Search This Blog

Wednesday, June 4, 2008

Guidelines to Staff Members Regarding Internet Usage

Guidelines to staff members on Internet usage


Given below are a set of guidelines to increase security and reduce the chances of the Internet connection being misused:

  1. Each staff member wanting to access the Internet is being given an individual Cyberoam user id. (This user id is different from the Windows user id which you use to log in to the Windows system.) Each person is responsible for his user id.

  1. The staff members should not allow others to use personal id.

  1. Default passwords will be given to all users along with the new user id. All staff members should change the passwords immediately after logging in with the new user id for the first time.

  1. The password should have a minimum of 7 characters and should have a combination of lowercase letters, uppercase letters, number digits and/or special characters like $, # etc.

  1. It is better to avoid the use by students of the systems that are being used for accessing the Net.

  1. The systems that are being used to access Internet should be properly secured so that their chance of being misused is reduced.

  1. It is preferable to type the password for Cyberoam rather than using the option to save the password after logging in.

  1. It is requested that the students are not left unmonitored in places where the computers with connections to Internet are kept so as to prevent them from trying any unwanted things. All the above steps will make the systems more secure, but cannot completely prevent anybody from misusing it. It is possible for a knowledgeable user to circumvent all the restrictions.

  1. The usage of computers not configured for use of the Net also should be secured from misuse by unauthorized users who can change the settings/configuration and access the Net.

Tips for securing the systems being used to access Internet

  1. Only the person taking care of the system should know the administrator account password.

  1. The best operating system for system used for accessing the Internet is Linux as it is secure.

  1. In case you are using Windows XP, use a limited user account to browse the Net.

  1. Do not use Internet Explorer to browse the Internet as it has many security holes. Use

  1. Mozilla Firefox instead. It is fast and light weight.

  1. Disable booting from A: and CD-ROM in the BIOS. *

  1. Keep system boot-up password (in BIOS). This will prevent unauthorised access to the system. *

  1. Keep a complex password for the administrator account and also for other accounts through which users can access the Internet.

  1. Avoid saving important passwords in the Password Manager of Firefox. Also, keep a master password for the password manager.

  1. Some browsers like Firefox have a 'read ahead' feature, which reads all the pages being pointed to by various links in the page you are viewing so that the link that you click can be displayed immediately. But these links are recorded as being browsed by the user by the Cyberoam software. This same thing happening on a general web portal with links to all types of sites may create a wrong impression. Therefore, 'read ahead' feature in Firefox must be disabled in your PC. *

  1. Turn on SafeSearch to strict filtering in Google search preferences so that unwanted search results do not embarrass you.*

*See under Detailed instructions

Detailed instructions

Set Google’s safe search filtering: Google's SafeSearch screens for sites that contain unwanted and inappropriate matter from search results. While no filter is 100% accurate, Google's filter uses advanced proprietary technology that checks keywords and phrases and URLs. When SafeSearch is turned on, inappropriate sites are blocked from search results.

SafeSearch Filtering is the third option down in Google preferences.

You can set SafeSearch to one of three filtering levels.

  • Use strict filtering: This applies filters to both Image and Web search results. This is the safest setting for young children, and it may also be useful to avoid embarrassing results at work.

  • Use moderate filtering: This is Google's default setting. It filters Image results, but not Web search results.

  • Do not filter: This does exactly what it seems and does not filter your search results.

  1. Open the Google web page.

  2. Click on ‘Preferences’, located to the right of the ‘Search’ button.

  3. Scroll down to the SafeSearch Filtering

  4. Set Your SafeSearch Filter Level to ‘Use Strict Filtering’.

  5. Save your preferences by scrolling down to the bottom of the page and clicking on ‘Save Preferences’ button.

How to lock down the BIOS on your machine: The goal is to prevent users from booting from anything other than the hard drive. There are several tools that are bootable from CD-ROM and USB device that allow a user to change the administrator password or install files. And that's why you need to remove users' ability to use these tools. There are many different variables and the BIOS of the PC will be different based on the manufacturing company. The steps given below will give you an idea of what is to be done for your system.

  1. On boot, press [F2] or [Esc] or [Del] to access the BIOS setup.

  2. Under System, select Boot Sequence.

  3. Make sure the Internal HDD is the only device from which the system can boot. Disable the option of booting from any other device like the floppy, CD-ROM, USB. etc..

  4. Press [Esc], and select Save.

  5. Under Security, select Supervisor Password (or the admin password).

  6. Set a supervisor password. (This will prevent someone from changing boot options or changing the BIOS setup, but it won't interfere with normal operation.)

  7. Set a user password in the same way in case you want to make it more secure.

This way, any user should have has the BIOS supervisor password to boot from any other device.

(Caution: This safety feature can be overcome if the user has unsupervised access to the system.)

Changing Cyberoam password: Log in to access the Internet using the Cyberoam client program Right click on the Cyberoam icon on the right side on the task bar. A menu will be displayed.

  1. Click on ‘Show Client’.

  2. Click on “My Account’ on the left side. A web page will be displayed.

  3. Type your user name and the current password and click on ‘login’

  4. A page will be displayed with the usage records of the account.

  5. Click on ‘Personal’ near the top left of the page.

  6. Enter the current password once and the new password chosen by you twice in the text box meant for them.

  7. Click on ‘update’ to save the changes. Now the password will be changed. You can now close the page.

De-activating the pre-loading of web sites

You can disable this feature by following the procedure given below:

  1. Open Firefox.

  2. Type ‘about:config’ in the address line and press Enter.

  3. Look for ‘network.prefetch-next’ entry in the list. You can get it faster by typing ‘network.prefetch-next’ in the filter bar.

  4. Check the text in the fourth column (Value). By default, it should be ‘true’.

  5. In case it is true, change the value to ‘false’ by doing the following:

  1. Select network.prefetch-next and right click on it.

  2. You will get a context-sensitive menu. Click on ‘toggle’ to change the value to ‘false’

  3. Check whether the value is set to ‘false’.

In future, your system will download the websites only when you click on a link.

Posted by at
Labels:
Subscribe to: Post Comments (Atom)