Please review the guidelines below to ensure that your system is up-to-date and running securely.
Click here for Best Practices for Windows, Linux, and Solaris.
- Access to your account on any system by another party is prohibited
- Accounts are equivalent to signing your name on a tangible document
- Anything done with these accounts under your name is your responsibility and you may be liable for it
- Accounts setup for group use is prohibited
- All systems must run an antivirus and anti-spyware software package
- Make sure to budget to renew your antivirus definitions service on a yearly basis. Many programs come with one free year of upgrades, but you need to budget (usually < $15) to keep your antivirus upgrade access current
- Definition files should be checked on daily basis
- Inform systems administrators as soon as a malware has been detected
- Review security event logs on a regular basis
- It is useless to generate event logs if one is not going to monitor them
- Perform full backups weekly
- Store full backups off site in a secure location at least once per month
- Periodically test the backups for integrity
Business Resumption Plan
- Each college, school, or department should have a business resumption (continuity) plan (COOP)
- In case of a disaster, such as a hurricane, you need to have critical systems back online as quickly as possible
- Keep good inventory
- Administrators must take precautions when logging into workstations that have drive mappings to their servers. Many viruses will propagate using the mapped drive. If an administrator has full access to servers and logs in to a workstation that has a drive mapped to a server, and the workstation happens to be infected with a worm, it may infect the server as well.
- Administrators should use an account with limited permission to servers when troubleshooting a workstation or have the regular user login to the workstation
- All systems must have a firewall software installed and enabled
- Built-in firewall on Windows XP or Vista is sufficient
- Use IPfilters on UNIX systems
FTP, SSH, and Web Servers
- Disable anonymous FTP
- Disable version banners
- Set filters/wrappers based on IP addresses to deny access to unwanted hosts
- Run these services/applications with user permissions other than administrator or root
Install Latest Patches
- Install all vendor recommended service and security patches
- To accomplish this in an automated way for common operating systems, please check the Security Tools page
- Obtain current patches for your operating system from these websites:
- Modems on systems that are also attached to the UCF network are strictly prohibited
- Unmanaged or poorly managed desktop/server modems pose a risk to UCF
- Use strong passwords containing at least 6 to 8 random characters that are comprised of letters, numbers, and symbols.
- Strong passwords must be used on system accounts and, if necessary, additional passwords for applications containing sensitive or potentially sensitive data
- Never share passwords with anyone
- Change passwords at least every 60 days
SSH (Secure Shell)
- Use SSH instead of Telnet or rlogin
- Disable Telnet where possible
- A good program to use is PuTTY. Download it here.
To effectively investigate compromises or security incidents, it is necessary to have clocks synchronized to a common system (NTP – Network Time Protocol).