End User IT Security Tips

  • Three Big Tech Trends From CES – For 2018 and Beyond

    by Matthew Stern  | January 12, 2018
    The CES show in Las Vegas is the main event of the consumer technology world, giving the public an eyeful of the bleeding-edge tech being developed across industries. We’re exploring some of the biggest trends at this year’s show, and what they might mean for all of us.
    Full Story
  • CompTIA Community Forum Puts a Face on Tech

    by Daniel Margolis  | January 10, 2018
    CompTIA’s communities are great places to connect with like-minded peers and share best practices on a wide range of topics, and this spring they’re coming together at the CompTIA Community Forum (CCF), March 20, 21, at the Chicago Marriott Downtown.
    Full Story
  • Veteran Turned IT Pro Victor Johnston Pays It Forward

    by Brian Sherman  | January 09, 2018
    After completing the Wounded Warrior Project's Transition Training Academy, Victor Johnston spent several years honing his IT skills before building his own successful consulting firm. The current vice-chair of CompTIA's Future Leaders Community now spends a substantial amount of his time helping fellow veterans and others in need.
    Full Story
  • Born-in-the-Cloud CompTIA Member Advocates for Mentorship, Diversity

    by CompTIA  | January 04, 2018
    As National Mentoring Month begins, get the story of Keith Strong, co-founder and president of Network Insiders, who advises new IT pros how to grow their tech careers.
    Full Story
  • ChannelTrends: A Look at the Past, Present, and Future of the Channel

    by Brian Sherman  | December 28, 2017
    The channel’s future won’t solely depend on IoT, cybersecurity and advanced technologies like artificial intelligence and machine learning. Core technology competencies such as remote monitoring and remediation, backup and disaster recovery, cloud management, and desktop/ mobility device support will be needed more than ever.
    Full Story
  • Check Out CompTIA’s Top 10 Most Downloaded Resources for 2017!

    by CompTIA  | December 21, 2017
    You want the best of the best? Here it is – according to you! CompTIA publishes content year-round on a variety of topics to bring our membership and the tech industry at large coverage on everything from industry trends and forecasts to specific thoughts on how to adopt new technologies and expand your business. Check out our top 10 most downloaded resources of the year.
    Full Story
  • ChannelTrends: Connecting the Dots Between Tech and Business

    by Brian Sherman  | December 20, 2017
    With technology no longer the sole domain of IT teams and the expansion of work-enhancing applications, departmental procurement, and rogue IT, provider responsibilities have shifted. That's why channel professionals must boost their business acumen. Less conversations around "speeds and feeds."
    Full Story
  • ChannelTrends: Build Out or Partner in Cybersecurity? The Debate Continues

    by Brian Sherman  | December 13, 2017
    While tech companies can theoretically offer every available cybersecurity tool and provide a comprehensive portfolio of assessments and consulting services, that usually doesn’t make sense. In fact, most channel firms have financial and resource utilization limitations that make partnering an attractive and often necessary option.
    Full Story
  • Five Great Gifts for the Tech-Savvy Professional

    by Matthew Stern  | December 13, 2017
    The holidays are coming up fast, and plenty of us are still keeping an eye out for perfect gifts for our family and friends. Tech-savvy professionals can be a tough set to shop for – but here are five great gift ideas that will definitely get a woot.
    Full Story
  • CompTIA Community Leader Phases into Retirement

    by Michelle Lange  | December 07, 2017
    CompTIA Member Communities Director Cathy Alper leaves an imprint of process and facilitation methods.
    Full Story
First PagePrevious Page
Next PageLast Page
Page: of 183
Among the findings of CompTIA’s IT security research, is that most breaches are caused by simple user error, suggesting that no amount of IT security measures can protect an enterprise from accidental breaches caused by careless or uninformed employees.

Several organizations including the National Cyber Security Alliance have developed guidelines for individuals to stay safe online, while CompTIA’s Security Trustmark program validates that a business adheres to the industry’s best security practices.  However, we couldn’t find good guidelines for an IT security employee education program.  So with the help of our own in-house security expert we created our own!  The following tips can be integrated into a company’s internal awareness campaigns or used on their own in print, online or during media interviews:

• External storage devices can compromise security by allowing viruses and other malware to bypass network security safeguards.  Simply connecting a USB “thumb” drive, SD card or portable hard drive to a desktop computer can infect the entire network from inside the same way a hypodermic needle could easily transmit blood-borne viruses that couldn’t otherwise penetrate the skin.

• Sensitive, confidential data can be sent out inadvertently as part of routine email correspondence.  It isn’t difficult to imagine emailing a spreadsheet of names without noticing that one of the tabs contains credit card numbers.  An internal company owner of each data class should be appointed to monitor and maintain confidentiality.  Staff should be trained to identify, label and protect sensitive data so they don’t inadvertently give away the keys.

• The data contained on IT hardware such as laptops and smart phones can be as valuable as the hardware itself.  Staff should be aware of how hardware is commonly lost or stolen (from cars, airport security, hotel rooms, etc.) and be given the tools (such as cable locks) to secure their devices.  Further, they should know what is safe to store on the devices and how to use any included encryption software.

• Security can be compromised by staff accessing (or trying to access) sensitive data from an infected machine or over an insecure network connection.  Trying to log in to a secure network from a machine that is infected with a key-logger or other spyware can expose a user’s password and other sensitive data to a third party.  Using an insecure wireless network to access sensitive data also can pose a security risk.  Staff should be trained to avoid using insecure machines or unencrypted networks to access corporate networks or sensitive data.