Best Security Tips
Junho 23, 2015 - IE #022-15
Per the Citizens’ Confidential Information sections of the Agent Appointment Agreement and the Agency Agreement, agents and agencies agree to exercise a high level of care sufficient to protect Citizens’ confidential information, documents, files, system programs, or data in any form from unauthorized disclosure. The agent and agency agree to develop, implement, maintain and use reasonable and prudent technical and physical safeguards to preserve the integrity, confidentiality and availability of Citizens’ information.
The Citizens Information Technology Security Department has compiled a noninclusive list of six best security tips that can help protect your computer and the data within it and/or accessible through it from the majority of common threats.
Following these tips does not guarantee that you will not experience any security issues, but not following them greatly increases the likelihood that problems will occur. Potential problems include your computer being damaged or being taken over and controlled by someone else, your data being accessed by someone else, and many others. Your organization should have a security program with rules to follow when you use its computers and other technology systems.
1. Use Antivirus/Anti-Malware Protection Suites
A reputable and proven antivirus solution should be running, current and updated when your computer is connected to a network or the Internet. Reputable antivirus solutions are updated regularly to address the newest types of viruses and other malicious software. Without this protection, your computer could be compromised in a matter of minutes when connected to the Internet.
You can take advantage of free security suites, including antivirus software, from major Internet service providers such as Xfinity®, AT&T®, etc.
2. Use a Firewall
A firewall blocks your computer from unsolicited attempted connections coming from the Internet and protects your computer from malicious software that tries to send commands to software on your computer. This is how “worms” such as Blaster spread so quickly in the early days of Windows XP® and why such worms can’t spread as quickly anymore. Windows® has a built-in firewall, so you don’t need to install a third-party firewall; however, make sure you enable the built-in firewall.
You also should ensure that your firewall is configured correctly. When you connect to a network and a pop-up message asks you whether you’re on a Home, Work or Public network, choose the appropriate answer (The question may be phrased as a Private or Shared computer.). If you select the Home option when you’re connecting to Wi-Fi at a public place, your laptop may make your shared files available to other people on the network. The Public option prevents other people from accessing files on your laptop.
3. Keep Your Software Updated – Automatically if Possible
Because new security issues with software constantly are being identified, it’s important to install security patches as soon as they’re made available from software companies. Not only is the software vulnerable until the security patch is installed, the documentation included with the security patch may contain information that makes it easier for attackers to target computers that haven’t been updated.
Most software provides automatic updates to ensure it is updated when new patches are available. Enable automatic updates when possible so you don’t have to remember to update manually.
4. Be Careful About Programs You Download and Run
This one may seem obvious, but don’t download and install bad software. Only download and run trustworthy software. Get the software from its official website. If you want to download Adobe Reader®, for example, download it from Adobe’s official website. Don’t click a Download Adobe Reader banner on another website and download it from another website that may bundle malware or adware along with it.
The same goes for software that arrives via email attachments. Don’t open executable email attachments, identified with an .exe file extension.
When downloading software, watch out for advertisement banners disguised as Download links that will take you elsewhere and try to trick you into downloading possibly malicious software.
5. Beware of Phishing Scams
If you haven’t entered a foreign lottery, then you didn’t win a foreign lottery. You aren’t really a trusted citizen chosen to help transfer funds from an individual that you don’t even know in another country. Your bank probably isn’t going to email you a link to change your password or ask you to click on a link to fix a misrouted payment.
When you get these types of messages, it’s almost certainly a phishing email, which is an email with an intriguing message to bait you into clicking on a link or responding with personal and/or financial information. Phishing emails typically are sent to thousands of individuals in hopes of tricking a certain percentage into responding and falling victim to a compromise of their system and/or data.
Phishing emails constantly are evolving to look as much as possible like legitimate emails, so be very careful when disclosing personal information online. Ensure you disclose it only to legitimate individuals and websites. To access your bank’s website, type the Web address directly into your browser or use a bookmark you created. Don’t click a link in an email that claims to be from your bank; it actually may direct you to an imposter site.
6. Use Secure Passwords
Passwords should be as long and complex as possible. Never use words found in a dictionary or default system passwords. At a minimum, passwords should contain a combination of letters, numbers and symbols. Password leaks have shown that many people use alarmingly simple passwords, such as password, admin and 12345. It should be obvious: These passwords definitely aren’t secure. Remember that the easier it is for you to log in, the easier it may be for someone else to figure out how to log in to your bank account, email, computer, etc.
Passwords should never be stored on your computer or mobile device. If compromised, the bad guys could have access to all your private data.
Additionally, avoid using the same password for your bank, email, shopping sites, etc. The bad guys know people commonly do this and count on this to help them access even more of your data. For example, if a shopping website is hacked and usernames/passwords are compromised, attackers know to try the same username/password combinations on common sites such as Amazon.com®, Paypal®, etc.
Contact your systems administrator for more information.
Agent Bulletins are provided for historical purposes only and have not been updated to include any changes that may have been made after publication. Agents can find the latest information by reviewing the applicable underwriting manuals and by logging in, then selecting Search → Search Frequently Asked Questions.