Guard Your Laptop
Some of the terms used in discussing laptop security are defined below:
Programs to detect and remove computer viruses. The simplest anti-virus programs scan executable files and boot blocks for a list of known viruses. Others are constantly active, attempting to detect the actions of general classes of viruses. Anti-virus software should always include a regular update service that downloads the latest virus definitions and “inoculations.”
In addition to those items listed in the Personal Information definition below: examples of confidential information include the following: financial records, student educational records, physical description, home address, home phone number, grades, ethnicity, gender, employment history, performance evaluations, disciplinary action plans, or NCAA standings. Confidential information must be interpreted in combination with all information contained on the computer to determine whether a violation has occurred.
Dynamic Host Configuration Protocol (DHCP)
A protocol for assigning dynamic IP addresses to devices on a network.
A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks, especially intranets, connected to the Internet. When a firewall is “up” (i.e., active), it examines all messages passing through it (i.e., entering or leaving a private network), and blocks those that do not meet the specified security criteria.
Internet Message Access Protocol (IMAP)
A protocol for retrieving e-mail messages. IMAP 4 is similar to pop3 but supports some additional features.
A cable secured to the laptop and an immovable object, so used to prevent the theft of the laptop. Generally use combination locks.
Media Access Control (MAC) Address Control
A MAC address is a unique identification serial number (also known as the physical address, Ethernet address, adaptor address, or hardware address) on a computer’s network card that identifies this computer on a network. When MAC addresses are registered on the computer’s wireless card, that computer should only “talk” to those registered to it. Using MAC address control is not a guarantee of full security because MAC addresses can be copied (i.e., “spoofed”). However, it does make it more difficult for others to make unauthorized access.
A device that forwards data packets along networks. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP’s network. Routers are located at gateways, the places where two or more networks connect.
Operating System (OS)
Software designed to control hardware of a specific data-processing system in order to allow users and applications to make use of it.
Personal Information as Defined by California SB 1386 and AB 1298
An individual’s first name or first initial and last name in combination with any one or more of the following data elements:
- Social Security number
- Driver’s license or California Identification Card number
- Account number, or credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account
- Medical information (i.e., any information regarding an individual’s medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional)
- Health insurance information (i.e., an individual’s health insurance policy number or subscriber identification number, any unique identifier used by a health insurer to identify the individual, or any information in an individual’s application and claims history, including any appeals records)
Information that an individual or entity possesses, owns, or holds exclusive rights to. Examples include: white papers; research papers; business continuity and other business operating plans; e-mail messages; vitae; letters; confidential business documents; participants of an organization, class, or group; detailed building drawings; network architecture diagrams; etc. Proprietary information, if lost or stolen, could compromise, disclose, or interrupt operations or embarrass the individual or the university.
Secure Shell (SSH)
A program used to log into another computer over a network. SSH provides strong authentication and secure communications over insecure channels.
Secure Sockets Layer (SSL)
A protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a private key to encrypt data that’s transferred over the SSL connection. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain sensitive information such as credit card numbers. By convention URLs that require an SSL connection start with “https” instead of “http.”
Unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained on it.
Service Set Identifier (SSID)
The wireless network name. A 32-character unique identifier attached to the header of packets sent over a wireless LAN. SSIDs act as a password when a mobile device tries to connect to a 802.11b network. The SSID differentiates one wireless LAN from another. All access points and devices attempting to connect to a specific wireless LAN must use the same SSID. An SSID does not provide any security to the network.
Virtual Private Network (VPN)
VPNs use encryption to provide a secure connection through an otherwise insecure network, typically the internet. VPNs are cheaper than a real private network using private lines. The encryption may be performed by a firewall or a router.
Wired Equivalent Privacy (WEP)
A security protocol for wireless local area networks. WEP is designed to provide the same level of security as that of a wired LAN, providing security to protect transmitted data by encrypting it over radio waves. WEP has been proven insecure and can be cracked in minutes with tools from the internet.
Wireless Access Point (WAP)
Distinctively configured nodes on wireless local area networks (WLANs) that act as central transmitters and receivers of WLAN radio signals.
Wi-fi Protected Access (WPA)
A Wi-Fi standard designed to improve upon the security features of WEP.
Wi-fi Protected Access version 2 (WPA2)
A Wi-Fi standard designed to improve upon the security features of WPA with the use of the Advanced Encryption Standard (AES) for encryption.