The Internet exposes your computer to dangers from every corner of the globe. Learn what you can do to protect yourself and Stanford from these threats and to safeguard all of our information resources.
Latest Security Announcements
- New SUNet password strength rules are now in effect
- 1018 users still running Windows XP after its end-of-life date
See the General Security Announcements page for more details.
If you've just come from watching our security awareness video, you can find follow-up information on the welcome page.
Attackers scan computers accessible to the Internet approximately one million times/day in order to break into them. As an open research and education organization connected to the Internet, Stanford's network is accessible to almost anyone, including attackers.
If your computer is not properly secured or has weak passwords, attackers can:
- Delete, change, and/or steal your data
- Install spyware to monitor your keypresses, emails, IMs, or anything else (sometimes even microphone and camera)
- Use your computer as part of a 'botnet' to recruit other compromised computers and perform mischief like sending spam or attacking other computers (making you look like the attacker)
- Steal enough information to impersonate you for fun or profit (i.e., identity theft)
The front line defenses include:
- Strong passwords
- Proper security configuration(s) on your computer
- All security updates for your computer
The steps below will help you have a safe and happy computing experience at Stanford.
The Three A's of Computer Security
- Time-Sensitive Security Alerts
- General Security Announcements
- Communications from Senior University Management
- Computer Security FAQ
- Computer Security Myths
- Phishing: How hackers use social engineering to get your data
- About harassing emails
- Security training
- Advanced: Formal Stanford Policies
- Advanced: Other Security Policies
- Set a strong password
- Keep your computer up to date: BigFix
- Securing your desktop
- Securing your smart phone and tablet
- Essential Stanford Software (antivirus, patch management, and so on)
- Endpoint Compliance Requirements
- Third Party Security Requirements
- International Travel: ISO Recommendations
- Secure email
- Requirements for Email servers and clients at Stanford
- Qualys Network and Web Application Vulnerability Scanner
- Splunk Operational Intelligence
- Computer equipment transfer and disposal guidelines