SOFTWARE SECURITY FOR PORTABLE COMPUTERS
The best defense for portable computers is theft prevention, but there are ways to minimize the impact if your portable does get stolen. Setting a startup password is a first step, although thieves may be able to defeat this by resetting the password or using a master password that is designed to let the Original Equipment Manufacturer (OEM) bypass user-set passwords. You should not use
features that allow you to remember passwords on laptop computers. Although it is convenient not to have to type in your passwords each time, it is very inconvenient when a thief is able to log on to your computer, log on to the network, and access your e-mail and data files.
DEFENDING AGAINST SOCIAL ENGINEERS AND PHISHERS
There are really only two steps involved in protecting yourself against Social Engineers who try to charm, intimidate, or trick you into giving them information or against Phishers who try to steal your personal information.Being aware of what is happening just saying no.
You should be suspicious of people who ask you for your account name and password, computer name, IP Address, Mac Address, Employee ID Number, or other information that could be misused. You should be especially suspicious if they attempt to charm you or intimidate you. Refer them to the IT Department. If they claim to be from the IT Department, hang up and call back to verify this information or check it out with your supervisor.
If they claim to be a Manager or Officer in your organization and you do not recognize their name, voice, or face, explain that you are concerned about protecting the security of the network and that you need to verify their identity before you can give them sensitive information.
If you receive E-mail that claims to be from your Bank, ISP, or an organization with which you do business that requests information about your account, do not respond via E-mail or a Web page. Instead, call the organization and ask if the e-mail request is legitimate (do not use any telephone number listed in the e-mail; look up the number separately). Most organizations do not use e-mail for such correspondence. Do not click on links contained in e-mail messages to visit an organizations Web site. Instead, manually type in the URL for the organization ̳s home page and navigate from there to your account logon site.