State Employee Computer Security Tips

From using encryption on sensitive files to clearing your workspace of private information when you are away, you play a key role in information security. The following are some tips that will safeguard you, your computer, and Missouri’s data.

  • Never share your passwords with anyone, including help-desk staff.
  • Your password is used to identify you as you when you login. You are responsible for anything performed under your username and password combination. You can grant supervisors and coworkers access to your Outlook information without sharing your password.
  • Create strong passwords by including special characters, and using both upper and lower case letters.
  • By using special characters and upper and lower case letters, it becomes difficult for someone to guess your password.
  • Do not write your passwords down and leave them near your computer.
  • By leaving post-it notes or other loose paper containing passwords near your computer, you are inviting someone to gain access to sensitive information.
  • Always encrypt and password protect sensitive information.
  • Social security numbers, credit card numbers, and healthcare information are protected by both State and Federal law. By default, email offers no security when sending someone information. Any sensitive information whether residing on a network share, or other storage device, must be encrypted.
  • Always lock your computer when you leave your workspace.
  • By locking your computer, you are preventing someone from using your logged-in accounts such as email and network shares.
  • Always store CDs, USB drives or other removable devices containing sensitive information in locked drawers.
  • Physically securing devices around your workspace will ensure that you, and only you, have access to the contents of these devices.
  • Any electronic device used to store State information must be properly erased by your professional IT staff, before it is discarded or disposed via property transfer or surplus.
  • Sensitive information is still accessible even after files have been deleted and the storage device formatted.
  • Use the network drives provided by your agency to save all important files and documents.
  • These drives are routinely backed up to prevent data loss.
  • If you are assigned a State issued laptop, make sure that you connect it to the State’s network every thirty days or less for security updates and other patches.
  • Ensuring that your assigned laptop is up-to-date with the latest security updates and other patches will help ensure problems are avoided in the future.
  • Third-party software applications can affect both your computer’s operation and the operation of the State’s entire network.
  • Always check with your agency IT director prior to installing any third-party software. Shareware often carries strict licensing requirements.
  • Never open email attachments if you are unsure about the origin or reason for the attachment.
  • Even if you receive an attachment from a friend or coworker, think twice before opening.
  • Email messages you send become the property of the recipient.
  • Treat an e-mail like a postcard. The information you place in an e-mail can show up anywhere and anytime. Think before you send any email message.
  • Think before you click on a link.
  • You should not immediately trust links provided within email messages, pdfs, search engine results, or even trusted websites. If you become suspicious or have second thoughts, do not click on the link.

If you become aware of a potential security risk, or if State data may have been inappropriately exposed, please contact the Office of Cyber Security immediately.