The
SANS Tip of the
Day is a security awareness project -- to educate users on things
they can do to protect themselves. Tips from the project are reprinted
here with permission.
You might try your luck with a random tip or
select a topic from this list:
- Stop! Nobody Sends Email to Dead People!
- If you weren't expecting an attachment, write back and request that sender embeds text in email
- Keep it off the floor
- Get it out of the car
- Treat your laptop like cash
- Treat your laptop like you want to keep it
- When you log out, log out completely
- VoIP: It's a phone, it's a computer, it's...
- 10 Scams to Screen from Your Email
- It's 10 p.m. Do you know whom your kids are chatting with online?
- Don't get hooked by a Phishing expedition
- Don't let spyware control your computer use
- If your personal information is stolen, four steps to take
- If you suspect malware is on your computer — Stop, Confirm, Scan
- Stop. Think. Click: Seven Practices for Safer Computing
- Don't make that call!
- Change that password!
- DO NOT install Microsoft patches or updates sent by email (They are fake)
- Don't Let Personnel Issues Become Security Issues; Terminate Computer Access Before You End a Contract or Tell People They Are Fired
- Don't be duped by Internet Fraud
- Back up your information so you don't join Kroll Ontrack's Top 10 Countdown this year
- Securing your wireless network — priceless!
- Don't Investigate a Security Problem Unless You Are Authorized by the System Owner
- Take time to explore security settings
- Don't be an unintentional spammer
- Do not give your password over the phone to anyone claiming to be from the HelpDesk or Tech Support
- Better safe than sorry: If you're unsure that a file or program is clean, scan it for malware before you open or install it
- If you are a victim of identity theft, report it immediately
- Make sure the site you're ordering from protects your information crossing the Internet
- Revoking security access isn't always enough
- Protect your home wireless networks
- Always lock your computer (by pressing CTRL + ALT + DELETE and hitting "Enter") before walking away from it
- Don't tell ANYONE your password
- Don't reply to unsolicited email messages (spam)
- Don't check "remember my password" boxes
- Can you hear me now? Do NOT trust your cell phone Bluetooth earpiece
- Place a fraud alert to protect against identity theft
- How to spot a phishing email...
- Avoid opening email attachments
- Beware of USB flash drive's autoplay feature
- Be careful with cybercafé computers
- Lock it when you leave it
- It takes two to tango and two firewalls to secure your system
- Change your password on a schedule.
- Make sure your personal information is protected when you do business online
- Use a password in only one place.
- Make your password long.
- A password should be used by only one person.
- Don't enter your password on an untrusted computer.
- Don't tell anybody your password
- Make your password complex.
- Effectively delete files
- Use a password protected screen saver
- Periodically check your credit report
- Outsmart hoax e-mail
- Print out important documents
- Nobody from the Help Desk needs your password
- Shh! Don't say it out loud. The cubes have ears
- Change the combination on opened laptop locks
- Be skeptical and trust your instincts
- Do NOT open unknown or unexpected e-mail attachments
- Remember that any email or instant message you send could come back to haunt you
- Lock your workstation before you leave your desk
- Avoid Ad-hoc wireless networks
- Report or challenge strangers in your office
- When selecting a screen name...make sure it doesn't say too much about you
- Do not allow Internet Explorer to store passwords for you
- Turn off your wireless AP when it's not in use
- See just how "Security Aware" you really are
- Only deal with reputable companies that you know and trust
- Letting Family or Friends Use Your Employer's Computers Can Be Bad for You
- Recycle electronic equipment
- Five Security Tips
- Don't pass on chain messages or send warnings to everyone you know
- Hackers aren't the only threat to your computer
- If you access the Internet from a shared computer, make sure you don't leave anything behind
- People Forget, Computers Don't
- Use anti-virus software
- Don't Let Spammers See Your "Out of Office" Replies
- Don't download files from unknown sources
- Stay safe when buying or selling online
- Always log off your own computer. Do not let anyone else offer to do it for you
- Don't fall for phishing schemes
- Protect Yourself from Identity Theft
- If you download FREE software...Make sure you don't get more than you bargain for
- Never respond to an email asking for personal information
- Protect files with a password
- Don't share your password—even with an assistant or close coworker
- Email isn't the only online communication that has security risks
- Don't Accept Offers of "Free PC Scans" That Pop up When You Use the Internet
- Just because your company's spam filter, virus filter and other defenses let an email through, doesn't mean it's harmless
- Backup important files on a regular basis
- Passwords: Be creative
- Five Ways to Protect against Identity Theft
- Patch and update on a regular basis
- Protect Your Social Security Number
- If you print it, go get it right away!
- Wireless Hotspots...limit activity to web surfing only
- Be Skeptical When You Read Your Email
- Turn off the message preview pane in Outlook or Outlook Express
- Don't click the "unsubscribe" link at the bottom of unsolicited emails
- Always Check Credentials
- Limit the amount of personal information you post about yourself, your friends, and your family
- Think twice before posting pictures of yourself or your family and friends
- Control access to buildings and work areas
- Change your password often
- If you're not sure you've seen an incident, report it anyway
- Don't give away your data when you give away your handheld device
- Paper files Have to Be Protected Too
- Don't leave thumb drives or other small devices lying around
- Don't Trust Links Sent in Email Messages
- Use a strong voicemail password. This helps prevent crooks from hijacking your phone line or voicemail
- Don't Click to Agree without Reading the Small Print
- Don't Let Personnel Issues Become Security Issues
- Secure your Wireless Router
- Keep your password secret
- Shh! Dont say it out loud. The cubes have ears
- Use caution when opening email attachments
- Watch out for shoulder surfers
- If you receive child pornography via email, report it to your manager or IT section immediately
- Connect for good health
- Use common sense when reviewing your email
- Look before you click
- Be better than James Bond
- Don't use unauthorized software
- Avoid spam in your IM email account
- Hey, I know who you are and where you work! It says so right there on your badge
- Check for encryption or secure sites when providing confidential information online
- Do not write your password down and leave it near your computer
- Check and make sure your friend sent that great screensaver
- Use Outlook? Use the Auto-Preview, not the Reading Pane
- If you get up from your computer, lock it!
- Don't buy anything from a spammer
- Read error messages and checkboxes
- Choose a password that's hard to crack
- Don't use information related to yourself as a password
- E-mail is insecure by default because it is more like a postcard, not a sealed envelope
- Do not use the same password for everything
- Avoid default installations
- Don't plug in USB drives that you find lying around. Criminals can use them to steal your data
- Save your files to a network server
- Don't use e-mail to send private messages
- Don't download sets of pictures from the Internet
- Use Google's cached mode to avoid spyware
- Change from a password to a passphrase
