TIP SHEETS

Are you having trouble keeping track of all the information you've learned so far? Don't worry, we're here to help. We've developed several tip sheets for you to look at whenever you have a security question or want to remember something you forgot about. Our tips are simple, but effective. Print them out and bring them to the office, your school or give them to friends. It's just another way to help "Take a Bite out of Cyber Crime."

Hardware Security Tips
Download PDF version

Desktop and Laptops

• Require a user account password to login to your system: By enabling password based authentication you make it harder for someone to get into your system.

• Don’t insert untrusted media into your system: CDs, DVDs and USB drives can contain malicious code like viruses, worms and trojans. Simply inserting a contaminated piece of media can cause this code to run and infect or disable your entire system.

• Supervise others you allow to use your system: People all have their own agendas. Keep this in mind. Don’t let anyone you can’t fully trust use your system. Never give strangers access to your system. Dangerous activity can occur quickly and easily.

• Use a cable lock to secure your laptop: Leaving your laptop unsecured when unattended can result in theft. A simple cable lock makes it much more difficult to steal.

• Apply latest software updates: Keeping the system hardware and software code updated is always a good practice since security functionality is usually updated as well.

• Advanced BIOS password protection: Enable a BIOS password when your computer first starts up. This makes it much more difficult for intruders to change your system settings, boot order, and such. But remember, if you forget the password, you won’t be able to start your computer.

• Advanced protection for Intel-based PCs: enable the XD Bit: The XD Bit (Execute Disable Bit) provides an extra layer of protection for the operating system. It segregates memory into executable and non-executable data storage, allowing greater security.

Portable Media: USB flash drives, CD/DVD discs and external hard drives

• Use password protection if available: Many new storage devices have password protection available. Use it to deter unauthorized access to your data.

• Encrypt sensitive data: When you cannot afford to let an unauthorized person access your data, protect that data with reputable encryption software.

• Secure your CDs, DVDs, USB and other external data drives: Protect your electronic data storage devices from theft or tampering. Portable media are attractive means of transmitting malicious programs like viruses and are goldmines for data thieves.

Cellular Phones, Smart Phones and PDAs

• Enable the device password: By password protecting access to your phone, you reduce the risk that somebody will access your data or make expensive calls at your expense. Even if you have an unlimited calling plan, it would not be hard to run up thousands of dollars in 900-number charges.

• Apply latest software updates from your cellular provider: These updates typically include fixes of known problems including security vulnerabilities. Check regularly and apply these updates promptly.

• Use care when downloading other software: Regardless of the platform, it is always important to only run software from reasonably trustworthy sources. Think of this as the cyber version of not taking candy from strangers.

• Keep your device locked up and out of sight: You wouldn’t leave your wallet unsecured, so protect your electronic devices the same way. Aside from the replacement cost, consider the value of the data you carry and also the potential of fraudulent phone calls.

• Keep Bluetooth turned off: Don’t make your Bluetooth device visible to others. Turn on Bluetooth only when needed for a specific task. Turn it off when done. These simple practices protect your device from being remotely accessed by prying eyes.

For the Home User
Download PDF version

• Install anti-virus software: Digital bugs are still the most common and damaging threat to most computers, and they require a solid defense.

• Get a spam blocker: Spam doesn’t just mean annoying ads anymore—it introduces all kinds of new threats, such as phishing scams.

• Guard against spyware: Obtain reliable anti-spyware software. Crooks want to know what you’re doing online and they’ll use that information in harmful ways.

• Build a firewall: Don’t worry, it isn’t hard to do. A firewall is just a digital barrier that keeps hackers out. They exist on most operating systems, so make sure yours is turned on. If you don’t have a firewall, you can download one.

• Create penetration alerts: Set all of the above defense software to notify you when suspicious activity is occurring.

• Setup effective encryption keys on your wireless home networks: Always use long, automatically-created network encryption keys and rotate them regularly. You can also find wireless protection software that can walk you through this process.

• Install security patches: New vulnerabilities are regularly exploited in many software platforms. You should check for and install updates on all software you use.

• Backup important files: No amount of protection is a guarantee, so take preventative steps to save your data before it can be damaged.

• Always watch for Internet scams: Online criminals always think of clever new ways to rob you. Don’t get lured in by emails telling sad stories, making unsolicited job offers or promising free money.

• Take care when shopping online: Look for indicators that the site is secure, like a small lock icon on your browser's status bar, a trusted seal like those from VeriSign or TRUSTe and a website URL that begins “https” (that “s” stands for “secure”).

• Don’t open unknown email: If you have no idea where an email comes from, take the safe course and delete it before opening it.

• Treat IM seriously: Attacks can come through instant messaging programs as easily as they can through other channels. Treat it just as you would email and stay on guard from nasty files.

• Beware of file sharing: Make sure you scan shared files for viruses. Also, set up the file sharing software carefully and take the time to read the software’s User Agreement to be clear about any side effects that may be built in.

• Create smart passwords: Your online and computer passwords should be at least 8 characters long and incorporate letters, numbers and symbols. Use different passwords for different accounts, change them every 90 days and never share them with anyone.

For the Home User With Kids
Download PDF version

• Parents, educate yourselves first: Know about online predators, financial scams, viruses, cyber-bullying and the pervasiveness of pornography on the Internet.

• Talk to your child: Open communication between parents and children is important to keeping your kids safe. Ensure that they can talk to you about things on the Web that make them feel uncomfortable.

• Monitor your children: Consider options like sharing an email account, checking your browser’s history, keep the computer in a common room and maintaining access to your kids’ accounts.

• Recommend kid directories: There are a number of search sites geared for children. Others are targeted at teens.

• Parental control software: One option is to purchase software that establishes computer user time limits and controls access to sites, games, chat, and file sharing. It can be adapted to offer different levels of control for different ages of children.

• Install the right defensive software: Make sure you have quality anti-virus, anti-spyware, spam blocker, and a personal firewall, and keep security patches up-to-date.

• Carefully select mobile devices: Look for digital device models that are "child-safe," which often don’t provide camera or Web access. Some child-safe phones even let parents limit the numbers the phone can call.

Tell The Kids

• Don’t give out personal information: Make sure to never give out your name, email, home address, phone number, account numbers, Social Security number, picture or any other personal information.

• Look out for Internet scams: Online criminals think of clever ways to rob you. Don’t get lured in by emails telling sad stories, giving away money or promising fun times.

• Take care when shopping online: Check with your parents first and then only buy from trusted online stores.

• Don’t open unknown email: If you have no idea where an email comes from, take the safe course and delete it before opening it.

• Treat IM seriously: Instant messaging is fun, but there can be dangers too. Treat IM just as you would email and stay on guard from strangers and unknown files.

• Beware of file sharing: Discuss file sharing with your parents first and if they’re okay with it, make sure to scan your downloaded files for viruses.

• Create smart passwords: Your online and computer passwords should be at least 8 characters long and include letters, numbers and symbols. Use different passwords for different accounts, change them every 90 days and never share them with anyone.

For the Business User
Download PDF version

• Install anti-virus & spyware software: Digital bugs and spies are the most common and damaging threat to business computers, and they require solid defenses. Set the software to update virus/spyware definitions regularly and automatically.

• Get a spam blocker: Spam doesn’t just mean annoying ads anymore—it introduces all kinds of new threats, such as phishing scams.

• Build a firewall: The digital barrier keeps hackers out and luckily it exists on most operating systems. Make sure yours is turned on. If you don’t have a firewall, you can download one.

• Setup effective encryption network access keys: Always use long, automatically-created network encryption keys and rotate them regularly.

• Install security patches: New vulnerabilities are regularly exploited in many software platforms. You should check for and install updates on all software you use.

• Backup important files: No amount of protection is a guarantee, so take preventative steps to save your data before it can be damaged.

• Safeguard your brands and logos: Stay vigilant to make certain that your company’s trademarks or image are not being used in a “Phishing” or “Pharming” scam, where others hijack your customer’s trust and manipulate it for their gain.

• Act quickly if infected: Even if you only suspect your computer has been infected with malicious code, contact your IT personnel immediately – if that’s one of the hats you wear, then unplug your computer from the Internet and run a virus scan right away.

• Always watch for Internet scams: Online criminals think of clever ways to rob you. Don’t get lured in by emails making unsolicited job offers, telling sad stories or promising free money.

• Take care when purchasing online: Look for indicators that the site is secure, like a small lock icon on your browser's status bar, a trusted seal like those from VeriSign or TRUSTe, and a website URL that begins “https” (that “s” stands for “secure”).

• Don’t open unknown email: If you have no idea where an email comes from, the safest course is to delete it before opening.

• Treat IM seriously: If your business uses instant messaging treat it just as you would email and stay on guard from dangerous software.

• Create smart passwords: Your online and computer passwords should be at least 8 characters long and incorporate letters, numbers and symbols. Use different passwords for different accounts, change them every 90 days and never share them with anyone.

• Teach your employees & colleagues: Form an army against computer criminals by passing on this tip sheet… and Take a Byte Out of Cyber Crime.

• Tight E-Commerce: If your company provides online buying, be 100% sure there aren’t flaws on your website that hackers can exploit to steal your customers’ data. An Internet infrastructure services company like VeriSign can help with this.

Wireless Networking & Public Computing Tips
Download PDF version

Home Networking Equipment: Broadband Routers, Wireless Access Points

• Change the default name of your network: All home networks come with a default SSIDs (Service Set Identifiers). They’re available to everyone on the Internet, so change your SSID to a name you’ll know but others won’t. Set your system not to broadcast the SSID.

• Use a hardware-based firewall: Buy a broadband router that includes a built-in firewall, even if your broadband provider doesn’t include one with the service package. This simple control protects you from the constant torrent of malicious traffic on the Internet.

• Secure your wireless network with WPA or WEP: All major brands have either WPA (Wi-Fi Protected Access), which is best, or WEP (Wired Equivalent Privacy) for security. Enable one of these security features.

• Apply latest firmware updates: Updating network equipment always seems to be missed when it comes to security of the home network. Keep your firmware current and you can better protect computers and devices connected to your home network.

• Change default administrative passwords: Just like default SSIDs, default passwords are available on the Internet. Change yours to keep unwanted people out of your home network. And remember, a good password is one that can not be easily guessed.

• Turn your gear off when not in use for extended periods of time: If you only use your home network for a few hours a day, keep your gear powered down. Aside from being energy efficient, this reduces your exposure to Internet-based threats and people who might want to borrow your broadband connection.

• Review who’s using your network: Many newer devices keep track of what systems are connecting to your gear and what they’re doing. If you see something unusual, consult with someone you trust who can help you understand the activity.

Public Places

• Don’t leave valuable hardware unattended: Coffee shops, wireless hotspots and public places are prime targets for thieves. Unless someone you know and trust has agreed to watch your system, take it with you. The hassle of packing it up is a far less than the loss of the system and the data contained on it.

• Security in the car: A car seat is never a good place to leave a laptop or mobile device. If you must leave a device in the car, put it in the trunk or the glove compartment, or hide it under the seat. If possible, secure your device out of sight before you arrive at a public parking lot.

• Watch out for “shoulder surfing”: Some people will spy on your screen from behind you. Be conscious of your surroundings and consider using a privacy screen, a thin plastic cover for your laptop screen that hides it from others.

• Use care when entering passwords on your laptop: Be aware of your surroundings and make sure nobody is watching what you type.

• Be VERY careful using public networks: Remember that hackers can tap into wireless signals much more easily than they spy on wired networks. So when using public networks, use virtual private network (VPN) software to secure your communications. If you can’t use a VPN, then avoid entering any personal information, including credit card data.

• Securing email on WiFi networks: If you’re going to be using email on a public WiFi network, be sure that your email login and email transfer program uses Secure Socket Layer (SSL) encryption. Your email program provider can help you with set up.