Thomas Jefferson University

Main menu:

Best Practices

Teaching yourself to recognize a potential vulnerability and to act accordingly, is the best way to keep your information safe. The following information will assist you in protecting yourself and help you utilize best practices at Jefferson.

Email

Phishing

Email allows us the opportunity to communicate and share information at the click of a button. An e-mail client is another term for an e-mail program or application. E-mail clients include Outlook, Outlook Express, Netscape Messenger, and Eudora, to mention a few. Jeff ITs standard e-mail client is Outlook Express. Please review the following best practice tips:

  • Empty the Trash, When you don’t empty the e-mail trash folder, it takes up excess space on the server, and can contribute to a slow down in e-mail performance. Emptying you e-mail trash folder should be routine maintenance
  • Use cryptic passwords that can't be easily guessed, and protect your passwords.
  • Don't share your passwords and avoid writing them down.
  • Don't provide personal or sensitive information to Internet sites, surveys or forms unless you are using a trusted, secure web page.
  • Don't open email attachments or click on web site addresses in emails unless you really know what you're opening.
  • Delete spam and suspicious emails; don't open, forward or reply to them.
  • Never respond to suspected phishing e-mails under any circumstances. A phishing scam is an email fraud in which the perpetrator sends legitimate-looking emails that appear to come from a well-known and trustworthy website in an attempt to gather personal and financial information from a recipient. (example)
    • If you receive an email that asks for help getting money out of a foreign country, don’t respond, don’t give them any information and don’t pay any money. Delete the email.
  • Beware of Spyware. Spyware and adware belong to a group of malicious software called malware, which can be disruptive, invasive, and potentially damaging to your computer.
  • If you no longer wish to be part of a mailing list, unsubscribe to keep the clutter out of your Inbox.
  • Don’t send large attachments to large numbers of people.
  • Avoid flashy graphics or special fonts in your signature line.
  • Never, ever forward chain letters. You may be inadvertently passing on viruses or spyware!
  • If you think your password has been compromised, change it immediately. Employees should notify the information security officer or manager at their organization.
  • Perform routine, regular email maintenance. Schedule at least 10 minutes a day, depending on volume, to maintain your email.

Internet

The World Wide Web allows us access to an incredible amount of information. Unfortunately, it also opens the door to scammers, and identity thieves who want to take advantage of unsuspecting users. So please consider the following:

  • Don’t download software unless you know and trust the source. Suspicious sites may contain viruses and spyware.
  • Avoid suspicious web sites
  • Do not click on unfamiliar links: Since merely clicking on a link can result in something being installed on your computer, you should verify the link.

General

Below are some general tips for safe computing.

  • In public areas, turn the monitor so it faces away from the public
  • Always log yourself out of computer lab workstations, and reset public kiosks before you walk away
  • Protect your personal information (name, birth date, Social
    Security number, banking and checking account or PIN numbers).
  • To minimize risk of identity theft, don’t share this information unless you know how it will be used and protected.
  • Log off you computer when leaving for the night, weekend or going on holiday.
  • If you use a laptop and need to be away for a meeting, it’s recommended that you secure your system while your away.
  • Back up important data regularly, or save them on your shared folder that is backed up (such as your personal departmental share). Store safely any backup disks you make yourself.
  • Your workstation should have a screen saver activated that is password protected.
  • If you believe office keys have been lost, misplaced, or stolen, recommend to your supervisor, department head, or advisor that doors be re-keyed by Facilities Services.
  • Never execute a program (".exe" file) if you do not know what it is/does, or if you do not trust the source. This is particularly the case for files that are sent to you via e-mail, or are downloaded from a web site that you do not trust.

Read More