University Systems help centre
Secure your Mac desktop
Whole Disk Encryption
In order to help mitigate risks to information associated with physical loss or theft, your desktop hard drive can be encrypted to prevent unauthorized access to information. In the event that your desktop is stolen, Whole Disk Encryption will prevent an unauthorized third party from accessing the contents of your laptop. If someone tries to break into your system to retrieve files, they will not be able to access your computer without your passphrase.
Whole Disk Encryption is centrally supported by University Systems and provides benefits such as encrypting an entire hard disk (including operation system, applications, and data), central management, policy enforcement, encryption key management, and recovery.
Limit local data storage
Work computers are often used to store sensitive work documents. Whole Disk Encryption can help to mitigate the risk of unauthorized access to these files in the event the desktop is stolen. Reducing or eliminating the storage of documents on your desktop further reduces the chance that university data is exposed.
Ideally, no sensitive documents or data should be stored on your computer. Instead, you may be able to view this information as needed through the Internet (i.e. viewing your class list using FAST as opposed to saving your class list in a file on your desktop). If a document is stored on your computer, it should be deleted when it is no longer required or moved to a more secure storage medium like UVic network and/or TSM storage.
Physically secure your desktop
Never leave your desktop in an area that's not secure. Locking your office door when you are not present will also reduce the risk of computer theft.
Restrict user login access
Only authorized users should be able to login to your computer. Your desktop should require a username and password upon start up. Additionally, your computer should be set to lock automatically after a period of inactivity and require a password to log back in. Reduce the number of potential users on your computer by removing old accounts from former employees or past users.
If you use your NetLink ID and password to login to your computer, ensure that only authorized users in your department—and not everyone with a NetLink ID—can login. Contact the Computer Help Desk or your Desktop Support Services Analyst for assistance with your computer's login and account settings.
Secure your network traffic
Talk to your Desktop Support Services Analyst or the Computer Help Desk for your department's access control list (ACL). An ACL, with respect to a computer file system, is a list of permissions attached to a computer file system object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.
Secure access to network storage at UVic
UVic Individual Temp is a secure network storage space that is available to all UVic students, faculty, and staff. All of the workstations in UVic's computing facilities have UVic Individual Temp mounted, but you can also connect to it from your home computer. Instructions for connecting to UVic Individual Temp are available on our help centre. Please note that you will need to connect to the VPN client; Cisco VPN software is free to members of the university but must be authenticated with a valid NetLink ID and password.
Your department may also have a file share that is hosted by University Systems. For more information on this network storage location, contact your Desktop Support Services Analyst or the Computer Help Desk.
Install protective software
Symantec Endpoint Protection is recommended for all PC desktops. This software includes antivirus protection, real time threat protection, network threat protection, and a network firewall. This software should be installed and regularly updated to ensure that your desktop is less vulnerable to these threats. Symantec Endpoint Protection can be obtained from the Technology Solutions Centre.
Use firewall software
The application firewall in Mac OS can be enabled to enhance the network protection available on your Mac. Apple provides configuration instructions for Mac OS 10.5, 10.6, and 10.7.
Backup your data securely
The Tivoli Storage Manager (TSM) system is backup and recovery software designed to protect faculty and staff computers from data loss. Desktop users can utilize TSM to perform automated or manual backups to a secure server and then, if necessary, retrieve those files later.