IT Security: Suggestions & Solutions

by Chuck Braden

Howdy Extension colleagues. As the new Information Security Officer, I have the primary responsibility of ensuring that adequate security is implemented for Extension IT resources. However, I feel my responsibilities also extend to ensuring that the IT resources you use frequently are accessible and meet your needs without unnecessary inconvenience. Having served predominately in the Helpdesk/user services area of IT for most of my career, I place a large amount of importance on the operational aspects of IT services. For that reason, I feel finding solutions that meet your needs are more likely to be successful as opposed to a large number of rules and policies. The primary way I intend to accomplish this is to offer you suggestions and processes that will accomplish the security requirements but not place undue hardship on you. I will try to start with some of the more general solutions that are intended to help improve security. To many, these might be common knowledge. However considering how many organizations have had problems because they did not use some very common solutions (many of them documented here - http://www.privacyrights.org/ar/ChronDataBreaches.htm), we can not take much for granted. Some initial suggestions include:

Lock your Windows desktop when you are not at your computer. I suggest you have an automatic option set for your screen saver to lock the desktop at no more than 10 minutes of inactivity.

Change your windows password frequently. It should be updated at intervals of no more than 180 days. If you login to the Novell Netware server, you can set windows to use the same password for your windows logon ID. Just select the option to synchronize the password at the next successful logon.

Keep your laptop or portable computer system locked away and out of direct sight when you are not using it.If you are transporting the laptop, keep it locked in your trunk of your car. If you are traveling on business, keep it locked in a hotel safe if possible.

Use a shredder for any printed documents that contain personal information (you should also do this with your personal mail). Even content that has the full name and address of individuals can be used by resourceful individuals.

Don't open email attachments from a sender you do not know, or were not expecting even from senders you know. It is possible that the computer someone else uses has been infected with a virus and they did not ACTUALLY send the attachment. For that reason, you should have had some prior exchange (via phone or email) with the individual who is sending you an attachment. If you do know the individual, you should at least save the file and scan it with an anti-virus product before you view it.

Use something other than Internet Explorer for viewing web pages. Firefox (http://www.mozilla.com/en-US/firefox/) is a very common web client and it is much more resistant to some of the vulnerabilities of Internet Explorer. When you get a new computer, I suggest the very first action you take is to download and install Firefox. · Use caution on the web sites you visit. Some sites that are not associated with TAMU could infect your system with Adware or spyware. To ensure that no Adware/spyware is present on your computer, you might want to run a spyware detector. Ask one of the Regional Information Technologists for help doing this.

Make sure Windows automatic updates is enabled. This applies to Windows XP only - older versions of Windows require manual checking to see if any updates/patches have been made available.

Keep your anti-virus products updated and run a complete system scan weekly.

If you have any questions or suggestions, don't hesitate to contact me at 979-862-7254 or jcbraden@ag.tamu.edu. I am new to Extension and I certainly appreciate any help you can give me to better understand how you work.

Centra Central

Apr. 13 – Customer Service (Susanna Coppernoll)

Apr. 20 – Networking & Team Building (Susanna Coppernoll)

May 04 – Agency Identity (Elizabeth Gregory)

Enroll or browse upcoming events or learn more about Centra by clicking the Centra Symposium link from the EIT webpage or going directly to http://eit.tamu.edu/centra.html. Playback any of the 250+ recorded sessions from the Public Recordings link at http://centra.tamu.edu/main/tce. For more information, go to http://eit.tamu.edu/Centra/frionline0607.pdf.

Web Tips – Centra Blog

by Jennifer Jahedkar

Did you know that there is a blog dedicated to all things Centra? There is! With archives going back to January 2005, there’s not much that hasn’t been covered. The great thing is that there is more than just the expected “how to use Centra” entries. Information on current Centra issues, new versions of Centra, and tips to help organize your Centra events are all in there. Are you curious about how to use evaluations? There’s an entry about that. Interested in using Flash, video clips, or other multi-media in your event? There’s an entry about that too. Wondering why you’re having problems with Centra after you upgraded to Internet Explorer 7? You guessed – there’s an entry about that as well. And attention Mac users, now you can get in on the Centra fun! The entry on February 20, 2007 announces that the new version of Centra is compatible with Mac computers. Exciting! Go to http://eit.tamu.edu/Centra/Centramenu.html read up on these and other informative entries.

The great thing about a blog is that it’s very casual in its approach to topics. It’s written in “everyday” language – and is easy to understand. And – you can contribute! Let’s say you read an entry and you have a tip or suggestion that relates to it. All you have to do is comment on that entry and then it’s available to everyone else who reads the blog. What a great way to share tips that have helped you in your Centra experience. Which brings us to this month’s “contest”. Be one of the first 5 people to add a comment to any entry in the Centra blog and win a prize. Comments are time-stamped and that’s how we will determine our winners. Congratulations to last month’s winners in our “fun link” drawing! Monti Vandiver, Scotty Draper, and Sara Allen each received a 1GB flash drive.

So, check out the helpful information in the Centra blog, add your comment, and make this a win-win situation for everyone!

Have a web tip you’d like share? Send it to ajhughson@ag.tamu.edu! Please be aware that if a tip doesn’t make it in right away, we’ll save it for future use.

Helpful Links

Possible URLs to link from your Websites this Month:

FCS – FamilyEducation – http://www.familyeducation.com/home/
AG and Natural Resource – AgMania! - http://www.ca.uky.edu/agripedia/Agmania/
4H – Support for IL 4-H Project (good ideas for curriculum support) - http://www.4-h.uiuc.edu/projects/onlineref.html

Other useful links:

EIT Learning Resources: http://eit.tamu.edu/resources.html
EIT Tech Ops Blog: http://tceblogs.tamu.edu/wtexas/
Brazos Valley Adobe-Macromedia Users Group : http://bvamug.tamu.edu
Brazos Valley Web Guild: http://groups.yahoo.com/group/bvweb/

Tip of the Month: New Security Patch Side Effects & The Solution

by Greg Thomas

Patching and updating computer software is a fact of life. Without this, computers and entire networks are left vulnerable to mischief and ruin. If it were only one workstation at risk, those who neglect the process could be left to their own folly and embarrassment. The awful truth is, though, that one computer left unpatched exposes the entire network. That may mean all the computers in your office, or all of the courthouse, or even the entire county network. When viruses, spyware or attacks from within the network occur, tracking the problem back to it=s entry point C a negligent user and an unpatched computer C is among the first jobs that network managers pursue.

The good news, for Extension folks, is that most computers in our organization are configured to retrieve software patches automatically on a set schedule. Even anti-virus and anti-spyware software is managed to self-maintain with little intervention needed from the user. This approach to workstation management has substantially reduced the number of intrusion related problems that occur across the state. However, another fact of life says that “nothing is perfect.” One recent example of the flaw in automation occurred during the first week of April when Microsoft issued an emergency patch to all Windows operating systems. This patch was intended to correct a critical vulnerability related to animated cursors. Sometimes, when efforts are made to fix one problem, the solution brings with it unwanted side effects that cause other problems. Such was the case in this situation. It seems that in fixing the cursor problem, many computer sound and audio systems suddenly stopped working. This affected only computers using sound circuitry manufactured by RealTek. What this means, in practical terms, is that a majority of computers were affected and most of us will encounter the problem at some point in the near term. According to industry reports, Microsoft was aware of this issue prior to releasing the cursor patch and quickly issued a subsequent fix for the problem of corrupted sound systems. To identify this problem on your computer, watch for an error message that may closely resemble:

The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:\Windows\System32\Hhctrl.ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL."

If you discover that this situation applies to you, here are the steps you’ll need to follow to fix this:

A patch to fix this problem can be found at http://support.microsoft.com/kb/935448/
Download the file to your computer desktop
Install it by double-clicking on the file icon (the file can be saved onto CD or flash/thumb/pen drive to make it available to other users)

As always, contact any of the friendly folks at EIT for more information or assistance with obtaining and installing this solution.