One Step Ahead: Back to Basics
Another tip in a series provided by the Offices of Information Security, Information Systems & Computing and Audit, Compliance & Privacy
Three years ago, the Penn Office of Information Security (OIS) surveyed the Penn community to determine which information security actions and practices are essential to help you in protecting yourself and sensitive Penn data. These six topics formed the basis of ISC’s Year of Basics.
Install and run antivirus software. Penn provides free software to all eligible affiliates, such as most faculty and staff. Be sure to update your antivirus software with the latest definitions and schedule a scan at least once a week. You can also schedule scans and updates to run automatically.
Use a password manager. A password manager is a software application designed to securely store and manage online credentials. LastPass allows you to use one password to access your protected list of saved passwords, can generate multiple complex passwords, and is compatible with the use of Two-Step Verification. Penn provides LastPass Premium to eligible affiliates at no charge.
Understand the sensitivity of your data by familiarizing yourself with Penn’s Data Risk Classification. Penn classifies its data into three categories based on the level of data sensitivity: High, Moderate and Low.
Enroll in Two-Step Verification for PennKey and other Penn services that support it. Penn recommends using Duo Mobile for the best Two-Step Verification experience.
Update your software. This is the single most powerful thing you can do to protect your computing assets and sensitive data. Patched, up-to-date software ensures you have the latest fixes and security patches available. Make sure you enable automatic updates and install them when offered.
Verify information before you act. Be wary of unsolicited emails, texts, or phone calls. Malicious individuals use techniques like phishing, phone scams, infected USB drives, and impersonation to gain your trust to lure you to share sensitive information.
For additional information visit: https://www.isc.upenn.edu/security/basics.
For additional tips, see the One Step Ahead link on the Information Security website: https://www.isc.upenn.edu/security/news-alerts#One-Step-Ahead.