Technology Security Overview

Most of the time these attacks you see in the news stem from an employee opening an email or attachment they should not have opened.

Although much less frequent, some of the time these attacks happen because someone answered the phone and gave away information they should not have, like what vendors you use or what type of equipment you have.

Phone Call Safety

Telling someone you have WiFi or the name of your phone provider can give a hacker what they need to get in. For example, new customers of Cable Company One are known to have their WiFi password default to their phone number. Once a hacker knows this, knows the name of your provider and if the default password hasn’t been changed, they have what they need to access the system.

Email Safety

Email is not inherently secure.

Sensitive or confidential information (For example, Patient/Client social security information) should not be sent via email. If it needs to be sent via email, you must use an encrypted email service. Be aware of phishing attempts.

Phishing is the process of attempting to acquire sensitive information such as logins, passwords, and credit card information by masquerading as a trustworthy entity.

Emails claiming to be from popular websites are often used to trick you into entering your information.

Do not open attachments without verifying the source.

Opening a ZIP, DOC, DOCX, XLS, XLSX, EXE, or PDF file can compromise your computer. Be vigilant in confirming you know the sender and need the file for business usage. If needed, call the sender and confirm the email is legitimate.

Five ways to spot a fraudulent email

  1. The from email does not match: Email address is xxxx@gmail.com yet it has a logo of a popular company.
  2. Is the email to you? If not, be skeptical unless you can confirm it is authentic.
  3. The links in the email do not actually go to the correct website. You can hold your mouse over a link, and it will show you what URL it is going to. If it does not match the company do not go to it.
  4. The email appears to be a reply from someone you did not send an email to.
  5. An attachment is on the email from someone who normally would not send you an attachment or from someone you did not ask for a file from. Again, if needed, call the sender and confirm the email is legitimate.
Workstation Safety

Keep your workstation locked if you leave your work area.

If you do not lock your screen, someone can interact with the company network using your workstation. On a Windows computer use Windows Key + L to lock your workstation when you get up.

Use a strong password.

Use word phrases that are easy to remember. Include Capital letters, numbers, and special characters with a minimum length of 11 characters.

Keep your password safe.

Do not share your password with others.

Store any password lists in a secure location such as a locked file cabinet or safe.

Do not store any passwords in a readily available location like a sticky note on your monitor or in your desk drawer.

QUIZ TIME

Step 1 of 2

MM slash DD slash YYYY
Name:(Required)