Table of Contents

Best Practices

Updated

Email

  • Report any suspicious emails to phishing@bigelow.org asap.
  • Do not open attachments from unknown senders or that look suspicious
  • Never enter your password into a website opened from a link in an email, instead, navigate to that website yourself and log in
  • Never reveal your password or click on unknown links or attachments. Be careful who you share your private information with.
  • Don't respond to email, instant messages (IM), texts, phone calls, etc., asking you for your password. You should never disclose your password to anyone, even if they say they work for Bigelow or partner organizations
  • Only click on links from trusted sources. Never click on an unfamiliar link unless you have a way to independently verify that it is safe. This includes tiny URLs and any link where you can't tell where it will take you.
  • Don't open unsolicited or unexpected attachments. If you can't verify an attachment is legitimate, forward it to phishing@bigelow.org.
  • Don't give private information to anyone you don't know or who doesn't have a legitimate need for it -- in person, over the phone, via e-mail, IM, text, Facebook, Twitter, etc.
  • Beware of IRS scams and phony computer support scams. These are usually over the phone and threaten dire consequences if you don't act immediately.

Passwords

  • Use long (14+ characters) and unique passwords for all Bigelow-related accounts
  • Use a password manager to keep track of passwords
  • Do not store passwords in any computer file outside of a password manager (e.g. 1Password), including password protected documents (e.g. Word, Excel, Notes)
  • Do not put passwords on any physical media, including paper
  • Do not share account login information with other employees
  • Do not use the same password for all accounts

Computers

  • Manually lock computer when you leave your desk for any period of time
  • Configure computer to automatically lock after 2 minutes of inactivity
  • Do not leave computer unlocked in any public location or at home
  • Shut down or restart your computer at least weekly -- and whenever your programs tell you to in order to install updates. This helps to make sure software and security updates are properly installed.

Internet

  • If using your work computer from public WiFi (e.g. airport, bus), use the Bigelow VPN to mask your traffic from eavesdroppers
  • Only use trusted, secure web pages when entering personal or sensitive information online. Don't log in to web sites or online applications unless the login page is secure.
  • Look for https (not http) in the URL to indicate that there is a secure connection.
  • Be especially careful about what you do over wireless. Information and passwords sent via standard, unencrypted wireless are especially easy for hackers to intercept (most public access wireless is unencrypted).

Information

  • Delete/shred sensitive information when possible. Keep it off of your workstation, laptop, phone, and other electronic devices when possible

Still need help? Submit a ticket.

How did we do?

Event Procedure

Powered by HelpDocs (opens in a new tab)