Computing devices can become infected with viruses, trojans, spyware or malware, whether through phishing emails, malicious links, and infected thumb drives or other methods. Infected computers can be a problem for both organizations and individuals. Most compromised systems are a result of carelessness or a lack of the requisite know-how information that is needed when it comes to securing your information on work or personal devices. These includes, desktop PCs, laptops, smart phones, tablets, smart televisions, smart cars, or any other connected device.
It is for this specific reason that users must update themselves with the right information when it comes to protecting your work or personal devices. The following outlines the Dos and Don’ts of information security on any connected device.
1. Do not open emails from unknown sources.
2. If the email has a familiar header but a suspicious message. Delete the message immediately.
3. Always check the actual email address that is in the message header. If the message name has a different label from the actual address, then the email is a phishing message, delete immediately.
4. If you receive an email from a known email address but have a suspicious message or message links, delete the message immediately.
5. Be careful when accessing a your on-line accounts on a public network. You might compromise your access credentials.
6. Never share your access credentials for your online resources with anyone else.
7. Always use a security utility application for electronic security protection.
8. Always seek verification information on mobile apps before installing them to your device.
Hackers with malicious intent are always trying to infiltrate computer systems or user accounts. Access to these resources usually yields information such as financial statements, access to banking resources, and other asset information belonging to an organizational or an individual.
We urge account holders to avoid clicking on any or all unknown links and/or files sent via suspicious sources. We also urge account holders who think that they may have been victimized by cyber-crime to report it to the cyber-crimes division of your local law enforcement agency.
Passwords are used for various purposes, some of the more common uses include: user-level accounts, web accounts, email accounts, screen saver protection, voicemail, and local router logins. Everyone should be aware of how to select strong passwords.
• The password contains less than eight characters
• The password is a word found in a dictionary (English or foreign)
• The password is a common usage word such as:
• Names of family, pets, friends, co-workers, fantasy characters, etc.
• Computer terms and names, commands, sites, companies, hardware, software
• Birthdays and other personal information such as addresses and phone numbers
• Word or number patterns like aaabbb, QWERTY, zyxwvuts, 123321, etc.
• Any of the above spelled backwards
• Any of the above preceded or followed by a digit (e.g., secret1, 1secret)
• Contain both upper-and lower-case characters (e.g., a-z, A-Z)
• Have digits and characters as well as letters (e.g., 0-9, !@#$%^&*()_+|~-=\`{}[]:”;’<>?,./)
• Are at least eight alphanumeric characters long.
• Is not a word in any language, slang, dialect, jargon, etc.
• Are not based on personal information, names of family, etc.
Passwords should never be written down or stored on-line. Passwords should be easy to remember, such as a favorite song title, affirmation, or other phrase. For example, the phrase “This May Be One Way To Remember” could become the password TmB1w2R! or Tmb1W>r~ or some other variation.
NOTE: Do not use either of these examples as passwords
Do not use the same password for vpajathinktank.org or sub-domain accounts and other work or non-work related access points (e.g., personal ISP account, option trading, benefits, etc.). Do not share passwords with anyone, including administrative assistants or secretaries. All passwords are to be treated as sensitive, confidential information. In the handling of passwords:
• Never reveal a password over the phone to anyone
• Never reveal a password in an email message
• Never reveal a password to the boss
• Never talk about a password in front of others
• Never hint at the format of a password (e.g., “my family name”)
• Never reveal a password on questionnaires or security forms
• Never share a password with family members
• Never reveal a password to co-workers while on vacation
Passphrases are not the same as passwords. A passphrase is a longer version of a password and is, therefore, more secure. A passphrase is typically composed of multiple words. Because of this, a passphrase is more secure against “dictionary attacks.” A good passphrase is relatively long and contains a combination of upper-and lower-case letters and numeric and punctuation characters. An example of a good passphrase is: Th3WeatherInN3eY0rk!s@m@zing. NOTE: Do not use this example as passphrase.
In the event that you have forgotten your password, use the system’s password reset or forgotten utility link and have your password reset/changed immediately.
If you suspect your account or password has been compromised, immediately change your password and check for unauthorized activity on your account.