Oklahoma Department of Human Services skip navigationOKDHS Header Image with Agency Logo OK.gov - Oklahoma’s Official Web site
Oklahoma Department of Human Services
Sequoyah Memorial Office Building, 2400 N. Lincoln Blvd. • Oklahoma City, OK 73105
(405) 521-3646 • Fax (405) 521-6684 • Internet: www.okdhs.org
OKDHS Home
Programs/Services
Online Services
Library
OKDHS Local
Careers
Divisions/Offices
Information Services Divisions
Contact Us

 

Learn about the Oklahoma 2-1-1 Advisory Collaborative, which is committed to the implementation of single points of entry to health and human services across Oklahoma


Visit the U.S. Government's Official Web Portal for all government transactions, services, and information for federal, state, local, and tribal governments

Last Updated:  11/30/2007
Search OK.gov
Calendar | Help | Contact Us | About this Site
OKDHS Home > Divisions/Offices > Information Services Divisions > Information Security Office > Information Security for the Home Computer
Security topics to explore
Information security for the home computer

The use of technology and the Internet is a regular part of how we communicate at work, school and home. With the increasing volume and complexity of cyber security threats, we must understand what these threats are and how we can protect ourselves and the information in our care.

The following are suggestions and tips you can use to protect yourself against cyber security threats:

  1. Use and update firewalls and anti-virus and anti-spyware programs -- One of the most effective ways of protecting your computer is to use a firewall and up-to-date anti-virus and anti-spyware products.
    1. Firewalls work by examining information coming from and going to your network or the Internet. The firewall identifies and rejects information that comes from a location known to be dangerous or contains information that seems suspicious. It can even protect your computer from being discovered by a hacker looking for vulnerable systems. 
    2. Anti-virus programs work by identifying specific malicious behaviors and files and stopping them from accessing your system, causing damage and spreading to other systems. Many new viruses, worms and Trojan horses are created every day, so keeping your anti-virus product's definition file updated at least daily is important regardless of which product you choose. 
    3. Anti-spyware programs protect against software that perform behaviors such as pop up advertising, collecting personal information, installing a new toolbar that you can't get rid of or changing the configuration of your computer, generally without appropriately obtaining your consent. Anti-spyware products must be kept up to date to detect the newest identified threats.

  2. Install and patch operating systems and browsers -- Software makers routinely create updates for their products, in some cases to provide feature improvements, but also as the first line of defense in keeping your computer as secure as possible. It is very important to promptly download security updates, service packs and patches when they become available for your operating systems and programs. These patches are created to protect systems against potential attacks. Sometimes dangerous attacks already exist by the time updates are released. You must also update any software you use on the Internet or for connectivity within your network, such as browsers, e-mail, Web applications and remote desktop software, because these kinds of attacks are becoming more common and more dangerous.

  3. Understand passwords and authentication -- Passwords and other authentication methods, like tokens, keys or biometrics, are ways systems verify you are who you claim to be. If someone else uses your credentials, the system will think it's you. That person can do anything you can do on your computer and the system will log their actions, such as deleting files, sending malicious e-mails or browsing to inappropriate sites, under your access credentials.
    1. It is very important to protect both your access and yourself by using strong passwords or even two-factor authentication schemes. Don't share your passwords and access codes, don't store them in unencrypted files and don't write them down unless you then place them in a locked, secured location.
    2. Passwords must be strong and complex so they aren't easily guessed or quickly cracked. Default passwords, names and dictionary words, even in different languages, can be easily guessed or cracked, so use complex passwords that are at least 8 characters long and have numbers, letters and special characters in them. Passwords aren't much use if you can't remember them, so use a pass phrase instead. The phrase "Would you like 3 scoops of ice cream?" can become the strong password "Wul3$o1c?."

  4. Lock workstation and laptop whenever you leave it -- One of the fastest ways to compromise a system is to simply walk up to an unattended, unlocked computer and access the system. No passwords to break, no equipment to set up, no permissions to circumvent -- just start typing and clicking and everything is accessible by the attacker. E-mail access, project files, confidential records and personal files can all be easily compromised.

    In addition, it can take mere seconds for someone to open an anonymous-access service to your machine or install a backdoor into the system. The attacker can then access your folders, files and applications at a later time and at their convenience. If someone does do something malicious via your account, the system will record the event as done by you, not by someone else. Be safe and lock your system when you leave it.

    In many systems you can lock the system with the <Ctrl><Alt><Del> combination or <Windows Tab><L>. Also, configure your system to automatically lock after a short period of inactivity. It is an easy way to help protect your account and the items you have access to. Lockout after 15 minutes of inactivity is recommended, and shorter periods for critical systems or for laptops when you are traveling.

  5. Backup important files regularly -- There are many ways you can lose information on a computer -- a destructive virus, a power surge, lightning, flood, a big magnet or sometimes equipment just fails. If you regularly make backup copies of your files and keep them in a separate place, you can get some, or even all, of your information back in the event something happens to the originals on your computer.

  6. Be cautious when using the Internet -- Browsing to unknown sites can increase the risk of becoming infected with spyware, viruses and other malicious code.
    1. Download files and install programs only when you are authorized to do so, and only when there is a real need. Know with whom you are dealing on the Internet -- anonymous doesn't necessarily mean safe, and many criminals are very good at impersonating real financial organizations like banks and credit card companies.
    2. Never share personal or confidential information if you are uncertain of the recipient's identity or if you are uncertain that they should have access to the information in question. Even when you are certain with whom you are dealing, never share sensitive or confidential information over an unencrypted Internet connection.

  7. Be cautious about e-mail and instant messaging (IM) -- E-mail and instant messaging are wonderful tools, but they can be used or misused in a variety of ways. As a general rule, do not send confidential or sensitive information, like Social Security numbers, account numbers or secret information through unencrypted e-mail or IM. Do not open a message that is of a questionable nature, such as when it has an unusual attachment or is from an unknown sender. Spammers can try to validate targeted e-mail accounts in order to continue spamming them, and malicious code is often spread via e-mail or even IM attachments. Remember that e-mail and news are subject to forgery and spoofing, so apply common sense before assuming a message is valid.

    Phishing is a special type of e-mail or IM attack. A phisher sends out a fake notice, such as '"your credit account has been disabled," a plea for help or a note about an enticing subject. Your system can then be infected with spyware, viruses or a Trojan horse just by clicking on that link and visiting the malicious site. If you share personal information with others as a result of answering these messages, your identity can also be stolen.

  8. Review your computer security -- Review your computer's security periodically and apply appropriate repairs, upgrades and replacements. Maintaining your computer is an important component in your security strategy. Maintaining your computer and its systems will help keep your programs up-to-date and less vulnerable. 

  9. Know how to respond to a cyber incident -- Learn how to recognize cyber attacks and know what to do if things go wrong. Remember rapid response can be crucial, so when things do go wrong or you encounter a suspicious security-related event, report it immediately. If you don't know how to report a cyber incident, ask someone in the Information Security Office.

  10. Remember that cyber security is everyone's responsibility -- Cyber security starts with you. By protecting yourself and the systems entrusted to you, you are protecting your co-workers, your entire organization's network and data and, ultimately, the citizens who are depending on you.
Oklahoma Department of Human Services
Sequoyah Memorial Office Building, 2400 N. Lincoln Blvd., Oklahoma City, OK 73105
P.O. Box 25352, Oklahoma City, OK 73125
(405) 521-3646