ECE Lead

You are here:

Network security

Security Overview

Netsafe provides detailed information about on-line safety for ECE Services.

Being able to connect to the internet has changed the way we work and communicate. But communication means exchanging information and the fact that “we can see them” means that “others can see us”. We need to protect our computers in the same way we protect our homes, by preventing free access and by securing and insuring its contents. The “contents” of our computer systems are both valuable and very sensitive, being personal information about children, families, and educators, and business records.

Firewall/Router

No computer should be connected directly to the internet without a software Firewall in place.  Windows XP and Mac OS X have built-in Firewalls. Earlier operating systems will require a software firewall to be installed separately. Firewalls block communication from other, potentially dangerous, computers connected to the network and may protect against worms; they do not offer protection against viruses and spyware.

When connecting to the internet through a private network with a shared internet connection, a firewall, generally combined with a router, shall be installed on the shared internet connection. The Firewall/Router combination provides a powerful barrier to unwanted internet invaders and can help to prevent participation in attacks on others without your knowledge.

A router acts as an agent between the internet (public network) and a local (private) network by providing network address translation (NAT) which means that only a single, unique IP address (provided by the ISP) is required to represent an entire group of computers. NAT acts as a firewall by hiding internal IP addresses.

There is generally no need to use a firewall on connections to SOHO networks unless the firewall can be configured to open ports only for the SOHO network.  On SOHO internet connections, a firewall can be used only on the computer or the other device, such as a router, that provides the internet connection. That is to say, if connection to the internet is through a private network that uses connection sharing to provide internet access to multiple computers, a firewall should be installed or enabled on the shared internet connection.

Anti-virus Software

ECE Service Supervisors shall ensure every computer used by the Service runs and keeps up to date reputable antivirus software. Antivirus software is essential to protect computers from malicious software downloaded from the internet. Viruses install themselves on a computer without the user’s knowledge, are hard to detect, and attempt to replicate themselves to other computers across the internet. Viruses may cause the computer to crash, to corrupt files, or to expose private information to attackers.  Antivirus software must be updated often to detect and neutralise the new viruses that are released every day.

Antispyware Software

Spyware is malicious software that can reconfigure computer settings to secretly collect information about browsing habits and report back to marketing companies, insert extra advertisements in Web pages, steal passwords or perform other unwanted tasks undetected. Typically, spyware installs itself without permission, remains hidden and, even though it is a program, may not appear in the Add/Remove Programs list.

ECE Service Supervisors shall ensure every computer used by the Service uses antispyware software to prevent spyware from being installed, and to remove any existing spyware. Antispyware software searches computers for signs that spyware is installed and then gives the option of uninstalling it. Because new spyware is produced constantly, new spyware definitions are constantly being created and distributed to find and remove it. A number of free antispyware programmes are available for download.

Microsoft Windows Defender is available to Windows XP users for download at no cost. Windows Defender downloads new updates automatically to protect computers from newly-released spyware.

MacScan antispyware from SecureMac and other antispyware security programmes are available for download for Mac OS X systems.  There are licence fees for most downloads.

Passwords

ECE Service Supervisors shall ensure that passwords used to secure business data are strong passwords and that they are changed regularly and kept secret.

Strong passwords are:

  • at least eight characters long,
  • include both upper- and lower-case letters, and
  • include numerals (123…) and symbols (#$%…)

Operating System and Applications

Malicious software writers are constantly searching for vulnerabilities in operating systems and application software for ways to infiltrate and compromise computers. Software developers regularly develop and distribute software updates to counter such attacks.

ECE Service Supervisors shall ensure every computer used by the Service has the latest updates of the current software installed.  Most updating can be performed automatically using the internet.  Both Microsoft and Apple provide free automatic update services.

 

Last updated: 7 July 2009