What is Information Security?
Information security is the process of protecting information. It protects its availability, privacy and integrity. Access to stored information on computer databases has increased greatly. More companies store business and individual information on computer than ever before. Much of the information stored is highly confidential and not for public viewing.
Why Information Security Awareness?
These days most businesses are solely based on information stored in computers. Personal staff details, client lists, salaries, bank account details, marketing and sales information may all be stored on a database. Without this information, it would often be very hard for a business to operate. Information security awareness should be practised and implemented to protect this valuable information.
Password Security Tips
- Don’t share your password with anyone.While this seems like a very basic concept, many people don’t consider it a security risk to share or give passwords to co-workers, managers, or friends. Remember your password is the key to your User ID, so don’t let other people have access to it.
- Don’t write your password down.
Passwords considered strong or secure are often too complicated to remember. For this reason, it’s very tempting to write them down. It’s always best to commit your password to memory. However, if you must write something down, jot down a hint or clue that will help jog your memory or store the written password in a secure, locked place.
- Change your password often
Even if you use a strong password, there is still the chance that someone could guess or crack it. For this reason, you should change your password often e.g. after a month. Changing your password not only minimizes the chance that someone could guess or crack your password, it also shortens the length of time that person would have control of your system.
- Use a different password for each of your accounts.
Using a single password for each of your accounts would be comparable to using a single key for your car, your house, and your office. If someone steals your key (or gets your password), they have access to everything. Using multiple passwords requires additional effort on your part (you have to remember more) but it reduces the possibility that someone could gain access to all your information.
- Don’t check “remember my password” boxes.
Numerous applications like web browsers (e.g. Firefox & Google Chrome) offer the option of “remembering” your password. Unfortunately, many of them have no built-in security measures to protect that information. Some programs actually store the password in clear text in a file on the computer. This means anyone with access to the computer can read the password. It’s best to retype your password each time you log in eliminating the possibility that someone will be able to steal or use it.
Desktop Security Tips
- Lock your computer when you aren’t using it.
An unlocked computer is an open invitation to anyone that walks by. It would only take a few seconds for someone to delete important files or access sensitive information. Lock your computer when you aren’t using it and if possible, shut it down when you leave each day. Just press “(WINDOW KEY) + L” before leaving your seat if you are working on windows workstation.
- Use anti-virus software.
Make sure you have anti-virus software installed on your computer and update it regularly. Out of-date anti-virus software will not protect your computer from new viruses.
- Patch and update on a regular basis.
Because hackers are constantly looking for vulnerabilities, it is important to keep your software up to date and patched. Un-patched out-of-date systems are a leading cause of security incidents. Take the time to ensure you have the most recent patches and updates installed.
- Backup important files on a regular basis.
Backup important files on a regular basis and store the backups in a safe place. (Preferably off site.) You can backup files to removable disk or save copies to network shares. Unfortunately, it’s not a matter of if you’ll lose files (intentionally or unintentionally); it’s a matter of when.
Email Security Tips
- Don’t open unknown or unexpected email attachments.
Just because you recognize the sender’s email address (some viruses spread by using the address book of the victim) doesn’t mean that the person actually sent the attachment. In addition, email can easily be forged to appear to be coming from someone you know. If you aren’t expecting it, don’t open it. If you think the attachment may be legitimate, contact the sender and verify that they did indeed send it.
- Don’t reply to unsolicited email messages (SPAM).
By responding, you only confirm that your email address is active. Another thing you shouldn’t do is click the “remove me” link in the message. Links in email can point to an IP address other than the one you think it references. The best thing you can do is delete the message.
- Don’t be an unintentional Spammer.
If you’re like most people, you’ve probably received at least one hoax or chain letter in your inbox. What should you do with the next one you receive? Delete it! Why you ask? Because chain letters and hoaxes have the potential to cause problems (lots of network traffic or just filling up someone’s inbox) and they can also be very annoying.
Security Tips for Laptop Owners
- Always password protect your laptop.
- Remove any unnecessary information from the laptop.
- Only carry the laptop when absolutely needed.
- Make sure the laptop has security software such as anti-virus installed.
- When using wireless connections, be aware of sending confidential data through the air insecurely.
- Don’t neglect physical security. Never leave a laptop or Smartphone unattended unless it’s secured with a physical lock and cable.
Tips When Using Wi-Fi Hotspots
- Always use a client-side firewall, preferably one with both inbound and outbound filtering. Windows XP’s built-in firewall is inbound-only and thus inadequate, while Vista’s firewall adds outbound protection. Most third-party firewalls also do both.
- Guard against unintended hotspot connections by turning off a PC’s wireless antenna when not in use. Most new PCs have an external button to conveniently disable the wireless network, while those without can use Window’s Network Control Panel.
Security Tips while surfing the Internet
The Internet is also inherently insecure. Understanding the risks associated with using the Internet can help reduce this insecurity. The Internet is an open, public, and sometimes anonymous forum.
Try following these guidelines when surfing the Internet:
- DO NOT post confidential personal or organizational information on the Internet.
- Be extra careful when downloading files from the Internet. Make sure that the source is a reputable and trusted one. Verify that an anti-virus program checks the files during the download. If you’re uncertain, don’t download the file at all.
- Be Careful when submitting any information to websites.
- DO NOT install software downloaded from the Internet without prior approval from your organization.
- WiseGeek (dot) com http://www.wisegeek.com/what-is-information-security.htm
- SANSInstitute http://www.sans.org/tip_of_the_day.php#767
- Information Security Handbook By Mark Lotspaih (http://www.lulu.com/items/volume_10/224000/224783/1/print/ISAH.pdf)