Security

Computing security at Thayer School is a huge topic, and we can't possibly cover everything here. If you have suggestions for additional topics, please let us know.

Antivirus & Anti-Spyware

The best way to combat malware and spyware is to avoid getting it in the first place. Be very careful about what you install on your computer - many "helpful" free software and utilities actually contain malware that will infect your computer. Often, malware will offer you free software it claims will rid your computer of spyware that ironically ends up being more malware. However, there are trusted antivirus and anti-spyware software options listed below:

Windows

All Windows computers attached to the Internet need up-to-date antivirus software.

All Staff, Faculty, and Lab computers managed by Thayer School are equipped with CrowdStrike Falcon enterprise antivirus. The solution is extremely lightweight and does not require interaction from the user for updates or virus scanning.

For staff and faculty that do work on a non-managed computer and are interested in the antivirus software, please email computing@thayer.dartmouth.edu

For students we are working on a solution to offer the software to you as well and will update this page with more information once available.

Stay up to date

Always make sure Windows is up to date. Type "Windows Update" into the Windows start menu to open the Update Control Panel and see if you need to run updates. Note: You need to be connected to the internet to update your machine,

Mac

If acceptable to your use case, always make sure you are running the latest version of MacOS

All Staff, Faculty, and Lab computers managed by Thayer School are equipped with CrowdStrike Falcon enterprise antivirus. The solution is extremely lightweight and does not require interaction from the user for updates or virus scanning.

For staff and faculty that do work on a non-managed computer and are interested in the antivirus software, please email computing@thayer.dartmouth.edu

For students we are working on a solution to offer the software to you as well and will update this page with more information once available.

What is CrowdStrike Falcon?

CrowdStrike is software that provides advanced antivirus and malware protection.  It protects users against cyberattack, monitors computers and systems for malicious behavior, and sends alerts to Dartmouth's security professionals to stop threats in real time.  CrowdStrike accelerates investigation and remediation and ensures stealthy attacks don't go undetected.

Who can use CrowdStrike?

  • At this stage of deployment, CrowdStrike is available to Dartmouth faculty, and staff.  CrowdStrike will be available to students in the near future.

How do I activate CrowdStrike on my Dartmouth-owned computer?

  • We will automatically activate CrowdStrike on Dartmouth-owned computers beginning on May 27, 2020.  This proactive hands-free activation is made possible through the Device Assurance Program (DAP).

How do I activate CrowdStrike on my non-Dartmouth owned work computer?

  • Instructions are coming soon for how to manually install CrowdStrike on your non-Dartmouth owned work computer.

Why is antivirus protection important?

  • Members of the Dartmouth community have access to valuable resources commonly targeted by attackers.  These resources include:
    • Professional contact information and communications
    • Intellectual property, proprietary data, and research data
    • Computing and data processing resources
  • Antivirus software protects users and the broader Dartmouth community from
    • Identity theft
    • Data theft
    • Fraud
    • Ransomware
    • Unwanted or malicious software
    • Malicious websites
    • Links in email
    • System and credential compromise
    • Interruption of business operations
  • Antivirus protection is required for all Dartmouth-owned devices and systems accessing Dartmouth data.
  • Antivirus protection is especially important when working remotely.

How will CrowdStrike be used?

  • We are committed to preserving the privacy of Dartmouth community members.
  • CrowdStrike will be used subject to Dartmouth's Information Technology Policy.
  • CrowdStrike will monitor Dartmouth computers and systems for unexpected or malicious behavior.
  • The software will automatically generate alerts.
  • Alerts will be monitored by Dartmouth's Security Personnel trained to respond to incidents.
  • Alerts and detections that require intervention will be communicated with end users.
  • Recurring malicious behavior will be automatically blocked for the greater Dartmouth community.
  • We will not use CrowdStrike to monitor the contents of your documents.
  • CrowdStrike will not automatically send your files to third parties.

Firewall

All Thayer School servers and lab computers are protected by firewall software. Your personal computer(s) should be too. For Windows computers, we recommend enabling the built-in Windows Firewall, or installing Symantec Endpoint Protection.

Passwords

Strong passwords matter. Using passwords with a combination of ten or more upper and lower cases characters, numbers and symbols are highly advisable. Protect your passwords and Please don't share them or write them down in easy to find places. See Managing Passwords and Password Rules and Recommendations for suggestions for strong passwords. Even stronger authentication is available for many Dartmouth systems if you use PKI certificates (Windows or Mac).

Phishing scams

Never send your user name and password in email! Hackers routinely send out scams claiming something bad will happen or you will miss an opportunity unless you send them your user name and password immediately. This sort of scam is called phishing, and the perpetrators definitely do not have your cyber-space well-being in mind.

Sophisticated scammers frequently send email that purports to be from your bank or credit card company, or other actual companies that you may do business with. These emails can look quite legitimate, using official logos and even providing phone numbers and contact information of the legitimate business. 

Good ways to identify a phishing attempt

  • Sender's email address: Do you recognize this address? Does the domain (the part after the @) look legitimate? i.e. @dartmouth.edu and not @ghkz.dartmouth.net or @dartmouth.com
  • Lots of grammatical mistakes and awkward sentences
  • Always check email subject
  • Requests personal details over links
  • No clear means of who to contact as an official message would have that
  • They are asking for your credentials via email (Dartmouth will never do this) 
  • Hover over to check links and attachments 
  • Urgency to take actions

Safelinks

Dartmouth now has Microsoft Safelinks turned on for all emails to your dartmouth.edu address. This means that Microsoft intercepts all links sent via email and replaces them with a "safelink" which will prevent you from visiting sites that Microsoft has marked as malicious. 

If you are blocked from going to a site that you know is safe, just wait ten minutes or so. It may be that Microsoft has not finished scanning the URL.  

Note: You can email: computing@thayer.dartmouth.edu  or visit M126 for questions or forward to phishing@dartmouth.edu if sure it’s phishing.

Locking your screen

Leaving your computer running and unlocked is a lot like leaving your car running and unlocked. Anyone who finds your computer in this state has access to whatever you have logged into. For example, they may read your email or send messages from your account, access your ThayerFS folders, or remote systems like research computers you have logged into etc.

Also, once you log into one system using WebAuth, your computer will automatically log in to other WebAuth-enabled applications. If you authenticated for the Thayer School directory, a hacker could then log into your Banner account, Canvas, Kronos etc..

Windows

To lock your screen on a Windows computer, simply press the Windows key (the one with the Windows logo picture on it) and the L key simultaneously. Your screen will lock immediately. You will have to type your password to unlock it.

In case you forget to lock your screen, we recommend setting your screen saver to require a password also. To configure this, go to  Start > Control Panel > Display > Screen Saver and make sure On resume, password protect is checked. You should also make sure the Wait: setting is relatively short (10 minutes or less). Too short will be annoying while you are paused in your work; too long will expose your computer that much longer if you forget to lock the screen.

Mac

New touchbar MacBooks have a screen lock shortcut key that you can add to the touchbar in System Preferences > Keyboard > Customize Control Strip ...

For older Macs, you can require a password to wake the computer from sleep or screen saver. Turn this setting on in  System Preferences > Security > Require password [immediately] after sleep or screen . You should then check the Screen Saver and Energy Saver settings to make sure the idle time until activation is set to a reasonably short period - 10 minutes or less. 

You can then force your computer to sleep with a keystroke -- either Control+Shift+Eject or Control+Shift+Power -- or by setting a Hot Corner in System Preferences > Desktop & Screen Saver > Screen Saver > Hot Corners ...

VPN

Dartmouth VPN provides a secure way to access Dartmouth's network from off campus.

Securing sensitive data

There are many types of data that may be sensitive (e.g. personal information, information protected by legal agreements, and information that would harm the institution if disclosed). See the Dartmouth Information Security Council's (DISC) guidelines on data security levels to understand what precautions you are responsible for taking. 

Serious security breaches happen all too frequently. For a list of breaches involving over 100 million records containing personal information, see https://www.privacyrights.org/data-breach. Please help us keep Thayer School and Dartmouth off this list and out of the news.

Encrypting data on local disk

Please see Creating a TrueCrypt Encrypted Disk Image for information on how to encrypt data on Windows or Linux. If you are a Macintosh user, see Create a disk image using Disk Utility on Mac.

If you need to provide sensitive information in electronic format to a 3rd party, the best method is to save the data as an encrypted PDF document.

Files on ThayerFS are safer

Your data will be significantly safer on ThayerFS or Kite Drive than on your local hard drive because

  • We have carefully secured the server and related systems. It is much harder to defeat ThayerFS security than the password protection on your laptop.
  • We make regular backups of ThayerFS. Google also maintains version history of every file on your Drive and the Drive itself. See ThayerFS Backups for backup retention policies and information about how to recover data from backups.

Backups

Backups are an excellent antidote for many security problems, but only if you have a recent backup. If your data is stored on ThayerFS, then it is backed up. See Thayer Backups for backup retention policies and information about how to recover data from backups.

If you data is not on ThayerFS (if it's on local disk, C:, D:, Desktop, My Documents, Documents, USB flash drive, external disk, etc.), it is only backed up if you or someone else in your group has done something explicit to back it up.

If you are wondering whether some particular data of yours needs to be backed up, consider what impact losing all of it tomorrow would have on your work. If the impact is more than an annoyance, then you need backups. You can lose data via hardware failure. Hard disks are just reliable enough to lull people into a false sense of security and then fail at some highly inconvenient time. You can also lose data from a security breach or even by inadvertently deleting it.

Thayer Computing Services strongly recommends that you store all your important work data on ThayerFS so we can automatically back it up for you. If this is impractical for some reason, please contact us so we can seek a reliable alternative.