The most recent SANS Institute Security Awareness Tips
Updated: 2 hours 35 min ago
Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.
Never share your passwords with others, including your supervisor or coworkers. Your password is a secret; it only works if only you know it. If anyone else knows your password, you may be responsible for their actions.
One of the most effective steps you can take to protect your cloud account is to make sure you are using two-step verification. In addition, always be sure you know exactly whom you are sharing files with. It is very easy to accidently share your files with the entire Internet when you think you are only sharing them with specific individuals.
Do you plan on giving away or selling one of your older mobile devices? Make sure you wipe or reset your device before disposing of it. If you don't, the next person who owns it will have access to all of your accounts and personal information.
A common method cyber criminals use to hack into people's computers is to send them emails with infected attachments. People are tricked into opening these attachments because they appear to come from someone or something they know and trust. Only open email attachments that you were expecting. Not sure about an email? Call the person to confirm they sent it.
When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.
If you have children visiting or staying with family members (such as grandparents), make sure the family members know your rules concerning technology that your kids must follow. Just because your kids leave the house does not mean the rules about what they can do online change.
Did you know that according to the Verizon DBIR team, you are 16 times more likely to lose a laptop or mobile devices than have it stolen? When you are traveling, always double-check to make sure you have your mobile device with you, such as when you finish going through airport security, leave your taxi or check out of your hotel.
Every plugin or add-on you install in your browser can expose you to more danger. Only install the plugins you need and make sure they are always current. If you no longer need a plugin, disable or remove it from your browser via your browser's plugin preferences.
Review your bank, credit card and financial statements regularly to identify unauthorized activity. This is one of the most effective ways to quickly detect if your bank account, credit card or identity has been compromised.
When browsing online, encrypting your online activities is one of the best ways to protect yourself. Make sure your online connection is encrypted by making sure HTTPS is in the website address and that there is a green lock next to it.
The number one step for protecting your mobile device is making sure it has a strong passcode or password lock on it so only you can access it.
Bad guys are targeting your social media accounts. One of the most effective ways you can protect them is with a unique, strong password called a passphrase. Enabling two-step verification (if your social media site offers it) is even better.
Never send an email when you are angry; you will most likely regret it later. Instead, when you are emotional and want to reply to someone, open up an email and write everything you feel, but do not send it. (Be sure there is no name in the TO field so that you do not accidently send it.) After you have vented, save the email and come back an hour later. You only want to reply to any type of emotional situation after you have had time to cool down.
Technology alone cannot protect you. Bad guys are constantly developing new ways to get past firewalls, anti-virus and filters. You are the best defense against any attacker.
Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
When you delete a file, that file is actually still on your computer. The only way you can truly and securely remove a file is by wiping it or using some type of secure deletion.
Make sure you have anti-virus software installed on your computer and that it is automatically updating. However, keep in mind that no anti-virus can catch all malware; your computer can still be infected. That is why it's so important you use common sense and be wary of any messages that seem odd or suspicious.
Be aware of all the devices connected to your home network, including baby monitors, gaming consoles, TVs, appliances or even your car. Ensure all those devices are protected by a strong password and/or are running the latest version of their operating system.
Eventually, we all have an accident or get hacked. And when we do, backups are often the only way to recover. Backups are cheap and easy; make sure you are backing up all of your personal information (such as family photos) on a regular basis.