Issue link:

Contents of this Issue


Page 0 of 3

SAFEGUARDING YOUR SECURITY AND PRIVACY AT WORK AND AT HOME NEWSLETTER FALL 2018 FALL 2018 SECURITY SMART 1 9 Security Strategies Your Company Wants You to Know 1 Understand your employer's acceptable use policy. There's a right and wrong way to use that sweet lap- top your IT people just handed you. This policy explains the rules governing all company-owned devices, includ- ing guidelines for personal use, email, passwords and online activity. 2 Learn about patches. Unpatched software is one of the top reasons companies become compromised. Ask your IT department what the company expects of you terms of installing patches. Who does it? How often? What should you not do? 3 Beware of social engineering attempts. This is when a hacker targets a person at company to get him or her to do something that will give the hack- er network access. In short, it's a con game, and the cons can be attempted over email, through a website, over the phone and by text message. 4 Create good passwords. They should be at least eight characters and not be so common that they can be easily breached (no "password" or "qwerty"). Use unique passwords for every site and service; don't share be- tween sites. Make sure password "reset questions" don't contain answers that are easy to find (such as your mother's maiden name). 5 Be careful with email. Most digital maliciousness starts with an unsolicited email that contains either a file attachment or malicious link, asking the recipient to click or open. Be skeptical of any unexpected email. Don't click on a file attachment you didn't know was coming—call the sender first to confirm its source. Never click on any unexpected internet link. Report suspicious emails to IT. 6 Use browsers safely. Ensure that your browser is fully patched against critical security vulnerabilities. Don't install unnecessary add-ons without approval. Don't surf the internet using a highly privileged account. Never run unexpected executables that are pre- sented in a browser. 7 Protect data. Make sure any data you collect in the line of duty is gath- ered and used lawfully and is disposed of according to company policy when it is no longer needed. Encrypt all confidential data when it is at rest and during network communications. Label data according to its sensitivity or criticality (e.g., top secret, secret, confidential, public). Know what proto- cols and documentation your company requires for sharing data. 8 Lock your screen(s). Leaving a computer available to anyone can cause damage to your identity or company. At the low end of risk, a mischievous co-worker might send a joke email on your behalf. But worse things have happened. Unlocked computers and devices have caused serious reputational damage to unwit- ting companies and users. Always lock your devices when leaving the vicinity, and make sure they need authentica- tion to be unlocked. Inactive devices should lock themselves after less than 10 minutes. 9 Report suspicious incidents. The mantra "If you see something, say something" applies as much in the digital world as in the real world. As an employee, your organization is counting on you to be a warrior in the battle to protect its virtual perimeter. Here are some tactics that will help your side win. For more information on staying safe online here at BSU or at home, contact

Articles in this issue

Links on this page

Archives of this issue

view archives of BSU - Security_Smart_Fall2018_Bridgewater