What is Computer Security?

Computer Security is the protection of computing systems and the data that they store or access.

Why is Computer Security Important?

Computer Security allows the University to carry out its mission by:

  • Enabling people to carry out their jobs, education, and research
  • Supporting critical business process
  • Protecting personal and sensitive information

Why do I need to learn about Computer Security? Isn't this just an I.T. problem?

Good Security Standards follow the "90 / 10" Rule:

  • 10% of security safeguards are technical.
  • 90% of security safeguards rely on the computer user ("YOU") to adhere to good computing practices

Example: The lock on the door is the 10%. You remembering to lock the lock, checking to see if the door is closed, ensuring others do not prop the door open, keeping control of the keys, etc. is the 90%. You need both parts for effective security.

What Does This Mean for Me?

  • This means that everyone who uses a computer needs to understand how to keep their computer and data secure.
  • Information Technology Security is everyone's responsibility

Many cyber security threats are largely avoidable. Some key steps that everyone can take include:

  • Use good, cryptic passwords that can't be easily guessed - and keep your passwords secret
  • Make sure your operating system and applications are protected with all necessary security patches and updates
  • Make sure your computer is protected with up-to-date antivirus and anti-spyware software
  • Don't click on unknown or unsolicited links or attachments, and don't download unknown files or programs onto your computer
  • Remember that information and passwords sent via standard, unencrypted wireless are especially easy for hackers to intercept
    • To help reduce the risk, look for https in the URL and the little padlock that appears in the URL bar or in a corner of the browser window before you enter any sensitive information or a password.
    • Also avoid standard, unencrypted e-mail and unencrypted Instant Messaging (IM) if you are concerned about privacy

 

Quiz: A hacked computer can be used to... (select all that apply)

  1. Send spam and phishing emails.
  2. Harvest and sell email addresses and passwords.
  3. Illegally distribute music, movies and software.
  4. Distribute child pornography.
  5. Infect other systems.
  6. Hide programs that launch attacks on other computers.
  7. Record keystrokes and steal passwords.
  8. Access restricted or personal information on your computer or other systems that you have access to.
  9. Generate large volumes of traffic, slowing down the entire system.

Of course, the answer is "All of the above." A compromised computer can be used for all kinds of surprising things.

Security Objectives

  • Learn "good computing security practices."
  • Incorporate these practices into your everyday routine. Encourage others to do so as well.
  • Report anything unusual - Notify the appropriate contacts if you become aware of a suspected security incident

What are the consequences for security violations?

  • Risk to security and integrity of personal or confidential information
    • e.g. identity theft, data corruption or destruction, unavailability of critical information in an emergency, etc.
  • Loss of valuable business information
  • Loss of employee and public trust, embarrassment, bad publicity, media coverage, news reports
  • Costly reporting requirements in the case of a compromise of certain types of personal, financial and health information
  • Internal disciplinary action(s) up to and including termination of employment, as well as possible penalties, prosecution and the potential for sanctions / lawsuits

Return to Security Awareness Training website

 

 

Looking for help?

We offer a number of tutorials and FAQs available in the Guides & FAQs section.
If you have any questions, problems, or comments, please contact the IT Help Desk via email at helpdesk@ucmerced.edu, via phone at 209.228.HELP (4357), or visit them in the Classroom and Office Building room 132A.