Best Practices

▼   Software

When you update your Operating System (OS) or your application software, it also keeps you protected by patching vulnerabilities that can be exploited by malicious attackers.

Update Windows 10

Update earlier supported versions of Windows

Update earlier unsupported versions of Windows

▼   Firewall
A firewall is important in preventing malicious software from being transmitted to your computer via the internet or any other network.
For more information visit: us-cert.gov.
▼   Antivirus

An Antivirus searches for known malware and attempts to remove it. 

Update your Antivirus because it is only effective when it has the latest virus definitions.

If you do not have an Antivirus installed, please visit our tools menu to download one.

▼   Password Management

A unique password for each account ensures that your other accounts remain secure if one of them is hacked.

Use a trusted password manager if you have many accounts.

A good, strong password will have these characteristics:

  • A password that you are comfortable with typing over and over.
  • A password that is between 10-14 characters long.
  • A password that resembles a short phrase that has meaning only to you.
  • A password that uses between 1-3 special characters.
    • Special characters can include the following: $, #, *, and !.
    • The goal is to balance complexity with difficulty to type.

A bad, easily compromised password will have these characteristics:

  • A password that uses a sequence of numbers such as 123456, 12345, 123456789.
  • A password that uses a word or phrase reflecting its purpose such as password, myaccount, notapassword.
  • A password that uses a predictable sequence of letters and numbers such as abc123, asdfg, qwerty, abcdefg.
  • A password that includes personal information such as date of birth, name, school mascot.
  • A password that uses less than 8 characters.
  • A password that is used for more than one account.
  • A password that is written down somewhere.

Always use multi-factor authentication when available because a password is the most vulnerable form of authentication.

For more information visit: Password Guidance From NIST.
▼   Mobile Security

Security Measures for your mobile device:

  • Set up a screen lock password/pin on your device to provide a "first line of defense" to an intruder.
  • Install or enable software to remotely track your device.
    • Consider enabling a remote wipe feature to protect your data in case your stolen device cannot be recovered.
  • Update your device and enable automatic updating so it is always running the latest, most secure version of the operating system.
  • Manage your apps
    • Only use trusted sources such as iTunes or Google Play.
    • Remove unused apps.
    • Monitor what permissions you give your apps.
  • Backup your data to a trusted source.
  • Be discreet with your mobile device in highly public or crowded areas.
    • Use only trusted WiFi sources.
    • Avoid sending sensitive information on an insecure network.
▼    Email

Handling unexpected emails:

  • If you do not recognize the sender of an email, contact the sender through another means of communication to verify its legitimacy, such as calling the sender.
  • If you were not expecting an email attachment, do not open it until you have verified it is safe.

Report any unverified/malicious emails to the Computer Services Center immediately.
For more information visit: reportingsuspiciousemails.pdf.

▼   File Encryption

In order to secure that sensitive information, the file needs to be encrypted so that only authorized users can read the file. Encrypted files cannot be read without a special key, such as a password, which is used to authenticate the user.

Unauthorized access could occur regardless of whether you transmit the file across the internet.

It is best practice to secure files containing sensitive information using one of the encryption methods below:

There is no easy way to unencrypt a file if you lose the password.

▼   Personally Identifiable Information

The best way to handle files with Personally Identifiable Information (PII) is to take these steps to ensure the information is secure.

  • Keep the file encrypted at all times.
  • Keep a backup stored in a separate location from the original.
  • Do not leave the file unattended while in use.
  • Delete the file when it is no longer needed.
  • Redact the information when sharing the file with unauthorized individuals.
  • Rename the file as not give away its contents.