The United States Computer Emergency Readiness Team (US-CERT) has released tips for protecting both personal and work-related data. According to US-CERT, individuals who use their computer to manage personal finances, store personal data, or perform work-related activities outside of the office are at risk for security breaches. They suggest the following steps for protection:
- Use and maintain anti-virus software and a firewall– Protect against viruses and Trojan horses that may steal or modify data. Make sure to keep virus definitions up to date.
- Regularly scan your computer for spyware– Spyware or adware hidden in software programs may affect the performance of your computer and give attackers access to data. Use a legitimate anti-spyware program.
- Keep software up to date– Install software patches so that attackers cannot take advantage of known problems or vulnerabilities.
- Evaluate your software's settings–It is important to check the settings for software that connects to the internet (browsers, email clients, etc.). Apply the highest level of security available that still gives you the functionality you need.
- Avoid unused software programs– Do not clutter your computer with unnecessary software programs. These programs may contain vulnerabilities that, if not patched, may allow an attacker to access your computer.
- Consider creating separate user accounts– If there are other people using your computer, create a different user account for each user, and set the amount of access and privileges for each account. Also consider separate accounts for work and personal purposes.
- Establish guidelines for computer use– If there are multiple people using your computer, especially children, make sure they understand how to use the computer and internet safely.
- Use passwords and encrypt sensitive files– Passwords and other security features add layers of protection if used appropriately. By encrypting files, you ensure that unauthorized people can't view data even if they can physically access it. You may also want to consider options for full disk encryption, which prevents a thief from even starting your laptop without a passphrase.
- Follow corporate policies for handling and storing work-related information– If you use your computer for work-related purposes, make sure to follow any corporate policies for handling and storing the information.
- Dispose of sensitive information properly– Simply deleting a file does not completely erase it. To ensure that an attacker cannot access these files, make sure that you adequately erase sensitive files.
