Many people feel that information security is out of their hands, especially those in non-technical roles. However, most malicious agents count on this and will attempt to use you to carry out their bidding! There is actually quite a bit that can be done on your end to help keep an environment safe, and below are some tips to keep in mind.
- Keep anti-virus/malware programs up-to-date.
- If your anti-virus/malware programs are asking to be updated, do so as soon as possible. New vulnerabilities are found every day, and the best way to ensure protection is to be up-to-date!
- Ensure regular scans are being run on your machine.
- Some programs will monitor in real-time, meaning that threats are intercepted as they hit your machine, but some need to be started manually. If you have questions about this, contact your IT support and they can help make sure your system is being scanned regularly.
- Do not ignore warnings from your anti-virus/malware programs.
- If a website or file trips a sensor, there is probably a reason! If in doubt, ask an IT support member.
- Be wary of email attachments from unknown senders.
- Even something that seems legitimate such as an invoice or an order form can actually execute malicious code in your system.
- Most email applications and services have a ”blacklisting” feature. Should you find yourself receiving several strange emails with odd attachments, consult your IT staff for assistance blocking these messages.
- Be wary of emails from unknown recipients, especially those that ask probing questions about your organization or someone’s role with the company.
- Many scammers will attempt to come off as a vendor trying to glean information that could lead to a compromise. These people are usually very good at what they do and will come off as having polite conversation.
- This doesn’t even have to be limited to emails. Social engineers will use multiple outlets to glean information, such as social media, phone calls, and even in-person visits to your company site.
- Examples include false on-site technicians, fake LinkedIn/Facebook groups, and phone calls from bogus financial institutions.
- Watch out for your personal email as well. Recruiters are notorious for blowing up our inboxes these days, and social engineers know this!
- Remember, if someone is supposed to be contacting you or coming to your job site, someone else is probably aware. Consult management or the IT staff should you be faced with a questionable situation. Most legitimate vendors will understand the need for you to vet them in this day and age.
- Do not install unauthorized applications within your work environment.
- If it is not needed for your job functions, it’s best not to take the risk. This goes for any add-ons and plug-ins as well. If in doubt, consult with a supervisor or the IT staff.
- Even if you’ve installed said application before, remember that there are many bogus versions of popular software that have been repackaged to include malicious code.
- Browsing to questionable websites is another great way to compromise your system.
- Aside from being against the code of conduct for many companies, sites that advertise adult content or free downloads of any type often contain misleading links that install harmful software.
- Some sites can even execute a download just by visiting them without any actual input from the user.
Remember, the best offense is a good defense. If in doubt, use good judgement and consult with someone in-the-know!
Check out IT Security Managements Tips.