individual Use

This section describes measures to safeguard computers typically used by individuals in Fireside Analytics Academy related activities. As used in these operational specifications, “computers” include but are not limited to desktops or laptop computers, smartphones and cellphones, USB flash memory drives, or similar devices.

Physical Security

  • Do not give physical access to computers to unauthorized persons.
  • Take appropriate precautions to prevent theft and damage.
  • Where possible, position monitors to prevent casual viewing by visitors or passersby.

System Security

  • Install anti-virus software and keep virus definitions up to date.
  • Install operating system and software patches and take other recommended steps to mitigate known vulnerabilities of the computer in a timely manner.
  • Do not download unauthorized software.
  •  Use a locking screensaver or other mechanism to prevent unauthorized use of the computer.
  • Do not leave your computer unattended without locking it or logging off.
  • Avoid Peer-to-Peer file sharing software; these programs typically enable unauthorized remote access without any password to the contents of the computer.
  • Do not install or run software that requires a license without that license. Respect license agreements and do not infringe on the copyright of others. (See section A.5)
  •  Respond promptly to notices from authorized University staff that vulnerabilities have been detected in your computer’s system.
  • Take particular care to secure your Fireside
  • Analytics Academy access information (e.g., log-ins, passwords) on home computers from unauthorized use by others.
  • Do not install unsecured third-party applications that may deliver malware to a personal device on which you may have Restricted Data, thereby putting Fireside Analytics Academy at breach risk.

Passwords

Where possible, secure all computer accounts with passwords, and use passwords to protect all file sharing.
Keep a well-secured copy of your passwords available for emergency access. Encrypt any computer file containing passwords. Keep any written file of passwords in a physically secure location, preferably separate from the computer or application they secure.
Use strong complex passwords in your passwords. Strong passwords consist of at least eight (8) characters. They should not be dictionary words or readily guessable. They should include at least three (3) of the following four (4) characteristics in any order: upper case letters, lower case letters, numbers, and symbols.
Passwords for sensitive websites or email accounts should not be saved on the computer.
Change passwords periodically. Avoid reusing a password for at least several change iterations. If you have multiple accounts, avoid using the same password for those accounts.

Do not keep passwords in plain text in a computer file or in plain sight on paper. Passwords should neither be sent in an email nor provided verbally by telephone. If you must communicate account access information in order to ensure business continuity, you should communicate it in a secure manner. Supervisors and managers should make certain that offices have plans for access to files and data for business continuity.
Where possible, do not configure programs to automatically store passwords.
Drag to resize
Shut down web browsers, email programs, or other applications that might store passwords temporarily when they are not in use.

Safeguarding Computers Used by Multiple Individuals

The section covers additional measures for safeguarding computers used by multiple individuals.  All the operational specifications set forth above apply, as well as the following additional measures to safeguard such computers.
  • Secure all computer accounts with passwords.
  • Give accounts to authorized persons only; provide individual log-ins. If you share a computer with others, take appropriate precautions to safeguard sensitive data that others may not be authorized to access and, where possible, create separate accounts for each person who is authorized to use the computer, setting appropriate permissions.
  • Where possible, enforce use of strong passwords and periodic password changes.
  •  Make every effort to maintain computer logs and review them on a regular basis.
  •  Stay familiar with best practices for administering the particular computer and use them.