While software and hardware security solutions can protect users from most malicious content, there is no 100% fool proof solution. This is why it is becoming increasingly more important to train your end users to browse and email smart and safely. Here are some tips to make sure your employee's are browsing and emailing with your company's safety in mind.
Create Strong Passwords and do not share them.
- Accounts with strong passwords are less likely to be compromised. Use strong passwords made of long phrases or sentences. Mix capital and lowercase letters as well as numbers and symbols for increased security.
- Don't disclose passwords to co-workers or anyone outside the company.
- Use a unique passwords on each account you access and change them regularly.
Be cautious of malicious software via email and websites.
- Be aware of attachments and files before downloading them.
- Be sure you know the sender or website you are about to access files from is legitimate.
- If you are unsure if an email from a coworker is legitimate, contact them directly to confirm. Malicious software can be passed via email from anyone, not just external sources.
- When accessing websites always confirm the URL you are accessing. Be cautious of fakes such as www.micrsoft.com or www.facebook.com
Avoid Phishing scams.
- Scammers may pose as customers, suppliers, or sometimes even fellow employees
- Some phishing scams can be more elaborate; cloning legitimate banking, email, or social media sites to trick people into entering their account information. Always be aware of the address bar when logging in and verify the URL is correct.
- Never give out any sensitive or confidential company information to an untrusted source
Be extremely cautious when using public wireless networks.
- Always confirm the exact spelling of the wireless network you are connected to.
- Never make financial or other sensitive transactions over public Wi-Fi
- Whenever possible use a VPN or encryption when connected to public Wi-Fi networks to improve security.
In the case of lost or stolen devices
- Report immediately to security or management
- Change all passwords used to access accounts on the device.
- Contact ICS for assistance to remotely wipe data from smart phones and other devices when possible.
A little education can go a long way in preventing destructive end user behavior. Make sure your employee's are aware of and follow these preventative tips to improve your company's cyber security.