Computer Security Best Practices

The following tips and guidelines can help protect you from computer viruses, hacking and identity theft. Computers maintained by department staff are set up for automatic updates and anti-virus software. You must still use secure passwords, take precautions regarding email (suspicious email, phishing scams) and web browsing (spyware).

If you set up your own computer, it is your responsibility to secure your computer before you connect to the network.

Windows users should be using a supported version of Windows 10 unless there is some requirement not to. You can check support for a specific version of Windows 10 here.

Choose a strong password

Login password is often the first line of defense against unauthorized access to your computer. Computers with no password, or an easy to guess password, can be quickly broken into. Choose a secure password for every account. 


  • Use at least 8 characters
  • Mix upper and lower case letters
  • Include some punctuation and numbers
  • Change passwords periodically (recommended every six months)


  • Use words that can be found in the dictionary of a common language
  • Use names, such as that of a family member or of a pet
  • Use a date of birth or an ID number of any kind
  • Share your password with anyone

Update your Operating System and Applications

No matter which operating system (OS) you use, you need to keep it and major applications updated. Modern OSes and many applications can check automatically and tell you when an update is available. You should take advantage of this feature when possible, especially for MS Office and your web browser. 

Mac OS X

In System Preferences, select the Software Updates panel. Set it to check Daily or Weekly. OS X will notify you when any updates are available. It won't install them automatically, though it can download them. You'll need to log in as the administrative user to install them. Some updates need to reboot your computer.

Microsoft Office

To use Microsoft Office you should install Office 365. This will make sure that security updates will automatically be applied to the system. Microsoft Office is free for UW students, facutly and staff for work as well as home use. More information can be found here.

Anti-virus software

UW has site licenses for Sophos Antivirus. You can download Sophos for free here. (When you are at the link to install the software, it make sure to pay attention to the Username and Password you will need when installing.)

Don't open suspicious email

A simple rule of thumb: if you don't know the person sending you an email message or if you don't recognize someone's email address, be very careful about opening that email.  Remember, thought, that a virus-infected machine can address email to you from someone you know. If you weren't expecting something, be careful as well. 

While most viruses require you to open an email attachment to be infected, there are some that can infect your system simply by viewing the email.  When in doubt, delete it.

Watch for phishing scams

Phishing is an Internet scam where fraudulent emails and websites are used to trick recipients into surrendering their personal or financial data for malicious purposes. Phishers often use well-trusted brand names of banks, online retailers, or credit card companies to fool recipients into believing that the email is genuine and from a legitimate source.

Never use links provided in an email message. Go to the web site directly by typing the address in your browser's Address/Location field and login from there.   If you are not sure, call the company in which the suspected email came from.

Please visit the What is Phishing for more information about phishing, sample phishing email and how to protect yourself.

Be aware of spyware

Spyware and other malicious programs potentially provide unintended users with your most private personal information. For example, accessing your bank account online banking with spyware on your computer could provide a malicious user with your all of your bank account information. Software solutions that can scan your computer for any spyware and remove the spyware for you are available. Visit the What is Spyware for more information about spyware and how to get anti-spyware tools.

Back up data

Be sure to back up your data frequently. It's not a matter of if something will happen, but of when something will happen. Hard drives break, buggy software causes data corruption, break-ins may wipe the disk or cause more subtle harm. Set things up so that you don't have to remember to backup--for about $200 you can get an external hard drive and software that will backup every day automatically. Periodically write your data files to DVD or other permanent media. Multiple copies kept in multiple locations is your best defense against having to do all of that work over again.