Software and Procedures Approved by Information Technology
Approved Operating Systems (Subject to Change)
- Windows 7, 8.1, and 10 are supported. Security patches must be kept up to date.
- Mac OS X version 10.9 and above.
- When Unix or Linux are required for a specific use case, it must be supported by a third party and security patches must be kept up to date. Red Hat Enterprise Linux is preferred.
Approved Personal Firewalls (Subject to Change)
- For Windows, be sure to turn on Windows Firewall. Recommendations of other firewalls are not yet available.
- Firewalls for other operating systems have not been evaluated.
Approved Anti-virus Software (Subject to Change)
- For Windows, Crowdstrike for Windows.
- For Macintosh, Crowdstrike for Macintosh.
- Anti-virus software other operating systems has not been evaluated.
Approved Anti-spyware Software (Subject to Change)
- For windows, Spy Sweeper from Webroot (preferred), Ad-Aware from Lavasoft (free), or Spybot Search and Destroy from Safer Networking (free).
- Anti-spyware software other operating systems has not been evaluated.
Approved Data Protection Tools (Subject to Change)
Normally deleting files just marks space that the files were using as available. It does not actually remove data. Someone else who is assigned the available space could easily retrieve the data. Even after disks have been overwritten with new data, it may still be possible to determine what was there before by physically inspecting the magnetic surface with special tools.
There are four ways to prevent the inadvertent transfer of data that should be kept private when a computer is transferred to someone else or discarded:
- Only save private data on protected disk drives.
Information Technology operates computers that provide disk drives for this purpose. This is the preferred method for dealing with reports generated by Banner.
- Encrypt all private data written to disks.
The free open source program VeraCrypt allows a section of a hard disk to be treated as special disk drive on which files are automatically encrypted before they are saved. A password of your choice is required to map the encrypted disk drive. Once the encrypted disk drive has been mapped, it behaves just like any other disk drive attached to your computer.
This method has the advantage of protecting private information while your computer is in use as well as after it is discarded. Information Technology recommends that VeraCrypt be used to protect data on laptops and computers in insecure areas. If you misplace your VeraCrypt password, the data is irretrievable. IT cannot recover the password or the encrypted data.
- "Scrub" disk areas that may have contained private data before transferring or discarding a computer.
The free open source program Eraser is recommended for erasing portions of a disk. It repeatedly overwrites deleted files and unused disk area with bit patterns selected to remove any residual data that could be picked up by physically inspecting the disk.
The free open source DBAN program can be used to overwrite all hard disks on a computer. This eliminates software as well as data. It should be used to completely clean hard disks before a computer is sold or discarded.
- Physically altering the media.
Physical destruction of the media is the only method other than encryption that is suitable for preventing access to private information stored on CDs and DVDs. It can also be used for hard disks and other magnetic media. Magnetic media can also be altered by re-aligning magnetic domains in the material with a process known as "degaussing."