For a better experience, click the Compatibility Mode icon above to turn off Compatibility Mode, which is only for viewing older websites.

Security Best Practices


Passwords

Drexel University Password Policy

  • All system-level passwords (e.g., root, enable, NT admin, application administration accounts, etc.) must be changed every 30 days.
  • All user-level passwords (e.g., email, web, desktop computer, etc.) must be changed at least every 63 days.
  • User accounts that have system-level privileges granted through group memberships or programs such as "sudo" must have a unique password from all other accounts held by that user.
  • Passwords must not be inserted into email messages or other forms of electronic communication.

Guidelines for secure passwords.

Weak passwords have the following characteristics

  • The password contains fewer than six characters
  • The password is a word found in a dictionary (English or foreign)
  • The password is a common usage word such as: names of people, things, pets; computer terms and names; organization, place or event names; birthdays and personal information and word or number patterns.

Strong passwords have the following characteristics

  • Contain both upper and lower case characters (e.g., a-z, A-Z)
  • Have digits and punctuation characters as well as letters e.g., 0-9, !@#$%^&*()_+|~-=\`{}[]:;'><?,./)
  • Are at least seven alphanumeric characters long.
  • Are not a word in any language, slang, dialect, jargon, etc.
  • Are not based on personal information, names of family, etc.

TOP


Accounts

You are the first line of defense against account compromise.

  • Practice strong password management.
  • Never share your password.
  • Log out of public workstations before departing.
  • Beware of "Phishing" scams. Drexel will never request your account information via email.
  • Change your password immediately and contact accounts@drexel.edu if you suspect your account has been compromised.

TOP


Operating System Updates

Protect your computer from remote compromise by regularly applying critical OS patches.

Microsoft Windows Update

Critical Updates: Manual Windows

  • Windows Update is included in the Windows Control panel.
  • Click on Start and go to Control panel; then click Windows Update or Click Start, click All Programs, and then choose Windows Update.
  • Click on Check for Updates. If a box comes up asking you to trust Microsoft, then click Yes.
  • Click on Review and install updates.
  • Click Install Now to install the selected updates.
  • Click Accept to any windows that come up.
  • When they are finished, click OK to restart the computer.
  • After the machine reboots, repeat steps 1 through 6 until there are no more critical updates left.

Critical Updates: Automatic Windows

  • Click on Start and go to Control Panel the open Windows Update.
  • Click on Change Settings link.
  • In the drop down box under Important updates, select Install updates automatically.
  • Select the installation frequency and time, such as Every day at 3:00 AM.
  • Place a check mark in Recommended Updates, Who can install updates, and Microsoft Updates for other Microsoft products.

Software Updates - Manual Mac OS X

  • Click the Apple menu, then Software Update...
  • Wait for the list of available updates to appear
  • Anything that said "Security Update" or "Mac OS X Update" should be selected; if it isn't, then click the checkbox to select it
  • Click the Install button near the bottom right corner
  • You'll be prompted to enter your password (this is the one you set when you first set up your Mac or installed OS X)
  • If prompted, restart your computer after the updates install

Software Updates - Automatic Mac OS X

  • Click the Apple menu, then System Preferences...
  • Under System, click Software Update
  • Click the checkbox in front of "Check for Updates" and select "Daily" from the drop-down list
  • Click the checkbox to "Download important updates in the background"
  • Click the System Preferences menu, then Quit

TOP


Antivirus

Drexel University provides Sophos Endpoint Protection at no charge to all University students, faculty and staff. Please visit the IRT Software Server to download a copy of Sophos at
https://software.drexel.edu/

Note to Professional Staff and Faculty: Most on-campus computers used by professional staff and some faculty computers will automatically install Sophos when they log into the Drexel domain. Please contact the IRT helpdesk at 215-895-2020 for information about this process.

Sophos Antivirus - Automatic Updates Windows

  • Locate the blue and white shield at the bottom right-hand side of your screen.
  • Double-click on the shield or right-click on the shield and go to Open Sophos Endpoint Security.
  • Click on Configure Updating in the Updating section.
  • Click on Schedule tab and verify that Enable automatic Updates is checked.
  • Accept or change the interval (indicated in minutes)
  • Click OK.

Sophos Antivirus -Manual LiveUpdate Windows

  • Locate the blue and white shield at the bottom right-hand side of your screen.
  • Double-click on the shield or right-click on the shield and Click Update Now.

Sophos Antivirus - Automatic Updates Mac OS X

  • Locate the blue and white shield in the menu bar at the top of the screen.
  • Click and choose Open Preferences from the drop-down menu.
  • Open the AutoUpdate section and accept or change the frequency.
  • Interval can be set by minutes, hourly or daily.
  • Click OK to close

Sophos Antivirus - LiveUpdate Mac OS X

  • Locate the blue and white shield in the menu bar at the top of the screen.
  • Click to open the drop-down menu
  • Choose Update Now

TOP


Firewall

Students, Faculty and Staff

DrexelNet users are strongly encouraged to enable their built-in operating system firewall. Firewalls help protect computers by restricting remote access to critical system services.

Windows 7

  • Open your Control Panel
  • Choose Windows Firewall
  • In the left panel click Turn Windows Firewall on or off
  • Select each of the green shields to turn on Windows Firewall in three settings
  • Click OK to save the settings.
  • Close the Control Panel window.

Mac OS X

  • Click Apple Menu and then System Preferences...
  • Under Internet & Network, click Sharing
  • Click Firewall
  • Click Start
  • Click the System Preferences menu and then Quit

IT Professionals

Windows Systems Administrators are expected to implement Internet Protocol Security (IPSEC) policy within their server environment. IPSEC should be deployed in addition to host based firewalls for an added layer of protection. The IRTSG provides stock IPSEC policies for Windows File, Web, FTP, MSSQL and MYSQL servers. The stock policies restrict access to Drexel subnets and provide limited inbound and outbound access to the Internet.

IPSEC Policy Downloads

See an example of how to import an IPSEC policy (pdf) in Windows 2003 Server.

Need help? Contact security@drexel.edu for assistance with customizing and deploying IPSEC.

TOP