• Information for Faculty and Staff
• Information for Students
• About Us
  • Technology Services
  • Digital Learning Lab
  • Applications Services
  • Collaborators
• Quick Links
• News and Events

Security Guidelines and Policies

Americans 'Misjudge online risks' according to BBC News, Oct 3, 2004 (http://news.bbc.co.uk/2/hi/technology/3708260.stm). They believe they are more likely to be struck by lightning (a 0.0000102% chance, according to the US National Weather Service) than having computer problems caused by viruses (a 70% chance, according to the E-Crime Watch Survey).

Passphrases	Computer viruses	Spyware	File sharing
Identity Theft	Spam Busters	New info security policy	SPG 601.27 - FAQ

Passphrases

Use passphrases and keep them secret: the first step to secure the information on your computer is to have a passphrase to access it (whether a desktop, a laptop or PDA, especially if it is a portable device, since these can be lost or stolen), to protect sensitive information stored on it, e.g., personal or patient information. For guidelines on how to choose a passphrase, how often to change it, etc, see: http://www.dent.umich.edu/informatics/about/desktop/passphrase.php.
Passphrases guidelines are also available in PDF format.

Three passphrases are typically used:

1. umich passphrase or Kerberos password. This is used for e-mail and many web applications, including the Dental School Intranet site.
   It is recommended that you change this password at least every six months, for example when you change your clocks for Daylight Saving Time.
   To change your Kerberos password go to the ITCS page How to change your UMICH Kerberos Password.
2. dentistry passphrase, or Windows password, is used to get into Windows after pressing ctrl-alt-delete. Once you have authenticated with your dentistry passphrase, you have access to the Windows desktop, including your "My Documents" folder and related resources.
3. axiUm passphrase is only for the axiUm system.

The School of Dentistry policy on the use of passphrases, APG-001 Passphrases Policy, may be found in pdf format by scrolling down the left side bar and selecting 'Administrative Policies' at: https://intranet.dent.umich.edu/faculty/.

back to the top

Computer viruses

Visit the U-M website on Virus Protection: http://virusbusters.itcs.umich.edu/.

• Do not open questionable email messages or attachments, even from people that you know. Delete any messages with attachments that seem suspicious.
  
• Install and run a virus protection program on your computer. Free antivirus software is available for members of the U of M community, and is available at http://www.itd.umich.edu/virusbusters/virusscan-info.html.
  
• Make sure your antivirus software is updated frequently. Checking for updates once a week or month is reasonable.
  
• If you are concerned that your computer has been infected, please contact your local computing specialist or Technology Services by email at dds.helpdesk@umich.edu or by phone at 3-3318.
• Anti-Virus Software is now available for Macintosh Computers. Visit: http://www.itcs.umich.edu/itcsdocs/s4339/ for instructions on how to install Sophos Anti-Virus.

The School of Dentistry policy on System Management, APG-004, deals with workstation security and may be found in pdf format by scrolling down the left side bar and selecting 'Administrative Policies' at: https://intranet.dent.umich.edu/faculty/.

back to the top

Spyware

Spyware is a general term used for software that performs certain behaviors such as advertising, collecting personal information or changing the configuration on your computer, generally without appropriately obtaining your consent. You might have spyware or other unwanted software on your computer if:

• You see pop-up advertisements even when you are not on the web.
• The page your Web browser first opens to (your home page) or your browser search settings have changed without your knowledge.
• You notice a new toolbar in your browser that you didn't want and find it difficult to get rid of.
• You experience a sudden rise in computer crashes.

For more information on how to avoid spyware see:

• http://www.microsoft.com/athome/security/spyware/spywarewhat.mspx
• NukeSpam.doc
• SafeWebsites.doc
• Presentations at the 2005 IT Security Symposium at U-M at: http://safecomputing.umich.edu/events/sumit05_presentations.html

back to the top

File Sharing

"The Supreme Court ruled unanimously [on June 27, 2005] that commercial producers of file-sharing software may be sued for copyright infringement. The services are popular with college students who use them to download songs and movies, usually in violation of copyright law." (Andrea L. Foster, The Chronicle for Higher Education)

back to the top

Identity Theft

"Identity theft is a criminal offence. It occurs when a person knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit or aid or abet an unlawful activity that constitutes a violation of federal law or that constitutes a felony under any applicable state or local law." (Identity Theft and Assumption Deterrence Act, 18 USC 1028 (a)(7))

"Most ID theft may be committed the old-fashioned way, via paper, but electronic ID theft is the fastest growing form because of the growth in online banking [and[ is perhaps the toughest for a consumer to detect". (Michael Jackson, Associate Director of the FDIC's Division of Supervision and Consumer Protection).

In February 2005, U-M computers with Marketscore installed on them had to had their Internet access blocked, in order to protect institutional, personal and all information accessed on the web (financial, banking, e-mail, etc.) People may have installed the Marketscore software themselves, lured by its promise to speed Internet access. At the time it has not been proved yet that Marketscore does indeed speed up Internet access; what it does, being a combination of adware and spyware, is track ALL Internet activity collecting data entered, received, even secure (https) and encrypted data: passwords, credit card information, etc. Marketscore is legal, but seriously violates the user's online security. Read more about Marketscore at U-M at the Information Technology User Advocate website: http://www.umich.edu/~itua/virus/marketscore.html.

ID theft tips:

• review your consumer credit reports annually
• shred and destroy unwanted documents containing personal information
• deposit mail in US Postal Service collection boxes
• don't leave mail in your mailbox overnight or on weekends
• never give personal identifying information over the telephone or the Internet unless you initiated the contact

To report ID theft:

• if it involves the US Mail, contact your nearest US Postal Inspection Service office
• call the fraud units of the three major credit bureaus (Equifax, Experian and TransUnion) and request a "fraud alert' to be placed on your credit file
• order copies of your credit report from the credit bureau to check whether any fraudulent accounts were opened withjout your knowledge or consent

For more information on ID theft go to:

• http://identityweb.umich.edu
• UM Credit Union E-Mail Phishing Alert: UMCU_Alert.php
• Microsoft Security/At Home/E-Mail: http://microsoft.com/athome/security/email/phishing.mspx
• US Postal Inspection Service: http://www.usps.com/postalinspectors/idthft_ncpw.htm
• Identity Theft Resource Center: http://www.idtheftcenter.org/index.shtml
• Better Business Bureau Program BBBOnline: http://www.bbbonline.org/idtheft/index.asp
• FDIC Consumer News: http://www.fdic.gov/consumers/consumer/news/

back to the top

Office of Dental Informatics
University of Michigan School of Dentistry
Phone: (734) 615-7388
Desktop Support : (734) 763-3318 or
dds.helpdesk@umich.edu

Last modified: April 21 2008 10:09:27.
About this website
Contact the website manager