For years my kids have viewed me as not very tech savvy, in part, perhaps, because I’m a parental unit and old folks like me just don’t get it, and in part because I’m not a computer gamer. Thus I found it ironic when one of my sons recently called home from college hoping for instructional help and guidance with his laptop. It seems that a shared music file off of LimeWire was infected with something truly nasty and the laptop was dying fast. His call to me came after several unsuccessful attempts to salvage data and recover from the attack. To make matters worse, system restore points had somehow been erased, apparently as part of the attack.
I was not able to help him with this problem since we are separated by several thousand miles. My only advice was to suggest that the time had come to seek the advice of an expert and take the system in. With any luck and perhaps a few hundred bucks, he would be back in business. I didn’t offer any monetary assistance because all of the kids have been educated about safe practices when it comes to using the Internet. Further, my son didn’t ask for financial assistance because he knew that this outcome was of his own doing. We had this unspoken acknowledgement that “stupid is as stupid does.” You see, I believe that one learns best by dealing with the consequences of one’s own actions, particularly when one should have known better.
Unfortunately in a work setting such as a law office, allowing similar life lessons to play out isn’t an option as the wrong mouse click by anyone in the office could result in serious and unintended consequences to the office network. While my son’s actions were stupid because he did know better, many computer users truly aren’t aware of all the ways that they could expose the network. With this in mind, I share the following list of behavioral safety tips for those of us who work in the wired world. Share them with all in the office because it’s too easy to assume that everyone knows these things. Truth be told, many don’t and that’s a problem.
1. Go directly to the source; don’t have someone else offer to take you there. Offers of a lifetime, outlandish headlines, and breaking news about Paris Hilton or Britney Spears are just examples. Don’t follow links in email or instant messages. Go to the news source or website directly if you wish to confirm the veracity of the offer or information.
2. With free, you get what you pay for. The use of a free peer-to-peer file sharing network is a security risk, period. Free music, free toolbars, or free screen savers (and the list goes on and on) can sometimes bring network or PC instability due to a software incompatibility issue. They can also bring with them more than just what you see. As an example, after downloading a free toolbar that comes with emoticons you might find yourself dealing with a substantial increase in pop-up ads. Why do you think these things are free?
3. Never give out personal information over the web unless you have initiated the contact by going directly to the website and have a secure connection. If you really feel that your bank or Pay Pal is trying to confirm information, call or email them directly. Don’t respond to incoming email that asks for personal information. It’s almost always a fake.
4. Don’t click on links in email, particularly those in the chain email that everyone forwards. The joke of the day, the feel good message from the Dali Lama, or the plea for money to help those in need after a major disaster is often not what it portends to be. Others are preying on you. Also be aware that email that appears to come from a friend or loved one may actually not have. There is nothing wrong with a quick call or text to the sender to confirm that they actually sent the email.
5. Keep your security and operating system software up to date at home and at work. This is particularly important if a home computer will be used for work in any way, shape, or form. Also, always remember to back up data. My son deeply regrets not having done so as he lost much of his music collection.
6. Never click Agree or Ok to close a pop up window as this sometimes results in an unintended download of malware.
7. Don’t respond to unsolicited junk email as this simply validates that your email address is a good address. You will see more junk, some of which will be a security risk if opened.
8. Do not connect to the Internet via free WiFi hotspots absent the ability to encrypt your session. Others can and sometimes will monitor what you are doing, which might include recording any login information that you used while on the Internet. Heaven help you if your credit card account login information is stolen in this fashion.
9. Visit only reputable sites especially when making any kind of online purchase or downloading anything and confirm that the site is secure prior to entering any payment information. Programs like McAfee’s “SiteAdvisor” can help with this.
10. If using someone else’s computer, including computers at Internet Cafés, always uncheck any “remember me” boxes at login, log out of all sites that you were logged into when finished, and close the browser. This will help prevent someone from later obtaining personal information about you by following the trail you left behind. If you know how, you should also delete your browsing history, temporary folders, and cookies.
11. Never disable the firewall in order to visit a website. Don’t change your browser security setting to low or turn off your security program solely to allow a website to load. The site isn’t loading for a valid security reason.
12. Read and follow your firm’s Internet Use Policy, if one is in place, and ask for clarification on any item that you don’t understand.