Computer Security Guidelines

For Employees and End Users


  1. Always close your programs and sign out of your computer before leaving the workplace.
  2. Leave your computer turned on overnight so automated security updates and virus scans can occur.
  3. Never click on a link in an email or text message unless (a) it is from someone you know, (b) you have verified that he or she sent it, and (c) you have scanned it for threats. (There is a link on our main Security page to a free, online URL scanner.)
  4. Never open, run or install a file received via email or downloaded from the Internet without first testing it for malware. (There is a link on our main Security page to a free, online file scanner.)
  5. Never respond to prompts on your computer that you were not expecting or that you do not understand. Make sure that you know what will happen before you respond to a prompt or enter a password.
  6. Beware of tech support scams. None of the major tech companies (Microsoft, Apple, Google, etc.) ever make unsolicited tech support offers. If you receive a call or email with such an offer it is a scam, so hang-up or delete the email immediately. 
  7. Do not connect a flash drive or portable hard drive to your computer unless you are sure you know what is on it and who put it there.
  8. Only use high-quality passwords that:
    1. Contain at least 8 characters.
    2. Do not contain anything related to you or the business (e.g., your name, your initials, your dog’s name, the business name, phone number, etc.).
    3. Are not on the US NIST Bad Passwords list. (There is a link to this on our main Security page.)
  9. Never use the same password for more than one website, account or service.
  10. Use a secure web browser. We recommend Chrome with the following security extensions: Google Password Checkup, Microsoft Defender, and UBlock Origin.
  11. Never save passwords on your computer or server in an unencrypted document or file. If you have too many passwords to remember, then use a password manager to store them securely. We recommend the LastPass password manager.

Computer security is everyone’s job!