Computer Security Handbook, Part 6 - Tips of the Trade

The most important lesson to remember from security awareness is that Security is everyone's responsibility. Everyone has a personal responsibility to protect information resources. Here are some tips to increase your security awareness:

• Do not share your user ID and password with anyone (hacking often begins with someone posing as tech support requesting your password).
• Do not choose passwords that are easy to guess
• Choose passwords with a combination of both letters and numbers.
• Do not use your access privileges to enable others to access information.
• Do not write down your password and tape it to the bottom of your keyboard.
• Always change the initial password assigned to you by the administrator.
• Change your password frequently.
• If you suspect someone else knows your password, change it immediately.
• Don't leave your terminal unattended while logged on to sensitive information.
• If you are going to be away from you desk, lock your workstation with a password.
• Lock up diskettes with confidential/sensitive information.
• Treat email as private communications.
• Be careful when addressing email (be sure who you're sending it to).
• Since e-mail is subject to spoofing, use common sense when assessing message validity.
• Don't put anything in e-mail you wouldn't put on a postcard.
• Presume any message sent over the Internet is available to the public.
• Use a shredder when disposing of confidential and/or sensitive information.
• Challenge strangers in your work area
• Report all suspected security incidents
• Beware of virus hoaxes. Check http://hoaxbusters.ciac.org/ for info on virus hoaxes.

Understand the importance of our information and protect it accordingly. The Office of Information Technology encourages suggestions for information resource security improvements. Let us hear from you.

<<PREVIOUS       NEXT>>