Hacking Pitfalls: What to Look For and What to Do Recognizing Signs of Hacking:

Unusual System Behavior:

• What to Look For: Unexpected system crashes, slow performance, or unexplained system behavior.
• What to Do: Immediately report any unusual system behavior to the IT department.

Unauthorized Access:
What to Look For: Unrecognized user accounts, login attempts, or suspicious activities in system logs.

• What to Do: Regularly monitor system logs and report any unauthorized access to the IT department.

Unexpected Network Traffic:

• What to Look For: Unexplained spikes in network traffic or unusual patterns.
• What to Do: Implement network monitoring tools and investigate any abnormal network activity.

Phishing Attempts:

• What to Look For: Suspicious emails, links, or messages asking for sensitive information.
• What to Do: Train employees to recognize phishing attempts, and report any suspicious communications immediately.

Unwanted Software or Applications:

• What to Look For: Unrecognized or unauthorized software installed on company devices.
• What to Do: Regularly audit installed software and promptly remove any unauthorized applications.

Regular Software Updates:

• What to Do:  The company will ensure all software, operating systems, and security tools are regularly updated to patch vulnerabilities.

Employee Training:

• What to Do: Look for notices from management for  cybersecurity training sessions to educate employees on recognizing and avoiding hacking attempts.

Strong Authentication Measures:

• Some of our software and subscriptions use Multi Factor Authentication. Do adjust or circumvent these tools.

Regular Security Audits:

• What the compnay will Do: Conduct regular security audits and vulnerability assessments to identify and address potential weaknesses. 
• Periodically audit/check staff computers for unauthorized applications and subscriptions.

Incident Response Plan:

• Occurrences of apps and subscriptions added to staff computers will be documented and evaluated for risk.

Encryption:

• What to do: Management may at times subscribe to encryption tools for staff equipment and use will be explained.

Network Segmentation:

• What to Do: Segment the network to limit lateral movement in the event of a security breach.

Immediate Reporting:

• What to Do: Employees should report any suspected security incidents immediately to the IT department. 
• Take a screen shot with your mobile phone of suspicious web pages or notices on your computer. 
• If you see a suspricios web page or iformation or notice on your computer then power then take a screenshot and power off your computer. Send the screen shot to 312.420.1981 and wait for a response.

Preservation of Evidence:

• What to Do: Preserve evidence of the security incident for further analysis and investigation. Take a screen shot of suspicious screens or notices.

Communication Protocols:

• What to Do: Establish clear communication protocols for reporting and responding to security incidents.

By staying vigilant and adhering to the recommended practices outlined above, employees contribute to the overall cybersecurity posture of the company.

Violations of security protocols may result in disciplinary action, up to and including suspension of access to company equipment or termination of employment.

This section will be reviewed regularly to ensure its relevance and effectiveness. Amendments, if necessary, will be communicated to all relevant parties.