Security Solutions and Tips
Vulnerability Assessments, Vigilance, and Diligence
OIT routinely runs assessments on the servers that support the services used by the administrative and academic units at American University. The assessment tools look for and report on vulnerabilities and weaknesses that could pose risk of exploitation by malicious attacks. In addition to the network assessments, we subscribe to ongoing application security assessments to monitor and report on weaknesses in our Web-based applications.
Computer Health Check
American University uses network access control (NAC) as an approach for enforcing a baseline minimum-security standard for all workstations connecting to the University network, both wired and wireless. The solution currently used is Impulse's SafeConnect.
Connecting Securely from your Remote Computer
OIT provides a web-based Virtual Private Network (VPN) service for protecting your connection from a remote system to university services.
Are you interested in performing your own health assessment? Microsoft offers a free PC Safety Scan for Windows-based computers.
Visit Apple's OS X website to review all of the built-in security features.
Secure Data Removal
OIT strongly recommends secure data removal, when you are donating your computer to an organization, transferring a computer from one employee to another, or when sensitive data has been handled to ensure the sensitive data has been virtually shredded (the trash or recycle bin does not completely remove the data). There are several for fee and for free tools to assist users with securely removing data from their computers. Our recommendations are available on the Protecting Sensitive Data page.
Creating Strong Passwords
Now days, we all have to juggle five, ten, maybe more passwords. Follow our recommendations on the Managing Your Passwords page to learn how to create a strong, memorable password in three simple steps.
SPAM , Virus, or Urban Legend?
Has someone forwarded you an e-mail that looks suspicious or warns you of a virus or spam that is making the rounds? Before you forward the e-mail to all of your friends, you may want to perform a quick check on Snopes, Urban Legend website. It is a fantastic resource that collects information about the plethora of hoaxes floating around the Internet. Just cut and paste the subject of the e-mail into the search engine. Of course, you can always contact the IT Help Desk at 202-885-2550, firstname.lastname@example.org, or AskAmericanUHelp to help you with your concerns.
Developing Secure Code for Web Applications
Consider joining the Open Web Application Security Project (OWASP). The project is a world-wide free and open community focused on improving the security of application software. Their mission is to make application security "visible", so that people and organizations can make informed decisions about application security risks.