How to Protect Yourself From Viruses

Windows and MacOS personal computers that connect to University networks must run automatically updating antivirus software, receive security updates promptly and have the firewall program enabled. (Any exceptions to this must be for unavoidable reasons and be well managed). Applicable basic security measures should also be used with other operating systems such as Linux.
virus.jpg

Computers may be affected by malware i.e. viruses, worms or spyware. This can be the result of an attack from another computer somewhere on the network or a user of the computer unknowingly running a piece of malicious software.

To help reduce the number of malware related incidents it is University Policy that basic defences, must be implemented on University centrally managed and departmentally managed computers:

Requests for technical support relating to antivirus software, security updates or firewalling of computers should be directed to departmental computer support staff or IT Service Deskithelp@le.ac.uk or ext. 2253, as appropriate.

Antivirus software

For University centrally managed PCs, IT Services provides Sophos Anti-Virus. This software is also available to all staff and students of the University of Leicester for use on PCs and Macintoshes both on-campus and at home.

University centrally managed PCs

A correctly configured University centrally managed PC will have automatically updating anti-virus software installed.

University staff and students are, advised to check from time to time that the antivirus software Sophos, is installed, running and updating correctly by 

  1. Ensuring that the Systray at the bottom right of the screen is expanded and look for the blue shield  sophos_shield
  2. If the shield has a cross on it then right click on the shield and select Update Now. If the cross does not go away after the update or if you do not have a blue shield in the Systray at all, then report this to the IT Service Desk

Protection on staff and student PCs details how IT Services protects University centrally managed PCs from viruses and other malware.

Departmental Managed PCs

It is the responsibility of the local administrator for departmentally managed PCs to ensure that antivirus software is installed and updating automatically when the computer is connected to the network. All computers must have a local administrator to be eligible to connect to the University network. IT Services provides antivirus software and instructions for its installation onto Windows and MacOS personal computers that are not centrally managed. 

In practice virus problems remain negligible for Linux systems. Linux user are however recommended to look at Guidelines for securing a Linux host.

Individually owned PCs

  • Protecting your own PC about how to protect your own PC at home from viruses. This solution can also be used to protect Windows PCs connected to the University network which are not in the University IT account domain.
  • Protecting your Macintosh about how to protect a Macintosh from viruses. This solution can be used for University or home Macintoshes.

Operating system and application updates

  • All computers should be maintained so as to be up to date with security patches for both the operating system and any software applications installed.

University centrally managed PCs

IT Services will update the operating system on University centrally managed PCs and will update central applications software

It is the responsibility of the local administrator to ensure that other departmental software is updated.

Departmental managed PCs

It is the responsibility of the local administrator of departmental PCs to ensure that they are regularly updated with operating system security updates.

Current Windows, MacOS and Linux operating systems are all straightforward to update:

  • Current Windows operating systems have an automatic update feature which should be enabled.
  • Mac OS X v10.5 and later allows you set Software Update to download important updates automatically. You will be notified when the updates are ready to be installed.
  • Linux distributions generally give a prompt when updates are available. The user then provides authorisation for the updates to download and install.

Firewall software

It is University policy that personal computers should have correctly configured firewall software installed. 

University centrally managed PCs

The Windows firewall configuration on University centrally managed PCs is controlled by IT Services. Any requests to have a modified firewall configuration on a University centrally managed PC should be requested by contacting IT Services

Departmental managed PCs

Windows and MacOS built-in firewall systems will automatically provide adequate firewall protection for typical personal computer usage.

However, anyone that is not familiar with configuring firewalls and who wishes to install software or enable functionality intended to allow remote computers to connect to their personal computer is strongly advised to:

  • Instead use central or departmental facilities that are managed by computing staff wherever possible.
  • Seek advice from your departmental computer staff or IT Services about how best to configure the firewall.

Firewalling options for Linux are available, however, less standardised and straightforward to use. 

Individually owned PCs

Users of privately owned computers at the University must ensure that they are configured, actively maintained and used in accordance with University policy.

Privately owned devices may only be connected to the wired network in special circumstances approved by the Head of Department.

Exceptions

Specialised systems based on common desktop operating systems are used at the University. With these it may not be permitted or possible for University staff to apply updates to the operating system, install antivirus software etc. Departments operating such systems should ensure that the configuration supplied is as "locked down" as possible (unfortunately some suppliers seem to overlook the possibility of their systems being used in a "hostile" network environment).  Wherever possible the contract for supply of such systems should incorporate agreement that the supplier will implement necessary security updates. Departments should also aim to restrict use of specialised systems to their primary purpose.

virus_alert.jpg

In exceptional cases it may be necessary to continue running an operating system for which the manufacturer no longer provides security updates. This is to be avoided wherever possible. Where it is absolutely necessary, steps should be taken to ensure that the device is configured as securely as possible and used only for its primary purpose.

Windows PC emulation

Widows PC emulators, even when running under other operating systems such as MacOS, have been infected with viruses. Where such emulated (or virtual) Windows PCs are connected to a University network they must be configured with updating antivirus software, receive operating system updates and have a software firewall enabled.

How to avoid problems

When correctly configured with the basic security measures described above, and actively maintained, personal computers are rarely compromised (i.e. infected with malware or hacked). These are some things that will greatly reduce the chance of problems:

  • Not routinely using the local administrator account, or a local or University IT account that is in a group that provides high privileges (e.g. under Window the local Administrators or Power Users group).
  • Not connecting USB memory sticks or drives that have not yet been scanned for virueses if the computer is logged into a privileged account. If infected they can automatically disable the antivirus software then install malware.
  • Not responding to scareware attacks, for example ones that pop up a message reporting that your computer is infected then take you to a rogue anti-spyware or anti-virus website.
  • Not installing dubious software that claims to give you faster Internet downloading. The chances are that it will not. However, all your internet activity may be rerouted through an organisation that spies on your activity with the intention of using the information for marketing or worse.
  • Not installing free screensaver software. You may be installing spyware, adware or worse.
  • Not agreeing to run scripts and programs downloaded from the Internet or sent in emails which are not well known and from a reputable supplier.
  • Not using cracked (illegal) software.

University Policy

This communication is based on the Information Security Policy document:
Network Management Policy (ISP-S12)

Share this page:

Request Information

To make a Data Subject Access Request, or a Freedom of Information Request, please contact IAS directly.

Data Protection Officer

The Data Protection Officer is:

Elisabeth Taoudi, Data Protection Officer and In-House Commercial Lawyer, University of Leicester, University Road, Leicester, LE1 7RH

0116 229 7640

et177@le.ac.uk