There are ways you can prevent compromises. Follow best practices and you will avoid most problems.
- Keep your operating system and applications (browsers, etc.) patched automatically when possible
- Use antivirus and antispyware protection with automatic updates
- Eliminate spyware with regular spyware scans
- Create complex passwords
- Encrypt all non-public private information (NPPI) files
- Use a password protected screensaver, or logout whenever you leave
- Use a host based and network firewall
Be ready and prepare for emergencies...
(Important Note: Stevens data should only be stored and backed up on Stevens Network Drives.)
- Backup personal data and files to CD, Zip drives, external hard drive, etc., and keep them in a safe place
- Keep your original CDs available for reinstallation when necessary
- Beware of emails with attachments. There are numerous forms of malware that have been unleashed by no more than visiting a website linked through an email.
- Do not open a link embedded in an email (copy and paste the url). They can be phishing sites.
- When discarding an old computer, wipe the drive clean. Studies have shown that it's easy to get personal information from discarded computers. (Note: Stevens computers should only be discarded after having the drive wiped or destroyed by Information Technology.)
- Online banking is convenient and easy. Make sure your bank has a zero liability policy (replacing any stolen funds as a result of identity fraud if the bank's system was breached.). The main problem with online banking is email. Beware of email phishing attacks...the university, banks and financial institutions will not ask for your personal information or passwords in email.
- Keep private information private. Social networks (MySpace, Face Book, etc.) are great places to keep in touch, but be sure you know who you're talking to, and keep in mind that anyone can be 'listening'.
- Information you supply on the web may not be secure. Check for the https:// (rather than http://) in the URL, the 's' is for secure. There are still numerous websites asking you to logon insecurely.