Much of our personal information is stored in computers, in both our homes and our workplaces. In this episode, we learn what we can do to keep our computers and the information stored within them safe.
Guests
Mark Rotenberg
Mark Rotenberg
Mark Rotenberg currently is General Counsel of the University of Minnesota. Prior to becoming General Counsel in 1992, Mr. Rotenberg was a partner in the Minneapolis law firm of Dorsey and Whitney, served as an attorney in the Justice Departments office of Legal counsel in Washington DC and was law clerk to U.S. Appeals court judge Patricia M. Wald in Washington DC. Mr. Rotenberg received his undergraduate degree from Brandis University, and holds M.A., M.Phil and J.D degrees from Columbia University.
Ken Hanna
Ken Hanna
Ken Hanna is the Director of Security and Assurance for the University of Minnesota's Office of Information Technology. Ken is director of Security and Assurance not only for the Twin Cities campus, but for the Crookston, Morris and Duluth campuses and all their various computer systems as well.
On any given day there are tens of thousands of people inside and outside the University using computers, the campus networks, and the Internet to do their work. Ken's challenge is to assure that those people can do their work while still protecting the resources of the University.
Tracy Smith
Tracy Smith
Tracy Smith has served as Associate General Counsel since 1994. Tracy practices primarily in litigation and provides advice on data practices matters. Prior to coming to the Office of the General Counsel, she served as law clerk to Judge Max Rosenn, United States Court of Appeals for the Third Circuit. Tracy was also an Assistant Attorney General for the State of Minnesota. She is a cum laude graduate of Georgetown University and received her law degree magna cum laude from the University of Minnesota in 1988, where she was articles editor of the Minnesota Law Review and a member of the Order of the Coif.
For Your Files
University General Council, Mark Rotenburg, suggested ways to negate identity theft. The real answer to identity theft is preventive measures. Not putting out there too much information about yourself. Generaly, you are not responsible for damage that is done if someone steals your identity. The law blames or holds accountable the actor who engages in the misconduct.
To keep your computer secure, Ken Hanna suggested:
- back up your files
- install anti-virus programs
- turn off your computer when not in use
- use firewalls
"[A firewall] of shuts off some of the ports in the machine. There are about 65,000 entry points into the machine in the software and it shuts off some of those things that you don’t use. So what it does is just sort of screen off some of the material coming into your machine that is probably not good."
Ken also described some of the elements of a safe and secure password:
"Make sure that you use complex passwords. By that I mean, passwords that have numbers, they have letters and if the system allows, even special characters such as a question mark or any of the ones in the upper row of the keyboard."
And attorney Tracy Smith said that if you use your computer at work, remember this:
"Employers who provide the computer system to their employees for their use can access either the email or can intercept the email if they choose to do so. That’s an exception that is under the electronic communications privacy act. They can also, of course, access the information with the consent of the employees and if an employer has a policy that gives employees notice that they’re going to be monitoring their email, and the employees continue to use the email, the employees are deemed to have consented to that because they know about it. So, employers can, without violating statutory law, pretty much, monitor their employee’s electronic communications. "
We've got one more reminder which is particularly topical in light of the mid-August outbreak of the Blaster and Welchia worms, as well as the Sobig virus. As Ken said, have a good, up-to-date anti-virus program, and make sure to check for critical updates to your Windows or Macintosh operating system. Blaster and Welchia, which infected hundreds of thousands of computers worldwide and slowed networks to a crawl, both took advantage of security bugs in Windows. Microsoft actually released a patch for the bug that Blaster used weeks in advance of the worm's outbreak. Folks who, as Ken suggests, were checking for updates every few weeks should have had ample time to protect themselves from this time-draining worm. All the major anti-virus software companies had fixes shortly after the worms' releases. And running a firewall also provided some protection from both of these worms.
SoBig was slightly different--masquerading as a benign email attachment, this virus spread itself in a method similar to the Melissa and Lovebug viruses of a few years ago. The For-Your-Files message with this one is once again, be super cautious of attachments, and update your anti-virus program at least weekly, and right away if you hear of something going around in the news.
Firewall
Software that turns off ports on a computer and filters the information
going to and coming from the Internet.
HTTPS
On secure pages, you will see "https" at the beginning
of the Web site's address instead of "http."
Patches
Small programs that are downloaded to fix security bugs in your
computer's operating system.