Securing Non University Owned Windows Computers
Regular Microsoft security updates (known as 'patches') are essential in protecting a Windows system. To check this feature is enabled:
- Click 'Start', 'Control Panel'
- Double click the 'Windows Update' icon
- From the left hand side of the resulting dialog box click 'Change Settings'
- Ensure the 'Install updates automatically (recommended)' option is selected.
Select one of the following two options from the automatic updates dialog box..
- Select the ‘'Install updates automatically (recommended)'
option to have patches automatically downloaded and automatically installed, or, if automatic installation may prove inconvenient,
- Select 'Download updates, but let me choose whether to install them'
which will automatically download the patches, then prompt to install them manually.
Use a Firewall
A firewall is a product designed to act as a barrier between your computer and the internet in an attempt to protect your computer (and the data it contains) from unauthorised or unsolicited malicious attacks. Firewalls are available as either a software program that runs on your computer, or as an additional hardware device.
A software firewall product, such as the built in Windows Vista firewall or any number of dedicated software firewall products available, should be regarded as the absolute minimum protection for a Windows Vista system.
A separate, dedicated hardware firewall product is regarded as offering superior protection to the software equivalent. Information Services recommend the use of a hardware firewall product for all broadband home users. The exact type of hardware firewall product required will depend on your internet connection type (e.g. DSL or ADSL). Frequently, the hardware firewall will include multiple components - the firewall (to protect your system), a modem (which will replace the modem you currently use) and a router (allowing multiple systems to be connected to the single internet connection). Increasingly popular are wireless hardware firewall routers, allowing secure wireless connections from multiple computers to a single broadband connection. Your internet service provider or local computing retailer will be able to advise on the best hardware firewall for your system.
As an absolute minimum, ensure Windows Vista firewall is enabled...
- Click 'Start', 'Control Panel'
- Double click the 'Windows Firewall' option
- From the resulting dialog box, ensure the firewall is turned on
Cardiff University staff and students are now able to take advantage of our Sophos licence. Each member of staff or student will be issued with one licence.
A valid Cardiff University Username and password is required to download the software from off campus
To install Sophos on a stand alone workstation download the file from https://antivirus.cf.ac.uk/SophosHome.exe.
- Uninstall all old antivirus software. This is very important.You may need to download the removal tool from your old antivirus software vendor's website. (For example: If you had Kaspersky installed go to the Kaspersky website and download and run the Kaspersky removal tool. If you had Norton 360 visit the Norton website and download and run the Norton removal tool.
- Reboot your computer
- Double click SophosHome.exe to install Sophos. This process may ask for confirmation in windows vista or windows 7. The installer is silent so please leave the computer a few mins before looking for a grey or blue shield in the task bar. The grey shield tells you that it is installing and a blue shield tells you that the process is complete. Once you have the blue shield then you can reboot.
A version of Sophos with a long update cycle (6 hours) can be downloaded here . This version should only be used when the scanning of large drives is needed.
Important note: This software reports back to INSRV with statistical data. Information gathered does not report users or usernames, only computer name and local ip address. This data cannot be traced back to an individual user. This data helps us spot trends and helps with user education strategies
Securing the system
Regular Microsoft security updates (known as 'patches') are essential in protecting a Windows system. Windows 95/98/ME/NT/2000/XP systems are now un-supported by Microsoft and updated security patches are now unavailable.
All Windows 95/98/ME/NT/2000/XP systems are now extremely vulnerable to virus and/or hacker attack, cannot be adequately secured, and should be upgraded as a matter of some urgency.
Please note: Without Microsoft security patches, should a worm type virus arrive on campus, these systems may be left inoperable and un-repairable. To protect the campus network, Windows 95/98/ME/NT/2000/XP systems suspected of being infected with a virus will be disconnected from the network without warning.