IM Security
Many of the same caveats that apply to email also apply to Instant Messaging, and many of the same precautions are necessary:
- Encryption: Spark IM's connection to the IM server is encrypted by default. All other clients must be configured to use an encrypted connection; it is impossible to connect without enabling encryption.
- Downloading files: As with email attachments, exercise caution when accepting file transfers from other users. Only accept files that you are expecting and verify the sender. Ensure that you are running up-to-date antivirus software.
- Clicking Links: Be cautious about clicking on links in instant messages as well, as some web sites contain malicious code that may compromise your computer.
- Personal Information: Although UCR's IM server is only available to campus users with a valid NetID and supports message and connection encryption, it is best to avoid giving out personal information over IM.
- Connecting from Off Campus: Although it is not mandatory, it is a good idea to use the UCR VPN client when connecting to IM or any other UCR service from off-campus, as your internet connection will be encrypted and your password protected.
- Using Public Computers: Unless it is certain that a public computer can be trusted not to be infected with viruses, spyware, or keyloggers, it is best never to use a public computer to access any UCR service, as your UCR NetID may be compromised.