[IS&T Security-FYI] SFYI Newsletter, October 24, 2011

Monique Yeaton myeaton at MIT.EDU
Mon Oct 24 13:57:39 EDT 2011 

In this issue:


1. STOP Tagging at MIT

2. Cyber Security Pledge Campaign

3. Which AV Product is Better?



-------------------------------

1. STOP Tagging at MIT

-------------------------------


STOP tags<http://www.stoptheft.com/site/index.php> are a theft deterrent device<http://ist.mit.edu/security/loss/deterrents> and can help to return stolen laptops or other mobile devices to their owner.


At MIT, STOP tagging and registration is offered by the MIT Police Crime Prevention Unit. The unit has been working in collaboration with IS&T to make members of the MIT community aware of this service and to provide times and locations.


The service requires a $10 fee, paid in cash, or using an MIT cost object code. Bring your laptop or item to be tagged.


As Sgt. Cheryl Vossmer of the MIT Police has told me, the device is not fail-safe, but can make an item less attractive for thieves and be an aid for returning stolen items. Last week a laptop with a STOP tag attached was stolen off campus and was later found in some bushes off campus. A good samaritan called the STOP phone number on the tag, and before the owner knew the laptop was stolen, he was informed that it was found.


If you or someone you know can benefit from this service, please pass on the following upcoming opportunities:


Wed. 10/26

12:00 - 2:00 pm @ Maseeh Hall


Wed. 11/9
11:30 am - 1:00 pm @ E17, IS&T


Wed. 12/14
11:30 am - 1:00 pm @ E17, IS&T


The full list of scheduled dates<http://kb.mit.edu/confluence/x/e4CSAw> is posted in Hermes.



---------------------------------------------

2. Cyber Security Pledge Campaign

---------------------------------------------


In keeping with tradition at both the federal and state level, Governor Patrick has again proclaimed October as Cyber Security Awareness Month.


All Massachusetts citizens are invited to declare their commitment to using good practices for staying safe on the Internet by taking the Cyber Security Pledge<http://msisac.cisecurity.org/cyber-pledge>.


The pledge campaign – hailed as a friendly competition between states – has been launched by the Multi State Information and Analysis Center (MS-ISAC) to raise awareness of cyber security best practices.


The pledge outlines key behaviors that computer users should take to protect themselves and their information, both at home and in the workplace. The pledge also encourages us to take action by spreading the message of good cyber security practices to friends, co-workers, neighbors, and communities. The pledge contest runs through October 31 and is one of the many activities underway in recognition of October as National Cyber Security Awareness Month<http://msisac.cisecurity.org/resources/toolkit/>.



---------------------------------------

3. Which AV Product is Better?

---------------------------------------


The question about which AV (anti-virus) software to use comes up all the time. To date, it has been tricky answering this question to anyone's satisfaction. The software provided by MIT, McAfee VirusScan (or McAfee Security for Macs), does a pretty good job of keeping the most dangerous of viruses off your system, but it falls short when it comes to spyware protection.


A recent survey and comparison report by PC Magazine<http://www.pcantivirusreviews.com/antivirus-comparison.html> doesn't even list McAfee in the top five AV products. At the top of the list are products by Vipre, BitDefender, Kaspersky, AVG and Avast. Their cost is on average $40.


However, for many of us, having a free product is appealing. McAfee is a free download<http://ist.mit.edu/services/software/available-software?field_soft_app_type_value_many_to_one=antivirus&field_platform_value_many_to_one=All&field_mit_status_value_many_to_one_1=All> for the MIT community and it's better than using nothing. Another option, if you run a Windows machine, is to use the free products by Microsoft: Microsoft Security Essentials, Windows Defender and Microsoft Safety Scanner. Will these do as good a job?


The answer, again, is tricky. In the end, experiences may vary and depend on many different factors: The operating system and whether it has the latest updates, the use of protective measures built into the browser one uses, whether ports are open or closed and can limit incoming traffic to the computer, whether spam is caught before reaching one's inbox, and how AV product settings are configured (which areas it will scan, how often, how often virus definitions are updated, etc).


User behavior can also be a factor. If you use the computer primarily for responsible work-related purposes, you are more likely to avoid dangerous viruses on the Internet, than if you use it for personal use or click on everything and anything.


My suggestion is to buy the best AV product you can afford or take a risk with a free one. But remember, as with anything in this world, you get what you pay for. And do your homework to find the one that best suits your situation.


For next time: An article comparing and contrasting McAfee VirusScan to the Microsoft products mentioned above and other commonly used AV products.



===================================================================================

Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.

===================================================================================


Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20111024/781052fc/attachment.htm

More information about the ist-security-fyi mailing list