Free Stuff
Checklist for PC Users at the Office
This is one of a set of 6 free security checklists. To see the others, click the "free checklists" link above. To use the checklist, we suggest that you print it out, consider each point in turn, then tick the box when you've dealt with it.
Remember, this isn't a quiz or a test. You don't score points for each box you tick or leave blank, and there's no league table of top scorers.
| What | Why | ||
| 1 | c | Ensure that your computer has up-to-date antivirus software installed. | Antivirus software protects your files from all of the major threats that arrive over the internet, such as infected email attachments and Trojans. But it only works if you keep the software updated. |
| 2 | c | Ensure that your computer is protected by a firewall. | A firewall helps stop hackers on the internet from attempting to connect to your PC in order to read information or simply crash your system. |
| 3 | c | Microsoft issues security patches for Windows regularly. Check that your PC is configured to download and install these automatically. | Hackers are constantly scanning the internet for computers that haven't had important security patches installed. Don't let them find your PC. |
| 4 | c | You should run anti-spyware software on your computer at least once a week. If you don't have any, products such as "AdAware" and "Spybot Search & Destroy" are effective and free. | Spyware slows down your computer and results in loss of privacy. It gets installed without your knowledge by web sites that want to know all about your computer usage habits, so they can display adverts which are more relevant to you. |
| 5 | c | Always ensure that you have a recent backup copy of your important documents and other work, and that the backup isn't stored on or near your computer. If your company doesn't provide this facility for you (by, for example, allowing you to store documents on a central server which is automatically backed up), invest in an external hard drive or USB pen drive. |
Having a backup copy of important files is vital. It will
protect you if the computer breaks, develops a fault, or is lost
or stolen. But many people make the mistake of storing the backups in a different part of the same computer, which means that the backups and the originals will both be lost if the machine is stolen or develops a major fault. |
| 6 | c | "Phishing" emails are messages that appear to come from a bank or other financial organisation such as eBay or PayPal and which ask you to visit a web site to confirm your account information. Never click on the links to such web sites. Always ignore such messages, and simply delete them. | Such messages are bogus. You will actually be sending your account details to hackers if you click on the link. You might also find that your computer gets infected by a virus too, for good measure. |
| 7 | c | Never reply to spam email, such as messages offering cheap drugs. If there's a link to "click here to be removed from our database", don't even click it. Just delete the message and take no further action, even if the contents are offensive. | Once you reply to a spam email, the sender knows that he has stumbled across a working email address that is inhabited by a real person. He can then sell your address at a premium to lots more spammers, all of whom will then start to send you even more unwanted email. |
| 8 | c | Never share passwords. If someone needs to borrow your password, it's best to refuse. And if you're tempted to borrow someone else's password in order to get into something that you don't normally have access to, don't do it. | Most companies prohibit password-sharing, and you may find yourself facing disciplinary action if you allow it to go ahead. More importantly, if someone borrows your password and uses it to do something that they shouldn't, their actions will appear in the company's logs against your name and you might find yourself taking the blame. |
| 9 | c | Never click to open an email attachment unless you were expecting the file and you know who sent it. | Viruses and trojans mostly spread by emailing themselves to others as attachments. An unexpected attachment from a friend or colleague might not be all it seems - the virus or trojan might have mailed itself to everyone in that person's address book without their knowledge. |
| 10 | c | Don't carry out personal online banking, or other activities that require you to enter private information, from your computer at work. | Many companies utilise automatic logging systems to record internet activity by staff. If you carry out personal online banking from the office, there's a chance that your private information will be recorded on the company's systems. |
| 11 | c | Don't criticise your employer, or divulge any confidential information about where you work, in online forums, chatrooms or blogs. | Such activity is often prohobited and can lead to accusations of you bringing the company into disrepute. It's not unknown for such activity to result in dismissal. |
| 12 | c | Never install new software on your office computer without permission from your IT or technical department. | Some software might cause problems with existing applications, or might not install properly if you don't log in as an administrator (which you probably won't be able to do). Also, many companies keep a log of all installed applications to ensure that they don't exceeed the number of licences that have been purchased. If you bypass this system, there's a risk that the company will unknowingly be using pirated software. |
| 13 | c | If your company has a computer usage policy, or an internet usage policy, which explains what you can and can't use your office PC for, make sure you adhere to the rules. | Such activity can result in you facing disciplinary procedures or losing your job. |
| 14 | c | Never be afraid to tell someone if you think you have inadvertently messed up and caused a potential computer problem, such as accidentally deleting a file or forgetting to scan a document for viruses before opening it. | The sooner you get someone to check out the problem, the quicker it can be dealt with and the greater the chance of successful recovery. For example, if you accidentally delete a file, it can normally be recovered easily if a technician starts work straight away. Leave it a couple of hours and the task becomes much harder because the data might have been overwritten by other users. |
| 15 | c | Never divulge confidential information about the company to telephone callers or in response to email enquiries, unless the person making the enquiry has a good reason to know the information and you can verify their identity. | "Social engineering" is a form of hacking in which people pretend to be someone else, such as an employee who's forgotten their password or a market researcher who'd like to know which types of security you use on your computers. Someone who telephones to ask for their password to be reset might not be a genuine caller, so always be on your guard. |