Department of Energy - Protecting Your Computer

Entire Site
CIO only

CIO Home

About Us

Cyber Security

Cyber Security Institute
Action Plans
ASSIST
Incident Response
Network Security
PKI
Security Tools
Training

Documents & Publications

DOE on the Web

E-Gov

Enterprise Architecture

Geospatial

High Performance Computing

IT Acquisition

IT Capital Planning

IT Project Management

computer - monitor, CPU, keyboard and mouse

Protecting Your Computer
Helpful Tips

Note: The links provided here are as a reference. DOE neither endorses or guarantees the information or products.

DO purchase, install, and use anti-virus software on your system:
- Make sure that the on-access scanner (also called the real-time monitor) is active all of the time. You should see an icon for your software in the lower right corner of your screen.
- Make sure that your system receives regular (weekly) updates of the latest virus definitions. This is the only way to protect yourself from the dozens of new and dangerous viruses that are released every week.
- Make sure the scanner scans all files (not just selected ones).
Ultimately, this is the best way to protect your system.
DO purchase and install a personal firewall product to prevent hackers from invading your system.
DO set up your system to show file extensions so that you know what type of file you are looking at. (See the Consult-X, PC Hell, or Trend Micro links.)
DO be wary of attachments that come to you via e-mail. Before opening them, perform this mental checklist:
1. Is it from someone I know? If not, do not open it.
2. Was I expecting this particular attachment? Unless you were expecting a particular item, be suspicious. Confirm the transmission with the originator.
3. What type of file is it? If it appears to be an executable program (with an extension of .EXE, .COM, or .VBS, for instance), be especially careful. Programs are rarely sent via e-mail. Unless you were specifically expecting a program, do not access executable attachments. If the file does not appear to be the type you were expecting, do not open it.
4. When you open the file, do any alerts or warnings display? For instance, does Microsoft Word tell you the document contains macros? If it does, it may contain a virus. Unless you know a document is supposed to have macros, disable them when prompted to do so. Don’t get in the habit of automatically bypassing any alerts.
DO confirm that you have a secure connection when entering sensitive information (such as user IDs and passwords) into a Web page, especially a banking Web site, by looking for the Web address in the browser address bar to make sure that it starts with "https" (or by looking to the lock symbol in the lower right corner of your browser.
For Windows operating systems and applications, DO keep up to date with the latest security patches (available through windowsupdate.microsoft.com).
DO set Internet Explorer Security to "Medium" or higher. (See the Trend Micro link.)
DO require a prompt before opening mail attachments. (See the Trend Micro link.)
In MS Office 97 & 2000, DO enable “macro warning” and “prompt before saving changes to the Global Template”. (See the Trend Micro link.)
DO disable Windows scripting host, which supports a common virus language that is rarely used otherwise. (See the Consult-X, PC Hell, or Trend Micro links.)
DO disable File & Print sharing. (See the PC Hell link.)
DO err to the side of caution. If you are not sure about a file, don’t open it.

DON'T

DON'T open an e-mail attachment unless you were specifically expecting it and can confirm that it is the desired file.
DON'T open any e-mail attachment that has an executable extension (.EXE, .COM, .PIF, .SCR, .VBS, etc.) or a double extension (e.g., FILE.JPG.COM).
DON'T accept attachments from users in chat rooms or through instant messaging.
DON'T enter sensitive information (such as user IDs and passwords) into a Web page, especially at a banking site, accessed by clicking a link in an e-mail message. Instead, manually type the Web address in the browser address bar. When you reach the user ID input page, make sure the lock symbol shows in your browser indicating a secure connection.
DON'T use Peer-to-Peer (P2P) services such as Kazaa, Napster, etc. Most viruses place enticing infected files in P2P directories, making them accessible to other users.
DON'T access pornographic or other objectionable sites, as these often are used to spread viruses or other unwanted programs such as spyware.
DON'T fall victim to a hoax message. Any message that contains dire warnings or asks you to send it on to everyone you know is almost surely a hoax. Only your restraint can stop hoaxes from spreading.
DON'T impulsively download programs from the Internet. Only download programs you specifically chose to get and only from reputable sites and vendors.
DON'T use the Preview Pane in Outlook or Outlook Express. Under certain conditions, some viruses can infect systems just by being read. Using the Preview Pane is the same as reading the message.
DON'T assume that others are protected as well as you are. Be careful of any file that comes from the outside.

Last Reviewed: 7/27/2007

Learn More

Safe Computing Guide

Information Security Check List

Before You Connect a New Computer to the Internet

Tips on Avoiding Computer Worms

How to Avoid Phishing Scams

CIO Web Site Map | DOE Directives | Small Business

U.S. Department of Energy | 1000 Independence Ave., SW | Washington, DC 20585
1-800-dial-DOE | f/202-586-4403