SANS Tip Of The Day

Subscribe to SANS Tip Of The Day feed
The most recent SANS Institute Security Awareness Tips
Updated: 1 hour 27 min ago

USB Drives

9 hours 53 min ago
Be very careful of any lost USB drives you may find (such as in the parking lot or local coffee shop) or USB drives you are given at public events, like conferences. It is very easy for these devices to be infected with malware. Never use such devices for work, use only authorized devices issued to you by work.

Shopping Online

October 22, 2018 - 1:00am
When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.

Shopping Online

October 22, 2018 - 1:00am
When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure.

Go With Passphrases

October 19, 2018 - 1:00am
Passphrases are the strongest type of passwords and the easiest to remember. Simply use an entire sentence for your password, such as "What time is coffee?" By using spaces and punctuation, you create a long password that is hard to guess but easy to remember.

Browse With Encryption

October 18, 2018 - 1:00am
When browsing online, encrypting your online activities is one of the best ways to protect yourself. Make sure your online connection is encrypted by making sure HTTPS is in the website address and/or that there is a lock next to it.

Conversations

October 17, 2018 - 1:00am
When traveling, it is very easy to forget where you are when discussing business with colleagues. That airport, taxi, restaurant or hotel lobby may have individuals nearby eavesdropping on your conversation. When discussing confidential information, agree to hold off on the conversation until you can be assured of privacy. Also, be careful not to share sensitive information with strangers you meet.

Reporting an Incident

October 15, 2018 - 1:00am
Bad guys are very persistent, eventually anyone can make a mistake. If a phone call from the "Help Desk" doesn't sound quite right, if an email seems suspicious or if a program you installed starts acting funny, ask for help! In addition, perhaps you lost a work laptop or a USB drive. The sooner you report an incident, the sooner we can help resolve the problem.

Securely Disposing Mobile Devices

October 12, 2018 - 1:00am
Do you plan on giving away or selling one of your older mobile devices? Make sure you wipe or reset your device before disposing of it. If you don't, the next person who owns it will have access to all of your accounts and personal information.

Lock Your Mobile Devices

October 9, 2018 - 1:00am
The number one step for protecting your mobile device is making sure it has a strong screenlock on it so only you can access it.

Patch and Update

October 8, 2018 - 1:00am
One of the most effective ways you can protect your computer at home is to make sure both the operating system and your applications are patched and updated. Enable automatic updating whenever possible.

Unique Passwords

October 5, 2018 - 1:00am
Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.

CEO Fraud

October 4, 2018 - 1:00am
CEO Fraud / BEC is a type of targeted attack. It commonly involves a cyber criminally pretending to be your boss, then tricking or fooling you into sending the criminal highly sensitive information or initiating a wire transfer. Be highly suspicious of any emails demanding immediate action and/or asking you to bypass any security procedures.

CEO Fraud

October 4, 2018 - 1:00am
CEO Fraud is a type of targeted attack. It commonly involves a cyber criminally pretending to be your boss, then tricking or fooling you into sending the criminal highly sensitive information or initiating a wire transfer. Be highly suspicious of any emails demanding immediate action and/or asking you to bypass any security procedures.

Two-Step Verification

October 3, 2018 - 1:00am
Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.

Ransomware

September 27, 2018 - 1:00am
Ransomware is a special type of malware. Once it infected your computer, it encrypts all of your files and demands you pay a ransome if you want your files back. Be suspicious of any emails trying to trick you into opening infected attachments or click on malicious links, common sense is your best defense. In addition. backups are often the only way you can recover from ransomware.