Keck Graduate Institute of Applied Life Sciences
Keck Graduate Institute of Applied Life Sciences Search


Current Students
Academic CalendarOnline DocumentsLink to MBS CurriculumPhD ProgramsTeam Masters ProjectCareer ServicesInternshipsStudent LifeInformation TechnologyGeneral InformationSecurity and PasswordsEmailPrintersMobile ComputingMiscellaneous



www.kgi.edu

Information Technology

Security and Passwords

  1. What are Windows updates, Anti-virus and Anti-spyware used for?
  2. What is Phishing/Pharming and how do I prevent it?
  3. What are the password rules?
  4. How will I know when my password needs to be changed?
  5. How can I change my password using Windows? Faculty/Staff
  6. How can I change my password using Outlook Web Access (OWA)? Students
  7. What do I do if my password expires?

What are Windows updates, Anti-Virus and Anti-Spyware used for?
Windows Update is a Microsoft Web site that provides updates for Windows operating system software and Windows-based hardware. Updates address known issues and help protect against known security threats. When you visit the Web site, Windows Update scans your computer and tells you which updates apply to your software and hardware. You choose the updates that you want to install and how to install them. Microsoft releases many types of updates that address a broad range of issues. To make it easier for you to get the most important updates-updates that help protect your computer and your information-Windows Update uses these categories:

High priority
Critical updates, security updates, service packs, and update rollups that should be installed as soon as they become available and before you install any other updates.

Software (optional)
Non-critical fixes for Windows programs, such as Windows Media® Player and Windows Journal Viewer 1.5.

Hardware (optional)
Non-critical fixes for drivers and other hardware devices, such as video cards, sound cards, scanners, printers, and cameras.

Windows updates are located by going to Internet Explorer > Tools > Windows Update.

Anti-Virus software is a utility that searches a hard disk for viruses and removes any that are found. Most antivirus programs include an auto-update feature that enables the program to download profiles of new viruses so that it can check for the new viruses as soon as they are discovered. With new viruses discovered every day, the best way to protect your computer from viruses is to install anti-virus software and keep it up to date by checking for updates every week and when news of a major computer virus outbreak occurs. If you don't own a anti-virus package you can download AVG. We also recommend that you consider using a personal firewall software (ZoneAlarm or Tiny Personal Firewall - search for the product name).

Anti-Spyware software deletes and protects your computer from software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers. We recommend that you use packages such as Spybot and SpywareBlaster on your pc. 

What is Phishing/Pharming and how do I prevent it?
Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. Pharming uses the same kind of spoofed sites, but uses malware/spyware to redirect users from real websites to the fraudulent sites (typically DNS hijacking). By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince recipients to respond to them.

Although we do filter out many of the phishing emails, the number of attempts has increased dramatically over the past month. The emails are also becoming more sophisticated at evading detection.

Just as in the physical world, con artists will continue to develop new and more sophisticated ways to trick you online. The following are just a few phrases to watch for if you think an e-mail message is a phishing scam. Don't forget to trust your instincts. If an e-mail message looks suspicious, that probably means that it is.

"Verify your account." Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through e-mail. Be suspicious of a message that asks for personal information even if the request looks legitimate.

"If you don't respond within 48 hours, your account will be closed." Phishing e-mail may be polite and accommodating in tone, but these messages often convey a sense of urgency so that you'll respond immediately without thinking. Phishing e-mail may threaten to close or suspend your account or may even say your response is required because your account may have been compromised.

"Dear Valued Customer." Phishing e-mail messages are usually sent out in bulk and do not contain your first or last name. Although, it is possible that con artists have this information. Most legitimate companies (but not all) should address you by first and last name.

"Click the link below to gain access to your account." HTML-formatted messages can contain links or forms that you can fill out just as you'd fill out a form on a Web site. The links that you are urged to click may contain all or part of a real company's name and are usually "masked," meaning that the link you see does not take you to that address but somewhere different, usually a phony Web site.

Another common technique that con artists use is a Uniform Resource Locator (URL) that at first glance appears to be the name of a well-known company but is slightly altered by intentionally adding, omitting, or transposing letters. For example, the URL "www.microsoft.com" could appear instead as: www.micosoft.com; www.mircosoft.com; www.verify-microsoft.com

Microsoft won several lawsuits against individuals who have used these types of URLs to pose as legitimate Microsoft properties. However, the practice remains pervasive, so be aware of this technique.

Ebay's anit-phishing information web site is located at http://pages.ebay.com/help/confidence/spoof-email.html

The use of Anti-Spyware will help in the fight against Phishing\Pharming scams. For more anti-phishing information see Anti-Phishing Working Group.

What are the Password rules?
Choose a strong password. At least 6 characters with a mix of upper and lower case, numbers, letters and punctuation. Should not contain your username or any part of your full name. You must change your password every 6 months and you can't reuse your old password.

How will I know when my password needs to be changed?
Faculty/Staff: You will see a small window with a warning message "Your password will expire in the next 14 days. Do you want to change it now?" You can select to change it at this time or wait but you must change it within the 14 days of the warning message or you will be locked out of the KGI network. You will then need to contact IT to unlock you account.
Students: In Outlook Web Access you should see a banner warning you of your password expiration two weeks ahead of time. The banner appears in yellow just below the top row of icons. If you don't see it, you may want to upgrade to a newer browser version.

How can I change my password using Windows?
Faculty/Staff Using Windows: Press Control-Alt-Delete. At the Windows Security window left-click Change Password. At the Change Password window, enter your old password. You will then have to enter your new password twice for verification. Once you have finished successfully, Windows will say, "Your Windows Password has been successfully change." Log off of your machine, and log on again, to make sure your new password works.

How can I change my password using Outlook Web Access (OWA)?
Students Using OWA: Browse to the Outlook Web Access home page: http://mail.kgi.edu Enter your username and current password when prompted to connect to your personal e-mail account.
-From the shortcut bar on the left side of the window, click the Options icon.
-Click the Change Password button. Enter your domain (KGI), account (username), old password, new password, and confirm the new password. Click OK.
-Anyone using an email client will need to keep track of when the next change needs to be made (approximately every six months). Ret

What do I do if my password expires?
Send an e-mail request to helpdesk@kgi.edu.