University Systems help centre

Return to top of page.
Return to primary navigation.
Skip to secondary navigation.

Secure your PC desktop

PC desktop

Considerations

Whole Disk Encryption

In order to help mitigate risks to information associated with physical loss or theft, your desktop hard drive can be encrypted to prevent unauthorized access to information. In the event that your desktop is stolen, Whole Disk Encryption will prevent an unauthorized third party from accessing the contents of your hard drive. If someone tries to break into your system to retrieve files, they will not be able to access your computer without your passphrase.

Whole Disk Encryption is centrally supported by University Systems and provides benefits such as encrypting an entire hard disk (including operation system, applications, and data), central management, policy enforcement, encryption key management, and recovery.

Additional information on Whole Disk Encryption is available on the University Systems service catalogue. This software can be obtained from the Technology Solutions Centre.

Limit local data storage

Work computers are often used to store sensitive work documents. Whole Disk Encryption can help to mitigate the risk of unauthorized access to these files in the event the desktop is stolen. Reducing or eliminating the storage of documents on your desktop further reduces the chance that university data is exposed.

Ideally, no sensitive documents or data should be stored on your computer. Instead, you may be able to view this needed information as needed (i.e. viewing your class list using FAST as opposed to saving your class list in a file on your desktop). If a document is stored on your computer, it should be deleted when it is no longer required or moved to a more secure storage medium like UVic network and/or TSM storage.

Physically secure your desktop

Never leave your desktop in an area that's not secure. Locking your office door when you are not present will also reduce the risk of computer theft.

Restrict user login access

Only authorized users should be able to login to your computer. Reduce the number of potential users on your computer by removing old accounts from former employees or past users. Ensure that your laptop is set to lock after 15 minutes of inactivity and prompt for a username and password to unlock. This will reduce the risk of an unauthorized user from easily accessing your laptop in the event that physical access is achieved.

If you use your NetLink ID and password to login to your computer, ensure that only authorized users in your department—and not everyone with a NetLink ID—can login.

Secure your network traffic

Talk to your Department Support Personnel or the Computer Help Desk for your department's access control list (ACL). An ACL, with respect to a computer file system, is a list of permissions attached to a computer file system object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.

Secure access to network storage at UVic

UVic Individual Temp is a secure network storage space that is available to all UVic students, faculty, and staff. All of the Windows workstations in UVic's computing facilities already have UVic Individual Temp mounted, but you can also connect to it from your personal laptop. For instructions on mapping UVic Individual Temp, visit our help centre. Please note that you will need to connect to the VPN client; connecting through the VPN client will ensure that the information being communicated is encrypted and secure.

Your department may also have a file share that is hosted by University Systems. For more information on this network storage location, contact your Desktop Support Services Analyst or the Computer Help Desk.

Install protective software

Symantec Endpoint Protection is recommended for all PC desktops. This software includes antivirus protection, real time threat protection, network threat protection, and a network firewall. This software should be installed and regularly updated to ensure that your desktop is less vulnerable to these threats. Symantec Endpoint Protection can be obtained from the Technology Solutions Centre.

Use firewall software

The recommended security suite for UVic desktops, Symantec Endpoint Protection, includes network threat protection and a local firewall.

Backup your data securely

The Tivoli Storage Manager (TSM) system is backup and recovery software designed to protect faculty and staff computers from data loss. Desktop users can utilize TSM to perform automated or manual backups to a secure server and then, if necessary, retrieve those files later.