US-CERT Cyber Security Tip ST06-008 -- Safeguarding Your Data

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                        Cyber Security Tip ST06-008
                           Safeguarding Your Data

   When there are multiple people using your computer and/or you store
   sensitive personal and work-related data on your computer, it is
   especially important to take extra security precautions.

Why isn't "more" better?

   Maybe  there  is an extra software program included with a program you
   bought.  Or  perhaps  you  found  a  free  download online. You may be
   tempted  to  install the programs just because you can, or because you
   think  you  might  use them later. However, even if the source and the
   software  are  legitimate,  there  may  be  hidden risks. And if other
   people use your computer, there are additional risks.

   These  risks  become  especially important if you use your computer to
   manage  your  personal  finances (banking, taxes, online bill payment,
   etc.),   store   sensitive  personal  data,  or  perform  work-related
   activities away from the office. However, there are steps you can take
   to protect yourself.

How can you protect both your personal and work-related data?

     * Use  and  maintain  anti-virus  software  and a firewall - Protect
       yourself  against  viruses  and  Trojan  horses  that may steal or
       modify  the  data on your own computer and leave you vulnerable by
       using  anti-virus  software  and  a  firewall  (see  Understanding
       Anti-Virus   Software   and   Understanding   Firewalls  for  more
       information). Make sure to keep your virus definitions up to date.
     * Regularly  scan  your  computer  for  spyware  - Spyware or adware
       hidden  in  software  programs  may affect the performance of your
       computer  and give attackers access to your data. Use a legitimate
       anti-spyware program to scan your computer and remove any of these
       files (see Recognizing and Avoiding Spyware for more information).
     * Keep  software  up  to  date  -  Install  software patches so that
       attackers   cannot   take   advantage   of   known   problems   or
       vulnerabilities  (see Understanding Patches for more information).
       Many  operating systems offer automatic updates. If this option is
       available, you should turn it on.
     * Evaluate  your  software's settings - The default settings of most
       software  enable  all  available functionality. However, attackers
       may be able to take advantage of this functionality to access your
       computer.  It  is  especially  important to check the settings for
       software  that  connects to the internet (browsers, email clients,
       etc.).  Apply  the  highest level of security available that still
       gives you the functionality you need.
     * Avoid unused software programs - Do not clutter your computer with
       unnecessary  software  programs.  If  you  have  programs  on your
       computer that you do not use, consider uninstalling them.
     * Consider  creating  separate  user  accounts  - If there are other
       people  using  your computer, you may be worried that someone else
       may  accidentally  access,  modify, and/or delete your files. Most
       operating systems (including Windows XP, Mac OS X, and Linux) give
       you the option of creating a different user account for each user,
       and  you  can  set  the  amount  of access and privileges for each
       account.  You  may  also choose to have separate accounts for your
       work   and   personal  purposes.  While  this  approach  will  not
       completely  isolate  each  area,  it  does  offer  some additional
       protection.
     * Establish  guidelines  for  computer  use  - If there are multiple
       people  using  your  computer, especially children, make sure they
       understand  how  to  use the computer and internet safely. Setting
       boundaries  and  guidelines  will  help  to protect your data (see
       Keeping Children Safe Online for more information).
     * Use  passwords  and  encrypt sensitive files - Passwords and other
       security  features  add layers of protection if used appropriately
       (see Choosing and Protecting Passwords and Supplementing Passwords
       for  more  information).  By  encrypting  files,  you  ensure that
       unauthorized  people  can't  view data even if they can physically
       access  it.  You  may  also want to consider options for full disk
       encryption,  which prevents a thief from even starting your laptop
       without  a passphrase. When you use encryption, it is important to
       remember  your  passwords  and  passphrases; if you forget or lose
       them, you may lose your data.
     * Follow  corporate  policies  for handling and storing work-related
       information  - If you use your computer for work-related purposes,
       make  sure  to  follow  any  corporate  policies  for handling and
       storing the information. These policies were likely established to
       protect  proprietary  information and customer data, as well as to
       protect you and the company from liability.
     * Dispose of sensitive information properly - Simply deleting a file
       does  not  completely  erase it. To ensure that an attacker cannot
       access  these files, make sure that you adequately erase sensitive
       files (see Effectively Erasing Files for more information).
     * Follow  good security habits - Review other security tips for ways
       to protect yourself and your data.
     _________________________________________________________________

     Author: Mindi McDowell
     _________________________________________________________________

     Produced 2006 by US-CERT, a government organization.
  
     Terms of use
 
     <http://www.us-cert.gov/legal.html>
  
     This document can also be found at
 
     <http://www.us-cert.gov/cas/tips/ST06-008.html>
 

     For instructions on subscribing to or unsubscribing from this
     mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
     
     
         




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRP80BOxOF3G+ig+rAQJjWggAqSjvC6sOPXs2N98UlKBjF3AGcj+DjEbI
AHaaZEOpp/Rwo/3BrpURjTRhfCQ0c6a54s/1P+fX0BvwAPj3DPTMWWLUNZsGevmf
WcTmFV/XQtknvpA00sOzL1KeAPHhWT7hDbgL9hZA3d1KH4QjnjYJ9fssigFDSngw
mF/fCtGJLRBlm5JdbYzceu6JHpTp2d2yY8LY3o9aOJwK65PTnq0VWaG2hxwiGihU
YCxFItHdwqXp5FNm+td58RscyKT7+7xnogdj13TFP+0aWEp9rmSTHU7TwUPfs/6n
8Zx/lcQ7nU8VRiFF5emMUd+u1naseRwV3GqTqfzUTQ+gMY1A4pk1ww==
=8vYA
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux