Threats & Defenses
Safe Practices of IT Computing
Never open suspicious files. Assume that any file you receive may be potentially infected, even if you know the sender well.
- Never open suspicious files. Assume that any file you receive may be potentially infected, even if you know the sender well. Viruses, spyware and other malicious code typically originate from an infected PC and its address book, thus it will most likely come from family, friends, or business associates. When working with your email, browsing websites, or chatting via an Instant Messenger, do not accept any unsolicited files from anyone since they could contain malicious code. Some of the more common file types to be wary of end in EML, NWS, JS, EXE, etc. These file types can infect your desktop.
- Avoid going to any URLs in email messages that may be questionable. Hackers often infect web pages with malicious code, so do not visit any website that you are not familiar with.
- Always keep your anti-virus, anti-spyware, and firewall protection up to date. New threats emerge regularly so it is critical that you keep your protective software and firewall technology current. In addition, scan your system monthly with the settings recommended by your Internet security provider.
- Restrict Administrative Privileges. It is important to make sure that all employees have a level of administrative access equal to their job responsibilities. This includes not allowing employees to install software, music files, games, etc., as well as restricting access to external services such as web mail and remote control services. These types of restrictions will help protect your organization from spyware such as keystroke logging.
- Keep your operating system and your application software patches up to date. In order to prevent being infected by malicious code, keep the software patches up to date for your operating system, i.e.: Windows, Linux, Apple, as well as for your applications, i.e.: Internet Explorer, Firefox and Safari.
- Stay informed and educated. It is important that not only your IT department stays up to date on the latest threats but that your employees and your business customers are also advised of them and that you educate them about the techniques of "safe computing." Internet security providers release formal alerts on the latest threats and vulnerabilities and how to protect against them.