General Security Best Practices



Similar documents
Know the Risks. Protect Yourself. Protect Your Business.

Cyber Security. Securing Your Mobile and Online Banking Transactions

National Cyber Security Month 2015: Daily Security Awareness Tips

STOP. THINK. CONNECT. Online Safety Quiz

Malware & Botnets. Botnets

How to stay safe online

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

TMCEC CYBER SECURITY TRAINING

Your Digital Dollars Online & Mobile Banking

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

Fraud Prevention Tips

Tips for Banking Online Safely

Desktop and Laptop Security Policy

Protect yourself online

Infocomm Sec rity is incomplete without U Be aware,

Best Practices Guide to Electronic Banking

Protect Yourself. Who is asking? What information are they asking for? Why do they need it?

TOTAL DEFENSE MOBILE SECURITY USER S GUIDE

October Is National Cyber Security Awareness Month!

Safety precautions for Internet banking or shopping How to avoid identity theft online

Marlon R Clarke, Ph. D., CISSP, CISM Director Network Operations and Services, NSU

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

BSHSI Security Awareness Training

Business ebanking Fraud Prevention Best Practices

The following information was provided by SANS and discusses IT Security Awareness. It was last updated in 2015.

Understand What s Going On

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

STUDENT S INFORMATION SECURITY GUIDE

BE SAFE ONLINE: Lesson Plan

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

Information Security Guide for Students

SCRIPT: Security Training

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Remote Deposit Quick Start Guide

10 Quick Tips to Mobile Security

Learn to protect yourself from Identity Theft. First National Bank can help.

NATIONAL CYBER SECURITY AWARENESS MONTH

Version 2 January 2015

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Malware, Spyware, Adware, Viruses. Gracie White, Scott Black Information Technology Services

INFORMATION SECURITY GUIDE FOR STAFF

Reliance Bank Fraud Prevention Best Practices

Quick Start. Installing the software. for Webroot Internet Security Complete, Version 7.0

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Privacy & Security Standards to Protect Patient Information

Cybersecurity Best Practices

Protecting your business from fraud

Computer Network and Internet Security Awareness and Responsible Use. Indian River County School District

& INTERNET FRAUD

CYBER-SAFETY BASICS. A computer security tutorial for UC Davis students, faculty and staff

Contents Security Centre

Paramount Unified School District Technology and Ed Services Departments Computer In-service

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

F-Secure Mobile Security for Business. Getting Started Guide

Cyber Security. Maintaining Your Identity on the Net

Must score 89% or above. If you score below 89%, we will be contacting you to go over the material individually.

Information Security It s Everyone s Responsibility

Retail/Consumer Client. Internet Banking Awareness and Education Program

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

SHS Annual Information Security Training

Online Cash Manager Security Guide

Computing Services Information Security Office. Security 101

High Speed Internet - User Guide. Welcome to. your world.

Advice about online security

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

Paramount Unified School District Technology and Ed Services Departments Computer In-service

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

ALTA OFFICE SECURITY AND PRIVACY GUIDELINES ALTA

Protection from Fraud and Identity Theft

HIPAA Privacy & Security Health Insurance Portability and Accountability Act

Know the Risks. Protect Yourself. Protect Your Business.

Defense Media Activity Guide To Keeping Your Social Media Accounts Secure

Presented by: Islanders Bank

{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com

Internet basics 2.3 Protecting your computer

Your security is our priority

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

ENISA s ten security awareness good practices July 09

Kaspersky Security 10 for Mobile Implementation Guide

Security Awareness. ITS Security Training. Fall 2015

Austin Peay State University

Internet threats: steps to security for your small business

Information Security Training. Jason Belford Jimmy Lummis

SENIORS ONLINE SECURITY

Stable and Secure Network Infrastructure Benchmarks

FILTERING FAQ

Data Protection Act Bring your own device (BYOD)

Cyber Security Awareness

Research Information Security Guideline

Basic Computer Security Part 2

When registering on a jobsite, first ensure that the site is reputable and has a physical address and landline phone number.

Fraud Information and Security

How To Protect Your Information From Being Hacked By A Hacker

Digital Safety and Privacy

Security Breaches. There are unscrupulous individuals, like identity thieves, who want your information to commit fraud.

DSHS CA Security For Providers

Privacy Policy Version 1.0, 1 st of May 2016

Transcription:

General Security Best Practices 1. One of the strongest physical security measures for a computer or server is a locked door. 2. Whenever you step away from your workstation, get into the habit of locking it. Usually this can be done by using the keyboard Windows and letter L keys at the same time or pressing Ctrl + Alt + Delete and selecting the lock option. 3. When not in use, set your computer to lock automatically. Require a password to unlock. 4. Always make sure your antivirus program is up-to-date and running. This program needs to be on at all times. 5. Do not install programs onto your computers without permission from your IT administrator. Installation of unauthorized programs may result in loss of data, financial loss, and disruption to the network. 6. Be suspicious of untrusted removable media (e.g., USB drives, etc.). Viruses may attempt to copy themselves onto the media thereby affecting other devices to which you attach the drive. 7. Social Engineers may call to ask what your or someone else s password or user credentials are. They might impersonate someone high-up in the company or threaten some form of negative action against you. Never share your network credentials with anyone. 8. Encryption for computer devices can be an effective method for protecting sensitive data. Ask your IT administrator how best to utilize encryption methods. 9. Always wipe or destroy old storage media that is no longer needed or prior to being recycled. 10. Report anything suspicious to your supervisor.

Password Security Best Practices 1. Never tell your password to anyone. 2. Do not post your passwords on your displays, leave it under your keyboard, or store it anywhere around your computer. 3. Don t store a digital list of passwords in an unencrypted file labeled Passwords on your computer. 4. Passwords should not contain birth dates, employee names or initials, the organization s name, or any part of the user ID. 5. Passwords should be at least 8 characters long and complex (a combination of capital and lowercase letters, and at least one number or symbol). 6. Passphrases are like passwords, but longer and much more difficult to crack. Passphrases involve the use of a memorable phrase, rather than simple words. For example, ilikech0c0late!. Avoid common famous quotes or song lyrics. 7. Passwords cannot be reused and should be changed at least every 90 days. 8. Passwords should be changed immediately when first assigned by your IT Administrator or if it s ever shared with anyone. 9. Emails that come from trusted sources will NEVER ask for your password.

Email Security Best Practices 1. Do not click on links within emails that you weren t expecting. These links may result in installation of malicious software. 2. Open only email attachments you are expecting and that are from a trusted sender. 3. Do not respond to spam or otherwise suspicious email. This merely confirms your address to cybercriminals, who will then target you for even more spam and viruses. 4. Use the Unsubscribe link at the bottom of legitimate email to remove yourself from a mailing list. Do not click the Unsubscribe link of a suspicious email. Then you are unintentionally confirming that your account is active to cybercriminals. 5. Immediately delete suspicious emails, or mark them as spam/junk, in order to keep the risk of computer infection to a minimum. 6. Reduce the amount of junk email you receive by being cautious and selective where you share, post, or submit your email address. 7. Use a spam and malware filter for email. 8. Never send personal, confidential, classified, or otherwise sensitive information via unencrypted email.

Secure Web-Browsing Best Practices 1. Click with caution: The Internet is full of potentially harmful websites and programs. Avoid them by not clicking any link that you don t know where it will take you. Many websites can put you at risk by installing unwanted software without your permission. 2. Do not install toolbars or untrusted add-ons for your web browser. Often times these collect data, log passwords, and gather other sensitive identification. 3. Do not click on links or popups telling you your computer is infected, or that you owe the government money. You may owe the government money, but they re not informing you via unsolicited web pop-ups. 4. Malware may come as part of a free deal offer. Do not accept free deals over the Internet. 5. When visiting a website, type the address directly into the browser rather than following a link. 6. When available, use HTTPS rather than HTTP in URLs (i.e., web addresses). 7. If you receive notification of an invalid SSL certificate while browsing a web page whether via a red bar in the browser s address field or via a pop-up window leave the page without submitting any personal information. Your privacy cannot be assured. 8. Keep your operating system, web browser, and other Internet applications (e.g., Java, Flash, etc.) patched and up-to-date. 9. Read website privacy policies. 10. Avoid transacting private business over public WiFi. 11. Only provide personal or sensitive information on sites that have HTTPS at the beginning of the web address.

Social Media Security Best Practices 1. Consider strongly how much personal information you provide on social networking sites. The more information you post, the easier it may be for a cybercriminal to use that information to steal your identity, access your data, or commit other crimes (e.g., stalking). 2. Protect your reputation on social networks. What you post online stays online. 3. Be selective about who you accept to become your friend. Once you have accepted someone as your friend, they will have access to any information (including photographs) you have marked as viewable by your friends. 4. Read website privacy policies and understand how your personal data may be used without requiring your explicit permission. 5. Learn about and use the privacy and security settings on your social networking sites. You control who sees what you post as well as manage your online experience. 6. Refrain from posting about your out-of-town vacation on social media websites until after your return. Doing otherwise, essentially advertises that your home is unoccupied. 7. Social media website passwords should be at least 8 characters long and complex (a combination of capital and lowercase letters, and at least one number or symbol). 8. When available, use HTTPS rather than HTTP in URLs (i.e., web addresses) to access social media sites. 9. Click with caution: Social media sites are full of potentially harmful links. Avoid them by not clicking any link that you don t know where it will take you. Many links can put you at risk by installing unwanted software without your permission. 10. Be wary of URL shortening (e.g., http://bit.ly/wn4vdz). This is a recipe for criminals to hide their malicious sites using obfuscation.

Mobile Device Security Best Practices 1. Set your portable devices (e.g., tablets, phones, etc.) to lock automatically when not in use. Require a password to unlock them using the strongest password supported. 2. Make sure all operating system and application updates and patches are installed. 3. Encryption is an effective method for protecting sensitive data. This feature will turn the data on your phone into garbled text until properly unlocked with a password. 4. Enable a remote wipe feature, if available. This allows you to clear you phone of sensitive data should it be lost or stolen. 5. Disable wireless access (e.g., Bluetooth, WiFi, etc.) when not actively in use to dissuade unauthorized wireless access to the device. 6. Disable the geotagging feature on your phone. Geotagging adds GPS coordinates to your photographs, which creates the potential for stalking. 7. Do not install apps from unofficial app stores. You should only download from trusted app stores, and then only the more popular apps. This minimizes the chance of inadvertently installing malware onto your devices. 8. Regularly backup your mobile devices using a trusted cloud-based backup application. 9. Be wary of conducting sensitive business over public WiFi. 10. Wipe or destroy storage media that is no longer needed or prior to being recycled. 11. Report lost or stolen mobile devices with company data to your supervisor immediately. 12. Jail-breaking or rooting a phone means significantly weakening the security of the device. Much of a phone s security is tied to code-signing and software sandboxing that is undermined by removing the digital-rights management. 13. Antivirus for phones and tablets remains a controversial topic. Based upon the current lack of known mobile device threats, AV is handled on a case-by-case risk-reward basis. 14. Log out of banking and shopping apps/sites when not in use. This will minimize the negative impact of a compromised device. 15. Avoid texting or emailing personal information (especially pictures). Once it leaves your device, you lose any control of its distribution.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information