Cyber Security: Home and Business Guidelines

The U.S. Department of Homeland Security, as part of its National Cyber Security Awareness Month, has created a list of fourteen things home users can do to bolster cyber security.

1. Use a suite of automatically updating security tools that includes anti-Spyware, firewall and anti-virus software.
2. Be sure your operating system and Web browser are set to automatically update.
3. Use long, complex passwords for both your computer and your wireless network that include numbers, symbols and letters, and change them every 90 days.
4. Maintain vigilance online and be skeptical about giving up personal information.
5. Turn off your computer when you are not using it.
6. Employ the same online safety behaviors when “surfing” on a mobile device.
7. Be on the lookout for signs of an infected computer including slower processing times, unwanted pop-up ads and increased spam.
8. Talk to your kids about good online safety and security habits, including protecting their personal information and their reputation.
9. Know what sites your children are visiting online, and check their social networking regularly.
10. Regularly back up your files either online or to an external hard drive (and store in a secure location).
11. Post cyber security tips on your favorite community Listserv.
12. Go to your favorite search engine and search by your name and other family members to see what is on the web about you.
13. Make sure your children know that they can come to you if something online makes them uncomfortable, including what others are posting about them, unwanted contacts, and questions they have about staying safe online.
14. Learn more at www.staysafeonline.org.

Good list? Yes.

What about business? The best checklist I have found for good cyber security for the average business is from the Payment Card Industry within its Data Security Standard:

1. Install and maintain a firewall configuration to protect cardholder data.
2. Do not use vendor-supplied defaults for system passwords and other security parameters.
3. Protect stored cardholder data.
4. Encrypt transmission of cardholder data across open, public networks.
5. Use and regularly update anti-virus software.
6. Develop and maintain secure systems and applications.
7. Restrict access to cardholder data by business need-to-know.
8. Assign a unique ID to each person with computer access.
9. Restrict physical access to cardholder data.
10. Track and monitor all access to network resources and cardholder data.
11. Regularly test security systems and processes.
12. Maintain a policy that addresses information security.

Simple? No. But is a great list to build a security plan upon.

This entry was posted on 6 October 2009 at 10:26 and is filed under Security Policy, Personal Security, Homeland Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response or trackback from your own site.

| Print