Install anti-virus and anti-spyware software and turn on automatic update.
Be cautious when using external USB drives or memory cards from unknown sources. .
Turn on System Restore and create manual restore points regularly.
Notes on using Wireless Router at home
Change the default administration password.
Change the default SSID/ESSID name.
Use wired connection whenever possible.
Configure your router to allow only your home PCs to connect to it (by adding hardware addresses of your PCs' wireless LAN card to the exceptional/allowed list).
Configure the router to use WPA2 encryption with a strong password.
Do not send sensitive information (such as buying online, using e-banking, and etc) with wireless connection if WPA2 encryption is not enabled.
Use E-mail with care
Do not open file attachments in suspicious emails sent from strangers, or even from people you know but with unusual content, or with extension .bat, .chm, .cmd, .com, .exe, .hta, .ocx, .pif, .scr, .shs, .vbe, .vbs, or .wsf.
Watch out for phishing emails targeted to cheat recipients through social engineering techniques.
Use the email account provided by the University solely for business purpose.
Do not forward business-related emails to your personal email accounts.
Use a separate email account for any non-business activities.
Use Web with care
Use unique user ID and password for e-banking and secure services alike, i.e. never use e-banking user ID and password for any webmail and news group account, or vice versa.
Verify a web site by its digital certificate.
Be cautious when you are asked for sensitive information. Avoid “remember my password” option and verify the authenticity of websites when in doubt.
Enter sensitive information only on secure pages (https).
Cloud services, e.g., iCloud, Dropbox, Google Drive, etc., provide a convenient way to share and store files, only upload business-related data to the cloud service authorised and provided by the University, i.e. the Microsoft OneDrive. When using cloud services for sensitive information, often review and apply the security settings.
Do not download and/or run applications from unknown source. Only download mobile apps from official sources.
Avoid untrustworthy (often free) downloads from freeware or shareware sites.
Do not respond to advertisements on websites. Be aware of fraudulent advertisements for popular brands or any unsolicited links which can be phishing sites.
Turn on Pop-up Blocker and set security to Medium High in the browser settings.
Ensure your browser has got the latest security patch.
Look out for phishing web sites.
Don't provide sensitive information to unfamiliar social sites. Don't share and protect your personal information supplied in a social site.
Regularly assess and apply security and privacy settings in your social networking sites.
Notes on using Public PCs e.g. in cafe, airport and station
Always reboot/restart public computers before and after use.
Avoid sending sensitive information while using public computers or Wi-Fi, such as providing a credit card number to buy online, using e-banking, etc.
Only connect to trusted Wi-Fi networks (e.g. campus Wi-Fi, GovWi-Fi, eduroam, reputable organisations) as hackers may fool you to connect to fake Wi-Fi then capture your data.
Remember to log off properly if you have login webmail, portal etc.
Clear all browsing history (including temporary files, cookies, and web form information) before you leave.