Protect your data with regular backups. External drives and off-site backups will ensure data is protected.
Many things can lead to a loss of the data on your home computer. Fires, floods, earthquakes, and even something as simple as a damaged hard drive could erase all of the information you have. Protect yourself in your home with an external drive and protect yourself off-site with web backups or cloud backup solutions. Remember that your backups should be password protected and encrypted just like your computer is.
Social engineers’ prey on the good-mannered. Don’t be afraid to say no.
Social engineers try to convince people to do things by preying on their urge to be good-mannered and polite. If someone asks you to give them personal information or to give them access to confidential information, don’t be afraid to be direct and say no. A social engineer encounter can be through telephone, email, or even in person. Anyone suspicious should be denied access until you can verify their identity.
Pay attention to your mail. When identity theft occurs, your mail may stop coming.
You need to be vigilant about the possibility of identity theft. If you have noticed that much of your mail has stopped coming, an identity thief might be after you. A common tactic is to file a change of address so that they get all your mail; they can then piece together information about you from the mail that they receive.
Never open suspicious emails; opening them may cause system damage.
Suspicious emails often contain programs that will harm your computer system if you open them. Rather than inspecting a suspicious email, delete it right away. There are many ways you can identify a suspicious email: it may come from a stranger, be riddled with grammar issues, or urge you to open a file or link. You should also ensure that your virus protection is automatically scanning the emails you receive for additional system security.
Protect your kids online: place your children’s computer in a public area so you can keep an eye on them.
Despite how responsible your children are, don’t give in to their requests to keep computers in their bedrooms. Always place your kids’ computers in a public area, such as the living room or family room. Position the monitor so it faces outward, enabling you to shoulder surf and see what’s going on. Check browsers search history to keep tabs on the content your kids are accessing.
It’s important to protect your passwords. If you suspect your password has been compromised, change it.
Your password may be compromised if you view multiple sign-in failures on your account, if another account that you use the same r a similar password to has been accessed by someone else, or if you notice strange activity on your account. If your password has been compromised, all of the data it leads to has also been compromised. It’s very important to change your password if you believe that someone else has accessed your account. Make sure that your new password is completely unique.
Links may not go where they seem to go. Hover over them to see their true location.
A link can appear to go anywhere, but it may not always go where it says it does. Move your mouse over a link without clicking on the link to see the actual address of the site. If the address differs at all from your expectation, you should not click on the link. If you do not see a tool tip or a status that displays the link address, you can right click and copy the link and then paste it into a text file to see where the link leads.
Mobile devices with old operating systems may be vulnerable. Always ensure that your mobile OS is updated.
Old operating systems on mobile devices could be vulnerable to old security issues. Mobile devices often contain sensitive or confidential information that needs to be secured. If your mobile device asks you to update your operating system, you should do so as soon as possible. You can also go into your mobile device’s settings and set it to update itself automatically.
Keep digital copies of important documents as you travel. If your documents are stolen, you will have a copy.
When you’re traveling, you should scan all of your important documents and keep them in an email folder. You’ll be able to access your important documents even if you lose your documents or they are stolen. An email address can be accessed from anywhere, unlike local files that you might store on a mobile device. You can also keep documents encrypted on a cloud file server.
Never bring sensitive information into shared meeting areas.
Shared meeting areas can be very vulnerable to insider threats. Do not bring sensitive information into shared meeting areas such as conference rooms. Only bring the data you need for each meeting to reduce the possibility of risk exposure.
Jailbreaking a phone compromises its security features. Never jailbreak or root a phone.
Jailbreaking a phone is the act of removing or compromising a phone’s preinstalled operating system so that you gain complete control over the phone’s settings and the applications on it. Jailbreaking can be dangerous because it will turn off many of the security features that are on the phone. When you jailbreak your phone, you will no longer be able to get security updates from the phone’s manufacturer. Phones contain a tremendous amount of personal and sensitive information and must be protected at all times. To keep your data safe, you should never jailbreak or root a phone.
Sticking out makes you a target. When traveling, try your best to blend in with the locals.
Thieves, pickpockets and con artists will often try to pick tourists out of a crowd. Avoid any telltale signs that you’re a tourist when you travel abroad, such as bright new sneakers, fanny packs or large cameras slung across your neck. Instead, try your best to dress casually or in the same fashion as the locals. If you are approached by a stranger while traveling, keep your guard up.
Robbers often case their targets first. Avoid putting high value items such as computers in view of windows.
Putting expensive items such as desktop computers or laptops close to your windows may increase the likelihood of break-ins. Having high value items next to windows makes it easier for a thief to grab them quickly and can make you a target. When possible, keep any windows that face the street covered with blinds or drapes and keep high value items away from these windows. Make sure your windows are always closed and locked when not in use.
It’s easier to reverse charges on credit cards. Always use a credit card rather than a debit card for transactions.
Credit card companies can easily reverse fraudulent charges. It is much harder to get a transaction on a debit card reversed because the bank will need to replace the cash taken from your account. While the transaction is processing, you will be without these funds. If you want to protect yourself from the possibility of fraudulent charges and avoid this inconvenience, you should always use a credit card for transactions. Debit cards should only be used to access cash from an ATM.
Social media information can be used by identity thieves and for other malicious purposes. Only allow friends to view your posts.
Social media accounts can reveal quite a lot about you and this information could potentially be used by identity thieves and others with malicious intent. You can counter this by altering your social media privacy settings and by only adding people you know to your friends list. Set your account profile and posts to only be visible to your friends, not the public and not “friends of friends.” The “friends of friends” setting could leave you vulnerable in the event that one of your friends accidentally adds someone they don’t know to their friends list.
There are “bad neighborhoods” on the web. Protect yourself & your workplace visiting sites you trust.
Online “bad neighborhoods” are websites which have questionable content, including malicious programs and viruses. You can easily stumble into a bad neighborhood by visiting unknown sites. When at work, you should only go to the sites you to need to in order to complete your duties. This will reduce the risk you may subject your work computer to viruses or other malicious material.
Social engineers may use your personal data against you. Never trust anyone without appropriate credentials.
Social engineers are individuals who will call you and pretend to be either within your organization or with a service that is attempting to work with your organization. They will often pretend to need confidential information from you and will claim to have the clearance to access this information. A social engineer might call and say that they are troubleshooting your web service and need an administrative password; they may use your social media to determine your position within the organization. Never give out any information to anyone without verification of their credentials from management.
Never write down your password. Create a password you can memorize.
When writing down your password, you leave yourself open to anyone who has physical access to the location that you have stored our password in. Rather than writing down a password, make sure that you have created a password you will remember. Use password reminders and challenge questions to help you in the event that your password is forgotten and needs to be reset.
Any link can be dangerous. Avoid links unless they are from a trusted source.
Clicking on a link can bring you to a virus or other malware. You should never click on a link unless you are certain they have come from someone you trust. This includes links on websites, in emails, or sent through instant messages.
Sensitive data can be overheard. Do not give sensitive or confidential information over the phone in public.
If you need to give any confidential or sensitive information to someone over the phone, first ensure that you cannot be overheard by anyone else. Never discuss confidential organization data or personal, sensitive information while in a public space.
USB cords are used for more than charging. Only charge devices on trusted computers.
A USB cord can be used to transfer data as well as charge a device. Whenever you connect a device to a computer, both the device and the computer may be compromised. If you have a device that charges through USB, only connect it to trusted computers. Connecting such a device to a public computer could represent a security risk. You can also purchase an adapter that will allow you to charge the device directly in an electrical outlet.
Clutter makes it more difficult to secure physical documents. Adhere to the clear desk policy.
The more you have on your desk, the more likely it is that you have sensitive or confidential data that is not properly stored. Make sure that your desk is cleared at the end of every day to ensure the security of sensitive documents. Never keep sensitive or confidential documents out when they are not necessary: keep them stored whenever you are not actively using them.
Phishing tactics may direct you to fake contact information. Make sure the number you’re calling is legitimate.
Before trying to contact your bank, credit card company, or other financial institutes, make sure that you are calling the right number. Phishing tactics may offer contact information that appears to be legitimate but truly leads to them. Look at your most recent bank statement or the back of your credit card to find the correct contact information. Otherwise, you may be contacting someone who is interested in stealing your personal data.
Kids need protection online. Monitor the sites they are viewing.
There are many things on the Internet that may not be safe for a child to view. Use child safety software to track the websites that your child goes to and check them on a regular basis. You may also view their web history, but know that web history can often be altered by a technology savvy child. Discuss any problematic sites with your child and explain to them why they should not be viewed. You can also move the computer into a public space to ensure that you are always aware of what your child is viewing.
Public cloud storage can be hacked. Secure your data with encryption.
Public clouds can be vulnerable to hacking because they are easy to access and often used by many individuals. Do not store any of the organization’s data on public cloud storage without permission. Any data you store on a public cloud should be encrypted.
Social media is public information. Never post confidential, sensitive, or trade secret information.
Information on your social media accounts can be released to the public even if you have a private account that is only accessible to your family and friends. Never post or share confidential, sensitive, or trade secret information on your social media accounts or anywhere else on the web.
Older browsers may have security issues. Only use the latest version of a browser.
Any old web browser may have unpatched security issues that have since been discovered. Only use the latest version of a browser to access the web. Set browsers to auto update to the most recent version so your computer is protected from new exploits.
Learn to identify suspicious emails. Vague introductions and typos are common in phishing & malware.
Emails with an unprofessional appearance are often not legitimate and should be discarded. This includes: emails that have a generic header, such as “Dear Client,” emails that contain a large number of typos, and emails that are generally not formatted in a professional manner. Any links or attachments in these emails should be ignored and avoided.
Physical documents may also be at risk. Protect paper documents.
Paper documents can be even more easily accessed, copied, or used for malicious purposes than digital files. Make sure that documents are always stored safely and that they are shredded when they are to be discarded. Do not keep sensitive or confidential paper documents in an open area where they can be accessed; put away any of these documents at the end of the day. A copy of a confidential or sensitive paper document must be treated the same as the original document.
Anyone can view your screen in public. Do not view sensitive information where others can see it.
Shoulder surfing is a practice by which others attempt to view your screen over your shoulder. You may not see someone doing this. You should be very careful not to display any sensitive or confidential information where other people can easily see it. If you need to work on any sensitive data in a public location, make sure that your screen is facing a wall and that there are no reflections in which it could be viewed.