From http://www.computersecurityday.org/: „Computer Security Day was started in 1988 to help raise awareness of computer related security issues. Our goal is to remind people to protect their computers and information. This annual event is held around the world on November 30th although some organizations choose to have functions on the next business day if it falls on a weekend.“ (The Computer Security Day web site seems to lack updates as posters for 2009 are still announced on their home page, but Computer Security Day is nevertheless a good idea.)
There is a list of suggestions on what you could do on Computer Security Day (and on other days of the year, of course), taken from http://www.wikihow.com/Participate-in-Computer-Security-Day. I chose to take a look at step 5 „Check for software and program vulnerabilities“. The preceding steps are reading your workplace’s computer security policy (contains no surprises and a lot of common sense at our college), and more steps focus on workplace safety, physical security and cleaning. So, back to step 5.
- When did you last change your password? Do it today if you can’t remember. Read How to choose a computer password that is hard to guess for more help.
I changed my password on 2010-10-01. Getting curious, I checked the dates for my nearest colleagues with whom I share a corridor: 2010-06-28, 2010-06-06, 2009-02-04, 2008-04-15, 2007-06-11, 2007-05-18, 2007-04-30. - Do a virus sweep. Read How to remove a virus if you find one.
Antivirus software on my machine is automatically updated with current signature files and performs regularly scheduled checks. - Delete unneeded files. They use memory but also create clutter, making it both harder to find or spot problems, and providing more potential „gateways“ for viruses to enter through. A regular clean up is cathartic.
Good idea. I will postpone it to the week before Christmas or to the first week of the new year. - Get rid of your Adobe Flash cookies. Read How to delete Flash cookies for the instructions.
I deleted all 105 flash cookies. - Examine the audit files on your computers.
I examined the log files of the operating system for the last week. The antivirus software reported that it had quarantined a file because it heuristically decided that the file contained malicious code. I will have to look into that. The file belongs to an application that I had installed about a year ago from original installation media. Either the heuristics are wrong or a process managed to modify a file with an access control list that only allows members of the Administrators group to modify (and, hence, malicious code must have been running under an administrative account).
I was not aware that I had 165 application logs on my machine that were retrievable by Windows Event Viewer (Microsoft products alone account for 152 of the logs).
