General Recommendations
Main Content
GENERAL RECOMMENDATIONS
You wouldn’t give a thief…
- The keys to your house
- The keys to your car
- Your bank account or Social Security Number….
Would you?
So why would you allow a hacker access to confidential information on your computer? Confidential information such as…
- Credit card numbers (stored on your computer when making on-line purchases)
- Bank account numbers (stored on your computer when doing on-line banking)
- Your Social Security Number
- Your drivers license number
- And more...
Hackers are like the proverbial “thieves in the night”. They strike without warning and the damage is done before you even know they are there.
Protecting Your Sensitive Data: The Big Three
There are several avenues used to gain illegal access to your computer and the sensitive data on it. Computers can become infected with viruses and malware which can steal your sensitive data. Infections are often the result of software that is not patched. Software vendors write programs with the best intentions, but later find that their programs can be exploited by the criminal element to allow access to your computer. As a result, the software vendors write supplemental programs called patches that fix the vulnerability in their programs.
What is sensitive data? Examples include,
- Social Security Number
- Credit card numbers
- Checking or savings account numbers or other financial account numbers
- Passwords
- You name
- Your address
- Driver's license number
- Health information
These are just examples. Other information about you can be sensitive in one way or another. So how do you deal with these threats? There's three things you need to consider when thinking about computer security:
1. Software Updates - All software on your computer should be up-to-date with the most recent patches. This includes the computer's operating system and all third party applications. Examples of operating systems include Windows Vista, Windows 7 or Apple OSX. Examples of third party applications include Adobe Reader and Flash, Java, Microsoft Word, etc.
a. How to update your Windows operating system (must be using Internet Explorer); click here
b. How to update your Apple operating system; click here
c. The Secunia PSI or Personal Software Inspector is a great tool that tells you which of your third party applications need to be patched. To download the Secunia PSI; click here
If you need assistance with securing your computer, please contact the SalukiTech at 453-5155.
2. Social Engineering - Social Engineering is a fancy term for trickery. Trickery comes in all shapes and sizes. Oftentimes trickery comes in the form of an e-mail that wants you click on something; something like an attachment or a link. The attachment or link typically SEEMS to be harmless, but contains programming code that exploits vulnerabilities in your computer's operating system or a third party applications.
How do you know when an e-mail is legitimate and when it's social engineering? There are several questions that you can ask yourself that should lead you to an appropriate answer to this question.
- Does the e-mail have sentences that are nonsensical? If so, don't trust it
- Does the e-mail ask you for private or sensitive information? If so, don't trust it
- Does the e-mail make promises that are too good to be true? If so, don't trust it
- Does the e-mail attempt to evoke an emotional response? If so, don't trust it
- Do you know who the e-mail is from? If so, AND one of the above apply, don't trust it
- Do you know who the e-mail is from? If not, don't trust it
Tip - Can you verify the validity of the claim(s) made in the e-mail? For example, if your bank is asking you to change your password, can you call your bank to verify? If so, definitely verify first.
Tip - Businesses, financial institutions, universities, etc. typically won't send you an e-mail stating that you need to change or password or submit sensitive information (i.e. your checking account number). They may send you and e-mail stating there is a problem and that you need to call their office. Be sure you are calling their office and not some other number.
Tip - Google it or ask your local computer geek! If the e-mail seems suspicious or too good to be true; enter the subject line or the wording in the body of the e-mail into the Google search engine. The results will often tell the real story. If you're not sure, ask somebody for input. There's typically a computer expert in every workplace; ask them for help.
Read here for how an SIU student was tricked into sending money overseas.
3. Encryption - If you must have sensitive data on your computer, encrypt it! Encryption is simply the process of making the sensitive data unreadable to anyone but you. Encrypting your sensitive data in a Microsoft Word or Excel file is easy to do. To learn more about encryption, click here.
Protect your sensitive data. Protect YOURSELF!
Learn more by clicking here