Earlier this year, we shared some computer and networking tips to help you educate your end users on the importance of network security. It’s important to remain vigilant at all times, as malware and spear-phishing attacks continue to rise.
The following are suggested guidelines for end users:
- Don’t visit porn, gambling, hate, or violence sites. These sites are very often infected with malicious software that can infect your machine and cause extreme damage. Don’t visit “clickbait” sites.
- Don’t follow links to Dropbox or other file share sites unless you are absolutely certain they are from someone you know and trust who has sent it intentionally. This site is often a repository for viruses.
- If you get a pop-up window on your device that you don’t recognize, contact your IT team.
- Do not enable macros in a document unless you are absolutely certain it is safe. Some viruses use macros to install.
- Do not open emails or attachments from unknown or unexpected sources. If in doubt, pick up the phone and give them a call to verify the email is legitimate. Don’t participate in chain emails.
- Email addresses can be spoofed, so if you get an email from an employee with an odd request or a financial request, give them a call to verify the email was legitimate. Spear phishing attacks use inside information to add legitimacy to their requests.
- All PCs, mobile devices, phones, laptops, and workstations should be secured with a password-protected screensaver with the automatic activation feature set to 10 minutes or less. Unattended devices should be logged off or have a screen lock.
- If a device is lost or stolen, let your IT department know immediately.
- Don’t put in any music/data CD or plug in any USB/portable drives to your computer that you are given or find. Before you use a USB or any other portable drive, have it scanned it for viruses. If someone on the street gives you a CD, throw it away.
- If you see anything strange or odd happening on your computer, call your IT department immediately! If you suspect your workstation has been infected by a virus, turn off the workstation and call your IT department or Managed Services provider.
- Don’t install any software on any machine or make any changes to the setup of a system without notifying your IT team.
- Don’t plug in or install any device onto the network without first notifying your IT team. Cover webcam lenses when not in use.
- Don’t store any critical files on a laptop unless you know for certain they are backed up and have actually tested a restore.
- Don’t write your passwords down, and don’t share them with anyone. Use phrases you can remember as passwords. Longer passwords are much harder to crack, so make sure your password is at least 8 characters and includes a mix of upper/lower case and numbers/symbols. Don’t use the same password for multiple sites, and change passwords at least every 90 days. Use some type of secure password vault to store your passwords, such as Keepass. Don’t use birthdays, kids/pets names, anniversaries or “123456789” or “Password123” or any other commonly used passwords.
- Don’t give out information over the phone to someone who calls unexpectedly, or you don’t know. If in doubt, tell them you’ll call them back. Get their name, and call the number of their company on their website. Don’t tell your password to anyone.
- Restrict personal information on social media sites. Birthdays, address, cell numbers, family information can all be used by attackers.
There are many more complex ways you can protect your network and data. By outlining these simple procedures, you’re proactively working to avoid any malware attacks or viruses for your network. For more information about our Managed Services, contact Carolinas IT today.
4 Ways to Protect Yourself From Ransomware Attacks
Best Practices for Password Use