Keeping Safe Online
As a represntative of Aughton Village Hall (Paid Staff, Volenteer, Trustee, Agent) you are responsible for your personal IT interaction with our services.
Any computer you connect to our network or services to conduct work is expected to be:
- Have anti-virus software installed and updated
- Anti-virus and malware scans completed regularly - preferably daily
- Operating System updated to the latest release version - to include security updates
- Strong password used for your system login
- Strong password used for administrator account
- Strong password used for online services
- Use Two-Step Authentication when available
- Remote access via key-based authentication where possible
When accessing websites you should use HTTPS wherever possible.
When connected to a site with HTTPS (HTTP/SSL) your requests and communication are encrypted. The prevents an attacker from stealing your login credentials or any data passed through.
A HTTPS site is indicated by a padlock in the address bar.
You must always use HTTPS for: Webmail, Online Banking
A common distribution method of cyber attacks is via email.
Be aware of attackers sending
Fake emails How to recognise fake e-mail:
- Suspicious sendong
Never open an e-mail attachment your are not expecting or is suspicious.
Privlidge Escalation Attacks¶
A phising attack attempts to phish your login credentials using a false implimented website
Man in the Middle¶
Two Step Authentication¶
When logging into online services hosted by major 3rd party providers you should utilise 2-step verification when offered to you. 2-step authentication involes using a 2nd device to verify your logins to services, this can involve text mesage verifcation, or code generation in addition to your password. Using a 2-step solution requires an attacker to have access to your specified device AND password, or recovery codes and password.
You PC and online services should use strong passwords that are not not guessable and unique to the system.
- At least 1 upper case character
- At least 1 integer character
- Not related to previous passwords
- Password management is NOT enforced in corporate applications
- Passwords are a users responsibility on personal accounts and services * Services will impose there own restictions
Any data held by an individual must be compliant with out IT Services Policies including data backups.
If you maintain records outside of the corporate infrustruce (on your own computers) you are responsible for implimenting secured backup and rention policies.
Available from the National Cyber Secuirty Center (GCHQ)
Spotting Suspicious E-mail