On December 3, 2012 Scott Lowe of TechRepublic published(updated) a post about the 10 security mistakes that are easy to avoid.
The issues discussed by Scott are basic yet fundamental in addressing any information security concerns. The tips are useful and easy to understand, from a end user point of view. From a user’s perspective, these tips offer a good point to begin with.
In essence, Scott discussed the common mistakes users do with the passwords- simple & never changed- the most common mistake a majority of users do; insufficient virus& malware protection; misconfiguration & patching problems; data storage and backup testing issues; problems with generous permissions and concerns relating to mobile security. While the article can be accessed here (TechRepublic, 10 security mistakes that are easily avoided) few more issues may require the end user attention as well.
I would like to add VOIP security issues as well since it was demonstrated that Botmasters can use VoIP conference calls to communicate with the zombie machines in their botnets. Secondly, encrypting the documents which is an easy and simple option to ensure the data confidentiality yet greatly neglected. Another simple yet effective measure most mobile users ignore is hard disk encryption to secure the sensitive data in their laptops/devices.
These tips are worth practising, as information security nowadays is our OWN concern and cannot be left to the security administrators.