If you are suspicious about a call, ask for more information and report the incident to it security.

Anyone can call and ask for information. If you believe that someone is attempting to get sensitive information from you or to get you to complete a task that could lead to a security breach, ask them for their name, number, and what they want. Report the incident to IT security before fulfilling any of their requests. The IT department will let you know if the request was legitimate.

Identity theft can lead to a damaged credit score. Place stolen credit cards on fraud alert with all three Reporting Agencies.

After reporting a stolen credit card to your credit card agency, you should also contact the three national credit reporting agencies to place a fraud alert on your account. Experian, TransUnion and Equifax can freeze your account to ensure that there are no new changes to your credit, such as new accounts being opened in your name.

Network sharing can be dangerous. Turn off sharing when using your laptop in a public place.

The sharing feature that lets you share music, videos, documents, and printers with other computers in your home can represent a security risk if you use it in a public place. Others could use this feature to view or even alter documents that you have on your computer. When using your laptop in a public location, turn off the sharing feature entirely.

Social media is viewable by anyone. Make sure your opinions are seen as your own, not the organization’s.

Anyone can view your public social media accounts. If you make it known that you work for the organization, put a disclaimer on your social media accounts stating that any opinions you post are your own.

Records should never be destroyed because they contain evidence of misconduct or embarrassing information.

Never destroy documents simply because they are embarrassing or show instances of misconduct. This is true even if the documents expose illegal acts or are damaging to the organization. To destroy documents in this fashion would be considered an instance of a cover up. Hand any concerning documents to the appropriate supervisory staff instead.

Identity thieves may use unsolicited credit offers to gather information. Consider opting out.

Everyone gets unsolicited credit offers in the mail, but not all of these credit offers are legitimate. Identity thieves may send out these offers in an attempt to gather personal information from you. Consider opting out of all unsolicited credit card offers. If you are interested in a credit card, apply directly with the credit card service rather than responding back to unsolicited mail and only work with reputable credit card companies.

If you don’t know who an email is from, don’t click on any hyperlinks or pictures in the email.

Attackers embed hyperlinks to malicious websites into phishing emails in an attempt to infect your computer. If the email could possibly be legitimate, don’t trust the link in the email. Look up the legitimate website independently and manually type the URL (Universal Resource Locator – like http://www.inspiredelearning.com) into the address bar, rather than clicking on the potentially
bogus hyperlink in the suspicious email.

Don’t allow others to view sensitive information on your screen over your shoulder.

This is called “shoulder surfing” and is one way that valuable information can be stolen. This type of attack takes advantage of the courtesy or trust offered by the victim.

Report any instances of fraud or attempted fraud you become aware of.

If you notice something “just a little off” in the records, or in another person’s actions, this might be an indication of inappropriate or suspicious activities. There may be a simple and innocent mistake, or there may be something much more serious happening. Report these peculiarities to management and allow them to take a closer look as necessary.

Turn in any information assets, such as USB drives, that you find to the security or IT department.

Don’t read the documents. Don’t turn on the laptop computer. Don’t plug in the USB flash drive. Don’t access the CD or DVD disks. These supposedly “lost” documents and devices could contain misinformation or malicious software that could infect your computer and the network with eavesdropping or other types of malware.

Be sure operating system and application updates on your computer are occurring on a regular basis, typically at least weekly.

Your computer’s operating system, applications, and antivirus software require regular updates. Without them, they become progressively more vulnerable to attack. These software components should be configured to update automatically. Report any
update failure notices to the IT department.

Report the loss of any information assets, like printed documents, laptops, USB drives, smartphones, etc. To the IT or security department as soon as you recognize the items are missing.

The loss of devices is costly, but the loss of the information stored on the document or device is substantially more mostly. The IT department has procedures to minimize the losses and can do it better when they can react quickly after the loss.

If you reuse passwords, a breach of one account becomes a breach of all of your accounts.

If you use the same password for all of your accounts and a single account is breached, all of your accounts will become vulnerable. Always use completely unique passwords for each of your accounts. Don’t use variations of your password for separate sites, such as a base password that has a single alteration each time; these can be guessed.

Some malware programs will require that you pay to unlock your system. Avoid “ransomware” through good system security habits and do not make any payments.

Malware programs called “ransomware” will infect your computer and demand that you pay a “ransom” to the creator of the program to remove it. You should never pay the ransom requested; this will only give the creator of the program access to your personal and financial information. You can avoid ransomware by keeping your operating system updated, using an antivirus program and conducting regular system scans. Ransomware can be removed the same way as malware using an antivirus program.

Computers aren’t the only things with hard drives. Printers and fax machines need to be wiped clean before being disposed of.

Printers and fax machines must have their hard drives completely wiped clean before being disposed of. These machines often keep copies of the last documents they printed or faxed in their memory. If you do not wipe their memory before disposing of them, you may put sensitive or confidential data at risk. Simply deleting the hard drive is not always enough because remnants of the data may be left behind. There are recycling companies that specialize in the destruction of data on these types of machines before breaking the machines down.

Your child may become the target of cyberbullying. Talk to your child about bullying and watch them for any behavioral changes.

Cyberbullying can occur at any time and the signs of cyberbullying can be subtle. Every child is different. Watch for any behavioral changes in your child. If your child is ordinarily talkative, he or she may become unusually quiet. A usually obedient child may become disobedient or sullen. Make sure that you talk to your child about cyber bullying and monitor their Internet use. Cyberbullying can take a very serious emotional toll on a child and it isn’t always easy to spot.

Phishing attempts may be used to steal bank login details. Never use a link sent to you via email to access your bank account.

Emails from your bank may be duplicated by con artists who are seeking to acquire your login details. These emails may appear to originate from your bank and may ask you to click a link to login and verify your information. Often, these emails may be extremely convincing and completely mimic the format of your bank. The link will often lead to a website that looks like your bank but is not. Always go to your bank directly by typing the URL into your browser. Never click on a link within an email to go to your bank.

You may not always be able to detect a phishing attack. If you believe you have fallen victim, contact the help desk.

Many phishing attacks can be quite convincing and you may not realize that you have fallen victim to one until too late. If you feel that you may have accidentally given out sensitive or confidential data, you should immediately contact the Help Desk. They will be able to determine whether the email or call you received was legitimate.

Children often bully others, but that doesn’t make it acceptable. If your child is becoming a cyberbully, take action immediately.

There are many reasons why children may begin bullying others. If you suspect that your child has been bullying others online, you should take action to get your child professional help. Your child may be acting out for reasons you aren’t aware of, but the problem needs to be addressed immediately. Cyberbullying is a crime, and your child may face legal repercussions for their actions.

“Trolls” intentionally attempt to disrupt forums and blogs. Always ignore trolls.

Internet “trolls” are mean-spirited individuals who attempt to disrupt forums, blogs and social media accounts. They will often lash out to try to provoke an emotional response and they may come in groups. You should never try to argue with a troll; they already know they are wrong, they are simply trying to irritate you.

Data not properly backed up could be lost forever. Protect your computer data with a cloud backup system.

If you don’t backup your data regularly, you may lose it. You can protect yourself through the use of a cloud backup system. A cloud backup system can usually be accessed from anywhere in the world and any device, provided that you have the password. Cloud backups are extremely stable and will back up your system automatically. Further, they are in a separate physical location from your data, allowing you to protect against fire and flood. However, they can also represent a security risk if not properly secured because of their accessibility, so always use a strong password with your cloud backup service.

Your personal home computer may become the target of attacks. Use a personal firewall to protect yourself.

To ensure that intruders cannot get into your home computer and steal or manipulate your data, use a personal firewall. Most computers will come with a firewall, such as the “Windows Firewall,” already installed. Be sure it is turned on. You may also want to invest in a subscription-based antivirus and malware solution that also includes virus scanning and firewall.

Cyberbullying isn’t just a matter for school officials. It’s also a crime. Report cyberbullying to authorities.

Cyberbullying is a crime. If your child is the target of cyberbullying, you should document everything and contact both your child’s school and the local authorities. This will increase the likelihood that the matter will be dealt with in an appropriate and productive way. It will also send a message to your child that they are protected and that what is happening to them is wrong.

Allowing remote access to your computer could let others use your computer from anywhere in the world.

Keep remote access turned off to protect yourself. The remote access setting of your computer allows others to connect to your computer from anywhere in the world. You should always have your computer set to deny remote access connections. Go to Windows -> Control panel -> System and Security -> System -> Remote Settings and select “Don’t allow connections to this computer” under “Remote Desktop.”

When connecting into the organization’s network from a remote location, use a secure, encrypted channel, like a virtual private network (VPN).

Attackers can steal data in transit over the Internet if the data is not encrypted. To protect data in transit, be sure the VPN is established before sending or receiving information assets. Contact the IT department for more details.

If you are hosting a visitor, be sure the visitor signs in at the front desk and is escorted at all times.

Visitors should also always wear a visitor badge and return the visitor badge before leaving.

To reduce the risk of losing data during power spikes and power failures, use a battery backup uninterruptable power supply (UPS) on your computer.

The UPS knocks down hazardous voltage spikes that could damage your computer, and provides a few minutes of power from the battery to your computer when the power fails. This will give you the opportunity to save your work, close the applications, and shut down your computer cleanly.

New threats are constantly being developed. Protect your home computer and personal devices by automatically installing OS updates.

Home computers, laptops, tablets, smart phones, and other personal devices can be vulnerable to the latest threats if they are not frequently updated. Set your computers and devices to automatically download and install operating system updates as they are released. This will ensure that even new threats will not be a risk.