SANS Tip Of The Day

Subscribe to SANS Tip Of The Day feed
The most recent SANS Institute Security Awareness Tips
Updated: 7 hours 10 min ago

Unique Passwords

9 hours 39 min ago
Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.

Social Media Privacy Settings

August 21, 2019 - 1:00am
Privacy settings on social networks have limited value. They are confusing to configure and change often. Ultimately, if you do not want your parents or boss reading it, do not post it.

Go With Passphrases

August 19, 2019 - 1:00am
Passphrases are the strongest type of passwords and the easiest to remember. Simply use an entire sentence for your password, such as "What time is coffee?" By using spaces and punctuation, you create a long password that is hard to guess but easy to remember.

Personalized Scams

August 15, 2019 - 1:00am
Cyber criminals now have a wealth of information on almost all of us. With so many hacked organizations now a days, cyber criminals simply purchase databases with personal information on millions of people, then use that information to customize their attacks, making them far more realistic. Just because an urgent email has your home address, phone number or birth date in it does not mean it is legitimate.

When Away

August 14, 2019 - 1:00am
Leaving your seat? Ctrl--Alt--Delete! Make sure you lock your workstation or laptop while you are away from it. On a Mac? Try Control--Shift--Eject/Power.

Kids and Screenshots

August 13, 2019 - 1:00am
If you have kids with mobile devices, create a central home charging station in a place like your bedroom. Before the kids go to bed at night, have them put their mobile devices there so they are not tempted to play with them when they should be sleeping.

Reporting an Incident

August 12, 2019 - 1:00am
Bad guys are very persistent, eventually anyone can make a mistake. If a phone call from the "Help Desk" doesn't sound quite right, if an email seems suspicious or if a program you installed starts acting funny, ask for help! In addition, perhaps you lost a work laptop or a USB drive. The sooner you report an incident, the sooner we can help resolve the problem.

Securely Disposing Mobile Devices

August 9, 2019 - 1:00am
Do you plan on giving away or selling one of your older mobile devices? Make sure you wipe or reset your device before disposing of it. If you don't, the next person who owns it will have access to all of your accounts and personal information.

Ransomware

August 8, 2019 - 1:00am
Ransomware is a special type of malware. Once it infected your computer, it encrypts all of your files and demands you pay a ransome if you want your files back. Be suspicious of any emails trying to trick you into opening infected attachments or click on malicious links, common sense is your best defense. In addition. backups are often the only way you can recover from ransomware.

Shopping Online

August 7, 2019 - 1:00am
When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.

Search Yourself Online

August 6, 2019 - 1:00am
Ever wonder just how much information is publicly available about you? Ever wonder how cyber criminals harvest information and customize attacks for their victims. The technique is called Open Source Intelligence (OSINT) and it is far simpler and more powerful than you think.

Mobile Apps

August 5, 2019 - 1:00am
Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information.

Email Auto-Complete

August 2, 2019 - 1:00am
Be careful with email auto-complete. This is an email feature that automatically completes a name for you when you begin typing it in the TO field. However, your email client can easily complete the wrong name for you. If you are emailing anything sensitive, always be sure to check the TO field a second time before hitting the send button.

Two-Step Verification

August 1, 2019 - 1:00am
Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.

Phishing

July 29, 2019 - 1:00am
Phishing is when an attacker attempts to fool you into clicking on a malicious link or opening an attachment in an email. Be suspicious of any email or online message that creates a sense of urgency, has bad spelling or addresses you as "Dear Customer."

Secure Your Home Wi-Fi Network

July 26, 2019 - 1:00am
Be aware of all the devices connected to your home network, including baby monitors, gaming consoles, TVs, appliances or even your car. Ensure all those devices are protected by a strong password and/or are running the latest version of their operating system.