some Security Awareness
Tips from Cert US:-
How can you minimize the access other people have to your information?
What other steps can you take?
Don’t tell ANYONE your password
One way someone could learn your password is to phone you claiming to be from another part of your organization, maybe your IT or Audit teams, and say they need your account details to let them investigate problem. This should never be necessary. Good systems are set up so that nobody but you will ever know your password and authorized IT workers have their own accounts giving them access to what they need.
A password should be used by only one person.
Passwords are like bubble gum; they are much better when used by only one person. If you share your computer with others, each person should have a unique account, username, and password. Don’t allow another user to know or use your password, and don’t ask another user if you can use theirs. When it’s your turn to use the computer, log the last user off, and log on using your own username and password. When you take a break, don’t leave your computer open. Log off or lock it. And remember: Passwords shorter then 8 characters are easy to crack; avoid common words and proper names; and use both uppercase and lowercase letters, numbers, and symbols.
Beware of USB flash drive’s autoplay feature
- If you find a USB token in the wild, don’t plug it into your USB port as it could autoinstall software if your system is set to autoplay CDROMs.
- Though many organizations’ standards call for disabling autoplay of CDROMs, you should check and set yours. To disable autoplay follow these instructions (for WinXP):
- Open My Computer
- Right click on your cdrom drive selecting “Properties”
- Select Autoplay page and set each menu option to “Select an Action to Perform” = “Take no action”
- Click Apply (you must apply each setting change one at a time!)
- Repeat for each item in the list (alternatively ensure that all are set to “Prompt me for action”)
Protect your home wireless networks
No matter how friendly you are, you wouldn’t let your neighbor read your bank statements and private letters. If you have a wireless network in your house and don’t protect it, you could be doing just that. As they come “out of the box”, most wireless networks let anyone in range connect to them and that could also let them see your PC and your email. It is worth taking a few extra minutes when setting them up to enable the encryption settings. Briefly, if you don’t understand the jargon, WPA is better than WEP.
Take time to explore security settings
Whether it is financial management software, instant messaging or a social networking website, take the time to see what security settings are offered to protect you and your information. Follow these steps for all of the software you use, not just email.
- Go to Options or Preferences
- Every program is different, so look for words like “Privacy”, “Safety” or “Security” and click on them.
- Select the most restrictive option (i.e. only let the people you approve view your information or contact you — or the one that best accommodates your business needs).
- Save the settings.
Check for encryption or secure sites when providing confidential information online
Credit card and online banking sites are convenient and easy ways to purchase and handle financial transactions. They are also the most frequently spoofed or “faked” sites for phishing scams. Information you provide to online banking and shopping sites should be encrypted and the site’s URL should begin with https. Some browsers have an icon representing a lock at the lower right of the browser window. For more information about phishing, please visit https://www.onguardonline.gov/phishing.html
Backup important files on a regular basis
Backup important files on a regular basis and store the backups in a safe place. (Preferably off site.) You can backup files to removable disk or save copies to network shares. Unfortunately, it’s not a matter of “if” you’ll lose files one way or another; it’s a matter of “when”.
Four Tips to Help Keep Your Computer Secure
- Anti-virus. A reliable, effective anti-virus program with the latest updates. Both licensed and free anti-virus software are available. Whichever you use, make sure it scans incoming and outgoing emails for malware.
- Anti-spyware. Reliable effective anti-spyware is a must for securing your computer. Both licensed and free anti-virus software, such as Windows Defender, are available.
- Two-way Personal Firewall. Two-way personal firewall software monitors network traffic to and from your computer and helps block malicious communications.
- Anti-Keylogger software. Anti-Keylogger software products, like AntiLogger and Keyscrambler Personal, help prevent what you type on your computer, especially sensitive information such as the usernames, passwords, and financial information you use in making online transactions, from being hijacked by Bad Guys.
Make sure your personal information is protected when you do business online
Always read the privacy statement before you fill in the blanks. You should also verify that the site is using encryption before you submit any information — look for https in the web address and for a padlock or key in the lower right corner of your browser. Don’t send your personal information (social security number, credit card number, etc.) in an email or through instant messaging.