Archive for June 2012

06/29/12 - Tip of the Day!

by in , , , 0


Change from a password to a pass-phrase

It's better to use longer and more complicated passwords, but they are hard to remember.  Try using a pass-phrase like "I love getting to work at 8:00!".  It's long, easy to remember, and has a mix of upper case and lower case letters and symbols.  Don't use familiar or famous quotations.  Don't use any real names, especially your own, your family member's, or your pet's.  Nonsensical pass-phrases are the hardest to crack.  Because password cracking time increases exponentially, a criminal with substantial computing resources can crack short passwords quickly; while a 31-character (the length of our example) pass-phrase would take 231,935,475,118,605,000,000,000 years to crack!  Best of all, it's easy to remember.

06/28/12 - Tip of the Day!

by in , , , 0

Effectively delete files

When you delete a file, depending on your operating system and your settings, the file may be transferred to your trash or recycle bin. This "holding area" essentially protects you from yourself—if you accidentally delete a file, you can easily restore it. An unauthorized person will also be able to retrieve it. Does your recycle bin include credit card information, passwords, medical, or other personal data? Is there sensitive corporate information? Empty the trash or recycle bin on a regular basis to ensure that deleted information stays deleted.

06/27/12 - Tip of the Day!

by in 0

Don't use unauthorized software!

It may be tempting to use useful-looking software that you can get free on the Internet, but these tools may carry a hidden cost.  Installing them may often cause other programs to stop working and it can take a long time for your IT teams to track down the problem.  More seriously, they can display unwanted ads, slow your PC down or make it less secure by letting the PC download more ads from the Internet.  Most seriously, they can be infected by viruses or spyware that are intended to damage your PC or steal confidential information.

06/26/12 - Tip of the Day!

by in 0

Connect for Good Health

To keep computers healthy, frequently connect them to your network. When you connect to your network, you can get new security patches and anti-virus updates. Whenever possible, use automatic updates to ensure your system is up to date.

06/25/12 - Tip of the Day!

by in 0


Five Security Tips

  1. If you don't understand the warning message, say no and consult IT support. It's easier to go back and say yes if you need to than be sorry and have to rebuild your machine.
  2. Certificates: If you don't understand a website certificate message, say no and consult IT support. It is easier to go back and say yes if you need to than be sorry and have to rebuild your credit.
  3. Anti-virus: Running anti-virus does not slow your computer down nearly as much as a virus does.
  4. Passwords: Writing down your password around your desk is about as secure as leaving a $20 bill lying on the dashboard of your car. How well do you trust anyone these days?

06/22/12 - Tip of the Day!

by in 0


Don't plug in USB drives that you find lying around. Criminals can use them to steal your data

People's natural curiosity and desire to help were exploited by consultant Steve Stasiukonis, who was hired to check security awareness at a credit union. He loaded malicious software on old thumbnail drives and left the drives on the ground and tables in the parking lot and smoking areas. Each time a curious, helpful person plugged any of the thumb drives into his computer, it loaded software and reported who had taken the bait. His test was harmless, but criminals can use the same technique to take control of our computers. The full story can be found as story 2 at this link: http://www.darkreading.com/advanced-threats/167901091/security/news/229402736/five-stories-over-five-years-that-shaped-security.html.

06/14/12 - Tip of the Day!

by in 0


If you print it, go get it right away!

Don’t leave important, sensitive, or confidential material lying around the office. Common printing areas are frequented by people coming and going. Often you will be in line to pick up your documents and others may handle them before you. This leads to unnecessary information disclosures. One boss had a print job disappear, and had e-mailed the whole floor about it. The pages never turned up. Always use the closest print station, or a dedicated printer for confidential information, and go get it right away!

06/13/12 - Tip of the Day!

by in 0

Don't click the "unsubscribe" link at the bottom of unsolicited emails

Spam filters are catching most unwanted e-mail, but some might still reach you. Most spam is designed to get you to respond with your own email or to click a link to "unsubscribe." When you respond or click the "unsubscribe" link, the sender takes your email address and adds it to a SPAM database of active email addresses. You might then start to receive a large amount of SPAM in your inbox. Do not respond or click the "unsubscribe" links.

06/12/12 - Tip of the Day!

by in 0

Be better than James Bond

In Casino Royale, Bond chooses a password to protect a multi-million pound money transfer. What does he choose? His girlfriend's name - doh! Why bother torturing him when you could just guess his cunning plans? We can all do better than that. For most situations a password should be 8 characters long and be a mixture of letters, numbers and other characters and it should conform to company policy. It should not be a word you would find in a dictionary, the name of your spouse, partner, child, pet, favorite band or any of these followed by a single digit. Use common sense - Razorlight1 isn't a good choice if you have a poster of the band behind your desk.

06/11/12 - Tip of the Day!

by in 0

Report or challenge strangers in your office

Visitors and staff should wear badges. Others you don't recognize may be opportunist thieves who have walked past reception or found an open back door. Grab a co-worker and politely ask if they need some assistance or report them to your security or reception staff. Thieves are as likely to steal your purse or wallet as they are to take company property, so it is in everyone's interest to keep our premises safe.

06/10/12 - Tip of the Day!

by in 0

Passwords: Be creative

If you can't remember hard passwords no matter how hard you try, put your password in parenthesis. baseball38 is a weak password. (baseball38) is much better.

When you change your password, you should always change at least half of it and when you do, change the parentheses as well. Change the parentheses to asterisks, exclamation points or dollar signs. *sallyandbob39* is better than sallyandbob39, and !jimandbetty93! is better than jimandbetty93.

06/09/12 - Tip of the Day!

by in 0

Don't download sets of pictures from the Internet

A user downloaded a set of photos of pop icon Paris Hilton for her Windows desktop. Windows asked her to say yes to executing the file when she got it. Assuming it was just pictures, she agreed. Within a couple of hours, she knew something was wrong when her computer started to slow down to the point where she was unable to use it. Even when she rebooted, she couldn't launch her own programs. The IT department determined that she had downloaded a Trojan program along with the photo: her freebie photo had a malicious payload attached that used her computer to send out spam for a bad guy. Her computer had to be rebuilt to eliminate the program. She lost most of the day and a lot of her personal computer settings in the process.

06/08/12 - Tip of the Day!

by in 0

Watch out for shoulder surfers!

Watch out for shoulder surfers who read over your shoulder or try to steal your password. If you have your back to the door or an open cubical wall, get a rear view mirror to stick up and watch behind you when youre typing. This also prevents office pranksters from sneaking up on you. When in public places, such as Internet cafes, always try to sit with your back to a wall to prevent onlookers. Glass walls dont count — thieves can look right through them!

Welcome!

by 0

Welcome to the Information Security Blog at Channel Islands!

This space will be updated on a regular basis so please check back often to view information security awareness topics.