The information in these pages is addressed to all computer users in the University of Cambridge. The security of all machines on the Cambridge University Data Network (CUDN) depends on every account and machine being secure and free of malware such as viruses, worms and spyware. A single insecure account or machine can cause a major security incident or cause a virus attack to be propagated. Conversely many computer security incidents are preventable by a combination of keeping machines up to date, having adequate anti-virus protection and having strong passwords on all accounts.
Any computer that is connected to the network should be considered vulnerable to attack. Every release of an operating system has a loophole waiting to be found and, once found, loopholes are usually advertised and automated attacks follow within days. If you have just bought a new computer, or installed an operating system 'out of the box', it is probably already out of date and, for it to be secure, you will need to update the system software by applying patches, hot fixes, upgrades or security fixes (the terminology differs, depending on the operating system run). You will also need to apply patches to the applications you run (e.g. word processors, web browsers, mail programs) and check that strongs passwords are set on all accounts.
Anti-virus protection is essential on all machines, whether at Cambridge or at home. Cambridge has a site licence that covers a wide range of Network Associates anti-virus products, at no cost to individual users.
The Cambridge Computer Emergency Response Team (CamCERT) co-ordinates the handling of security incidents within the University. Any suspected computer/information security incidents should be reported to them.