Security Best Practices from PC after hours at our Get IT Secure Ministry Equip training on Jan. 16, 2019
5 Tips to Block Phishing Attacks via Email
- Don’t reveal personal or financial information in an email.
- Check the security of websites. This is a key precaution to take before sending sensitive information over the internet.
<http> indicates the site has not applied any security measures, whereas <https> means it has.
- Pay attention to website URLs. Employees may also be able to detect and evade the scheme by finding variations in spellings or a different domain (e.g.,.com versus .net).
- Verify suspicious email requests. Contact the company they’re believed to be from directly.
- Keep a clean machine. Utilizing the latest operating system, software, and Web browser, as well as antivirus and malware protection, are the best defenses against viruses, malware and other online threats.
9 Tips to Strengthen Password Security
- Change passwords at least every three months for non-administrative users and 45-60 days for administrative accounts.
- Use different passwords for each login credential.
- Avoid generic accounts and shared passwords.
- Conduct audits periodically to identify weak/duplicate passwords and change as necessary.
- Pick challenging passwords that include a combination of letters (upper and lower case), numbers and special characters (e.g. <$>, <%> and <&>).
- Avoid personal information such as birth dates, pet names and sports.
- Use passwords or passphrases of 12+ characters.
- Use a Password Manager such as LastPass where users need just one master password.
- Don’t use a browser’s auto-fill function for passwords.
Content courtesy of Nolan Venkatrathnam of PC afterhours, which offers practical technology solutions for individuals, small businesses and non-profits.