ITSS Home Information for Students

Senior Pledge

If you are graduating this May, the "real world" is rapidly approaching. Many of you will have new jobs and new homes in new cities. The last thing you need is an infected computer (especially if it was a graduation gift). To alleviate your new "real world" stress, take the following pledge to ensure that your computer is safe from threats.

Before I Graduate, I Pledge to:
(And after I graduate I will continue to)

1. Install good-quality anti-virus software, anti-spyware, and a software firewall:
   
   • Windows XP Security
   • ClamXAV - Free Virus Checker for Mac OSX
2. Patch and update my security software, operating system, and software applications regularly and promptly:
   
   • Microsoft Update
   • Updating Mac OSX
3. Learn how to recognize suspicious web addresses:
   
   • Anti-Phishing Phil
4. Beware of lesser-known security issues, such as cell phone Bluesnarfing:
   
   • Bluesnarfing Video
5. Be careful when using any wireless network-at home or on the Road:
   
   • Video

I Pledge to NEVER:

1. Open email attachments unless I know who sent the message and what is in the attachment:
   
   • Microsoft on email viruses
   • Apple on email viruses
2. Click on links embedded in emails unless I know who sent the message, what the link is for, AND where it will take me:
   
   • GetSafeOnline.org
3. Fall for official-looking emails that ask for personal or financial information:
   
   • Microsoft on Phishing
4. Fall for free offers of copyrighted materials which may be tainted with malware and may be illegal to use:
   
   • DocBug Blog on Copyright
   • Copyright.gov on Peer-to-Peer Filesharing
5. Participate in online social networking without knowing the risks:
   
   • NetSmartz Workshop

Making these practices a daily habit will pay off when someone you know contracts a virus on their computer or falls victim to a scam you were able to avoid.

Facebook: A Privacy Disaster Waiting to Happen?

How much information do we want others to know about us? Our first instinct might be to say, "Absolutely nothing," especially if these others are total strangers. These days, however, many people are exposing their information willingly via online photo galleries, Facebook, MySpace, LinkedIn, inCircle for UM alums, etc. As privacy and security drift further and further away from simply a lock and key, new ethical, cultural and legal issues arise. These issues were at the crux of last month's Ethics in Public Life event, "You've Been Poked: Privacy and Boundaries Online."

As the title suggests, the event focused primarily on the implications of Facebook. One of which was made particularly vivid: nothing says "generation gap" like Facebook. The panelists, comprised of university staff and professors, sat opposite the divide than myself—a Facebook aficionado since 2004, its global-campus pioneering year, conveniently right before my freshman year. Nonetheless, the panelists gave intriguing insight into this cultural divide.

Professors are flustered at the idea of students or teachers posting intimate details of their lives on the web. Yet, most students, raised on social networking sites, aren't quite sure what the fuss is all about. University authorities are worried about the impact sites like Facebook will have on student's careers and the reputation of the university. Students, on the other hand, use these sites openly to chronicle their lives and socialize with friends, slowly learning that their information and pictures are circulating far beyond where they intended.

A USA Today article cautioned readers in March of 2006 that, "College, high school and even middle school students across the USA have been suspended or expelled, thrown off athletic teams, passed over for jobs and even arrested based on their online postings."

Panelist Kerin Borland, Career Center Senior Associate Director and member of the Committee on Facebook, highlighted the role online social networking has with employers. According to Borland, forty percent of employers check out potential candidates on Facebook.

"Facebook should be more than a scrapbook," says Borland. "It is an identity that needs to be managed." But it is important to ask yourself if your virtual identity is a true representation of yourself. The answers probably vary to both extremes. But if your answer is "No," what makes others know that it is not your true identity? For students seeking internships or full-time jobs upon graduation, this is especially relevant. So should you revamp your profile and change your membership from "Future Bosses of MSU Students" to "Future Leaders of America?" Not a bad idea, but also consider changing your privacy settings. Borland said most companies and universities cannot or will not go to the trouble of looking at your Facebook profile if your privacy settings are restricted. Students and the general public are becoming more aware of these settings and limiting who can view their profile and how much of it certain people can view or who can find them in a search. Since the new advertising program was announced in December, the number of Facebookers visiting the site's privacy settings page has risen by 100,000 users a week, according to Web traffic analysis firm Compete. By comparison, weekly visitors to the privacy settings page jumped by 600,000 users per week immediately following Facebook's October announcement that user profiles would be open to public search engines.

"It used to be that only my Facebook friends or people from my university could view my information," says junior LSA student Molly Morgan. "Since the application has opened its doors to everyone, the thought of having your information available for anyone in the world to see is terrifying. For this reason I have restricted my profile so that only my friends can view it."

While students don’t want authorities online, many authorities and companies want to join in. While joining any social networking site poses a risk to your private information, the risks can be diminished by privatizing your profile and who has access to it.

And, of course, "Don't post information online that you wouldn't want a future employer or your mother to see," said Ethics in Public Life panelist and adjunct professor of law, education, information, and public policy Jack Bernard, reminding us to use caution in what we reveal to an online community.

Not only is it important to be mindful of your future in regard to Facebook, but is important to consider your personal safety and twice before revealing sensitive information like current partners and political views, or addresses and contact information. Panelist Judy Van Horn, Associate Athletic Director, expressed her concern about students being stalked via Facebook. With home addresses, phone numbers, email, screen name, and class schedule all possibly accessed by others if not privatized, it isn’t hard for whereabouts and contact information to get into the hands of the wrong person. Furthermore, fake profiles or spoofs can jeopardize an individual’s reputation (i.e. profiles claiming to be Coach Carr or Mike Hart) and their affiliated institutions.

Facebook and other social networking applications have without a doubt made a large impact on student life. Websites such as Facebook and LinkedIn allow people to keep in touch with acquaintances they otherwise would probably have never spoken to. However, the use of these websites creates problems with regard to privacy, and those of my generation are not overwhelmingly concerned with privacy issues. Yeah, Facebook has a privacy policy, but so what? They didn’t notify you when the “News Feed” application went into effect or when you profile suddenly became a listing viewable through any search engine. The take-home message here is that we should be conscious of what we expose online and who we expose it to, and taking advantage of privacy settings is an easy way to protect your information and yourself.

-Emma Frane efrane@umich.edu

ITSS Survey Results: Students Can Easily Boost Their Security Awareness

A recent student survey shows that while most students are aware of security threats, they are not necessarily able to prevent them. Seventy-six percent of the 156 students surveyed at this year's Winterfest do not know how to use the encryption software built in their computers. However, this effective way of privatizing personal information can be as easy as creating a folder. ITSS has created easy to use documentation to show users how to use the built-in encryption software, and other security features.

Regardless of what operating system is used (Macintosh, Windows or Linux), security experts agree on the essential ways to improve network and computer security: keep software up-to-date, use a host-based firewall, install anti-virus software, and use encryption software and keys. Many students may use one of the above methods, but it is important to make use of all of these protective techniques in a multi-layered approach.

The survey results show that students are not taking advantage of university computing resources that can help with their approach to protecting their computers: 30-42% of students are aware of the ResComp site and ITCS, and only 2-12% are aware of Identity Web, Virus Busters, Safecomputing, and BAYU.

"The best, and certainly easiest, way to boost your security awareness is to take advantage of available resources. The Information Technology Security Services' "Safe Computing" website is packed with security tools and tips ranging from how to browse the internet more securely to security considerations of network address translation," says Maria Sheler-Edwards, ITSS Communications Specialist. "The ITSS site exists in part to develop a university-wide security strategy. A major part of that is providing security techniques and preventative strategies for students."

For detailed information on encrypting your documents, thumb drives, or other security topics, see the Security Shorts documentation.