Protecting your UQ computer

One of the easiest ways to compromise a computer’s security is through software vulnerabilities.

Make sure you restart your computer at least once per week so automatic software updates can be installed. If there’s a high security risk, you may be forced to restart your computer immediately.

Avoid running any out-of-date software on your UQ computer. Outdated software isn’t updated with the latest security features and puts your computer at risk.

All UQ computers have antivirus software. Don't turn this off as it protects your computer against malware and other cyber security threats.   

A common source of malware is files and software downloaded from the internet. Only download files from trusted websites. Torrents and file-sharing services aren't safe to use and are common sources of malware.

Downloading software, scripts or any form of executable file from an unknown source is extremely risky. You can get new software safely by self-installing or submitting an IT request.

You’re responsible for what you download, so be careful not to download pirated or unauthorised materials. This may introduce risk in the form of damaging licencing conditions, malware or harmful content that may damage your device, compromise your personal and UQ data or lead to potential security risks. Refer to UQ Policy and Procedures Library 6.20.03 Software Acquisition and Use for full details.

Be aware of advanced forms of social engineering that aim to trick users into installing malicious software such as:

• Search Engine Optimisation Poisoning (SEO) also known as search poisoning whereby malicious websites hijack the search engine of popular websites so they show up prominently in search results. Unsuspecting users click on the links to the malicious websites  which lead them to phishing sites, malware downloads and other cyber threats.

• Drive-by-downloads (imposter websites) are websites that appear legitimate but when visited the user unintentionally downloads malicious code which is used to steal and collect personal data, inject trojans or introduce malware to endpoints. Users may visit these sites by responding to a phishing email or by clicking on a deceptive pop-up window.

• Malvertising is malicious advertising that cybercriinals use to inject malware to a user's computer when they visit a malicious website or click on an online advertisement. Malvertising can appear anywhere, even on legitimate sites users frequent regularly. 

UQ offers many cloud-based applications for staff and HDR students that meet security requirements and are safe to use. Although many external applications are available, some come with security risks.

Before using an external application, submit an IT request to discuss your requirements.

Some roles allow you to have administrative access to your computer. You should only use this access for the specific tasks that require an administrator role.

Don’t log in as an administrator for ordinary computer use. If an application you’re running as an administrator is compromised, it can be used to gain control of your computer.