14 Security Best Practices to Get Secure

On January 16th, PC after hours shared security best practices at a Transform Minnesota Ministry Equip training.

Five Tips to Block Phishing Attacks via Email

1. Don’t reveal personal or financial information in an email.
2. Check the security of websites. This is a key precaution to take before sending sensitive information over the internet.
   <http> indicates the site has not applied any security measures, whereas <https> means it has.
3. Pay attention to website URLs. Employees may also be able to detect and evade the scheme by finding variations in spellings or a different domain (e.g.,.com versus .net).
4. Verify suspicious email requests. Contact the company they’re believed to be from directly.
5. Keep a clean machine. Utilizing the latest operating system, software, and Web browser, as well as antivirus and malware protection, are the best defenses against viruses, malware and other online threats.

Nine Tips to Strengthen Password Security

1. Change passwords at least every three months for non-administrative users and 45-60 days for administrative accounts.
2. Use different passwords for each login credential.
3. Avoid generic accounts and shared passwords.
4. Conduct audits periodically to identify weak/duplicate passwords and change as necessary.
5. Pick challenging passwords that include a combination of letters (upper and lower case), numbers and special characters (e.g. <$>, <%> and <&>).
6. Avoid personal information such as birth dates, pet names and sports.
7. Use passwords or passphrases of 12+ characters.
8. Use a Password Manager such as LastPass where users need just one master password.
9. Don’t use a browser’s auto-fill function for passwords.

Content courtesy of Nolan Venkatrathnam of PC afterhours, which offers practical technology solutions for individuals, small businesses and non-profits.