Cyber Security Tip ST06-008Â Â Â Â Â Â Â Safeguarding Your Data
When there are multiple people using your computer and/or you storeÂ sensitive personal and work-related data on your computer, it is especially important to take extra security precautions.
Why isn’t “more” better?
Maybe there is an extra software program included with a program you bought.Â Or perhaps you found a free download online. You may be tempted to installÂ Â the programs just because you can, or because you think you might use themÂ Â later. However, even if the source and the software are legitimate, thereÂ mayÂ be hidden risks. And if other people use your computer, there areÂ additional risks.
These risks become especially important if you use your computer to manageÂ your personal finances (banking, taxes, online bill payment, etc.), storeÂ Â sensitive personal data, or perform work-related activities away from theÂ Â office. However, there are steps you can take to protect yourself.
How can you protect both your personal and work-related data?
1. Use and maintain anti-virus software and a firewall – Protect yourself against viruses and Trojan horses that may steal or modify the data onÂ your own computer and leave you vulnerable by using anti-virus software and a firewall (see Understanding Anti-Virus Software and UnderstandingÂ FirewallsÂ forÂ moreÂ information).Â MakeÂ sure to keep your virus definitions up to date.
2. Regularly scan your computer for spyware – Spyware or adware hidden inÂ software programs may affect the performance of your computer and giveÂ attackers access to your data. Use a legitimate anti-spyware program toÂ Â scan your computer and remove any of these files (see Recognizing andÂ Avoiding Spyware for more information). Many anti-virus products haveÂ incorporated spyware detection.
3.Â Keep software up to date – Install software patches so that attackersÂ Â Â Â Â Â cannotÂ takeÂ advantageÂ of known problems or vulnerabilities (seeÂ Â Â Â Â Â Understanding Patches for more information). Many operating systemsÂ Â offer automatic updates. If this option is available, you should turn itÂ on.
4.Â EvaluateÂ yourÂ software’s settings – The default settings of mostÂ Â Â Â Â Â software enable all available functionality. However, attackers may be able to take advantage of this functionality to access your computer. ItÂ is especially important to check the settings for software that connects to the internet (browsers, email clients, etc.). Apply the highest levelÂ Â of security available that still gives you the functionality you need.
5.Â Avoid unused software programs – Do not clutter your computer withÂ Â Â Â Â Â unnecessary software programs. If you have programs on your computerÂ Â Â Â Â Â thatÂ youÂ doÂ not use, consider uninstalling them. In addition toÂ Â Â Â Â Â consuming system resources, these programs may contain vulnerabilitiesÂ Â Â Â Â Â that, if not patched, may allow an attacker to access your computer.
6.Â Consider creating separate user accounts – If there are other peopleÂ Â Â Â Â Â usingÂ yourÂ computer,Â youÂ mayÂ be worried that someone else mayÂ Â Â Â Â Â accidentally access, modify, and/or delete your files. Most operatingÂ Â Â Â Â Â systems (including Windows XP and Vista, Mac OS X, and Linux) give youÂ Â Â Â Â Â the option of creating a different user account for each user, and youÂ Â Â Â Â Â can set the amount of access and privileges for each account. You mayÂ Â Â Â Â Â alsoÂ chooseÂ to have separate accounts for your work and personal
purposes. While this approach will not completely isolate each area, itÂ Â Â Â Â Â does offer some additional protection. However, it will not protect yourÂ Â Â Â Â Â computer against vulnerabilities that give an attacker administrativeÂ Â Â Â Â Â privileges. Ideally, you will have separate computers for work andÂ Â Â Â Â Â personal use; this will offer a different type of protection.
7.Â Establish guidelines for computer use – If there are multiple peopleÂ Â Â Â Â Â using your computer, especially children, make sure they understand howÂ Â Â Â Â Â toÂ useÂ theÂ computer and internet safely. Setting boundaries andÂ Â Â Â Â Â guidelines will help to protect your data (see Keeping Children SafeÂ Â Â Â Â Â Online for more information).
8.Â Use passwords and encrypt sensitive files – Passwords and other securityÂ Â Â Â Â Â features add layers of protection if used appropriately (see ChoosingÂ Â Â Â Â Â andÂ ProtectingÂ PasswordsÂ andÂ SupplementingÂ Passwords for moreÂ Â Â Â Â Â information). By encrypting files, you ensure that unauthorized people
can’t view data even if they can physically access it. You may also wantÂ Â Â Â Â Â to consider options for full disk encryption, which prevents a thiefÂ Â Â Â Â Â fromÂ even starting your laptop without a passphrase. When you useÂ Â Â Â Â Â encryption, it is important to remember your passwords and passphrases;Â Â Â Â Â Â if you forget or lose them, you may lose your data.
9. FollowÂ corporateÂ policiesÂ for handling and storing work-relatedÂ Â Â Â Â Â information – If you use your computer for work-related purposes, makeÂ Â Â Â Â Â sure to follow any corporate policies for handling and storing theÂ Â Â Â Â Â information.Â TheseÂ policiesÂ wereÂ likely established to protectÂ Â Â Â Â Â proprietary information and customer data, as well as to protect you andÂ Â Â Â Â Â the company from liability. Even if it is not explicitly stated in yourÂ Â Â Â Â Â corporate policy, you should avoid allowing other people, includingÂ Â Â Â Â Â family members, to use a computer that contains corporate data.
10. Dispose of sensitive information properly – Simply deleting a file doesÂ Â Â Â Â Â not completely erase it. To ensure that an attacker cannot access theseÂ Â Â Â Â Â files,Â makeÂ sureÂ that you adequately erase sensitive files (seeÂ Â Â Â Â Â Effectively Erasing Files for more information).
11. Follow good security habits – Review other security tips for ways toÂ Â Â Â Â Â protect yourself and your data.
Author: Mindi McDowellÂ Â Produced 2006 by US-CERT, a government organization.