Home » Service Catalogue » Information Security » Awareness » Healthy and Environmentally Friendly PC

Healthy and Environmentally Friendly PC

  1. How to protect your PC against computer viruses or malware?
  2. Avoid storing sensitive and personal data in unprotected devices, especially portable devices
  3. How to protect you computer accounts and passwords?
  4. Be careful of using public PCs

1. How to protect your PC against computer viruses or malware?

You must protect your PC vigilantly against computer viruses and malware including Trojan horses and spyware because they affect not only the operation of your PC but also the performance of the entire campus network and the Internet.  It is your responsibility to do the followings.

  1. Keep your personal firewall turned ON to protect your PC from security threats.
    To turn on Windows Firewall in Windows 7, refer to www.its.hku.hk/documentation/guide/personal/pc/virus/general/firewall-win7
  2. Perform Windows Critical Update whenever new Critical Update is available (usually in the middle of a month)
  3. Install anti-virus software on your PC and update your PC with the virus definition file daily, preferably immediately after your PC is started up (to get the latest virus definition).
    • Students can download ONE copy of Sophos anti-virus (SAV) software from HKU Portal (My Page > Campus Information Services > Central IT Services > Download Sophos Anti-Virus) and install it on a PC for work related to University studies during their stay at the University.
    • Staff who has acquired the Sophos Anti-Virus License through their departments can download a copy of the software for installation.
  1. Install anti-malware software on your PC and update it with the anti-malware definition file regularly. e.g.
    • Microsoft Windows Defender - it is part of Windows Vista, Windows 7 and Windows 8.
    • Spybot - Search & Destroy - it removes many kinds of malware.  However, it requires manual update of malware definition. (It can be run even if Microsoft Windows Defender is installed.)
       
  2. If your PC is infected with a virus, the virus may disable your PC from accessing anti-virus web sites and so you cannot update your PC with the latest virus definition file. You must use another PC to download the special removal tools and the latest virus definition files.  (see FA Q)
     
  3. Do NOT install peer-to-peer (P2P) software because P2P software may auto-download and redistribute other software without authorization and would infringe others' copyright and make your PC susceptible to network attacks such as port scanning, virus, Trojan horse or spyware.
     
  4. Do NOT open suspicious mail or attachment from unknown/suspicious source.
     
  5. Do NOT visit suspicious web sites or click on unknown web links.
     
  6. Always remember to switch off your PC when not in use for a prolonged period (e.g. when leaving office or home) to reduce the chance of your PC being attacked and if infected, to attack other computers or the network.  This also saves energy and is environmentally friendly by extending the life of the PC.

2. Avoid storing sensitive and personal data in unprotected devices, especially portable devices

Sensitive and personal data must be stored with password protection and better with encryption on computer and storage devices.

Portable storage devices, e.g. USB flash drives, are easily lost.  It could lead to a breach of information security if any sensitive and personal data is stored on them.   Please refer to Guidelines on electronic communications and storing personal data on portable storage devices, personally-owned computers and public cloud services for more details.


3. How to protect your computer accounts and passwords?

Here are some tips to protect your computer accounts and passwords from unauthorized use:

  1. Use a PIN/password of 10-18 characters include combinations of letters (upper and lower case) and digits.
    For example, think of a sentence which can be easily remembered. Take the first character of each word and make it a password, e.g. Happy birthday to you 2 Winnie the Pooh and Tigger becomes the password Hbty2WtPaT.
     
  2. Default passwords and passwords generated by others should be changed promptly.
     
  3. Change password periodically to prevent password aging (password may be spied on infected computers).
     
  4. Log off system after use in public places. (e.g. office, school, library, or cafe.)
     
  5. Don't share account with others.
     
  6. Don't disclose your user ID or password to others.
     
  7. Don't give away your user ID or password when completing an on-line form.
     
  8. Don't store your password in the browser, or leave it written around, in particular near the computer.
     
  9. Don't reuse old passwords when change of password is required.
     
  10. Avoid using easily guessed passwords or PIN such as names of places, a word from a dictionary, nickname, date of birth, phone numbers, car plate numbers, any string of digits, a person's name, drama/film character, brand of products, simple patterns of letters on keyboard, e.g. 'qwert', or a string of all the same letter.
     
  11. Change your password regularly.

4. Be careful of using public PCs

Avoid using public computers, and if really necessary:

  1. Avoid accessing personal and sensitive information through the public computers as your passwords and personal information may be revealed.
     
  2. Do not use the "remember your password" feature associated with some web sites or browsers.
     
  3. Beware of somebody standing nearby watching or even webcam installed to steal your account and password data.
     
  4. Clear all history, cookies, and temporary files of the Internet browser.
     
  5. Log off or even better shutdown the public computer after use.
     
  6. After use, consider changing your password at a trusted computer, e.g. your own computer.