Educate users about security awareness

Even with the best firewalls, antivirus products and other security hardware and software in place, no network or computer is 100% secure. Sadly, the weakest link in the security chain for corporate networks is often the users themselves. Ensuring that users have a basic understanding of information security and a little common sense can yield much higher dividends than the latest whiz-bang application.

Below are the top 10 tips administrators should share with users to help make the whole network more secure.

  • Strong passwords: Users hear it constantly, but many still aren't listening.
    1. User tip: Passwords should contain a mix of uppercase and lowercase letters as well as numbers or special symbols (like % or $).
    2. User tip: Passwords should never be something simple like the name of your son or your birth date.
  • Avoid phishing scams:
    1. User tip: No reputable company or tech support department will ask you to provide your username, password, social security number or other sensitive information in an e-mail. Also, never click on Web links within unsolicited e-mail.
  • Protect your workspace: At any given moment, your desk may have memos or documents that contain sensitive or confidential information or you might have classified information displayed on your computer monitor.

    Requires Free Membership to View

  • More Information

    Check out this tip for easy ways to provide this hints to users

    Learn how to use defense-in-depth to create an (almost) invulnerable computing environment

    Learn how to educate your employees about threats -- like spyware.

    Create a corporate security culture with these tips

    1. User tip: Be aware of who is nearby, and secure information assets by locking your PC before you leave your desk.
  • It's probably a hoax: Any e-mail message from a friend or family member claiming to be urgent news that you should distribute around the world is almost definitely a hoax. To verify, you can check the information on a site like www.snopes.com. However, even if it is legitimate, you should not use corporate resources to forward spam messages on to your friends and family.
    1. User tip: Don't use corporate resources to forward spam.
  • Don't open attachments:
    1. User tip: Unless you are 100% sure of whom the e-mail came from and what the attachment contains, do not open or execute an e-mail file attachment.
  • Keep your virus detection device turned on: Antivirus scanning is only effective if it is turned on.
    1. User tip: Do not disable or deactivate your antivirus scanning engine.
  • Do not install unapproved software: Even if software is free, it is not always free for use on corporate machines. Downloading software from the Internet is a primary source of viruses, spyware and Trojans, and even legitimate software may not be compatible with other software on your computer and could cause conflicts.
    1. User tip: Don't install unapproved software.
  • Beware of instant messaging: Instant messaging can be a great communication tool, but it can also be a way to transfer viruses and other malware or initiate phishing attacks. Use instant messaging responsibly.
    1. User tip: Do not click on links sent from unknown instant messaging users.
  • When in doubt, call for support: It is better to contact the pros to check it out than to be the root cause of a virus infection that takes down the corporate network.
    1. User tip: If you are suspicious of something or something just seems weird, contact tech support.

About the author: Tony Bradley is a consultant and writer with a focus on network security and antivirus and incident response. He is the About.com guide for Internet/Network Security, providing a broad range of security tips, advice, reviews and information. Bradley also contributes frequently to other industry publications. For a complete list of his freelance contributions, visit Essential Computer Security.

This tip originally appeared on SearchWindowsSecurity.com

This was first published in November 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.