Potential checklists for DOD network users.

This past week I have been thinking about some checklists that I can use for my action plan that will directly affect my process model.  Since my process model is based off an actual threat to a DOD user and system it should work out pretty good here.  I have seen checklists that we have placed by our phones for bomb threats and thought that one should work for a network threat as well.  Since threats are ever changing in our industry it would probably be best to keep the checklist basic and not let it lead to a direct type of threat because there are many out there.  The first thing that I would do is when you get to your workstation every day do a thorough check of your system to make sure that everything is the way that you left it.  You may have to power on your computer especially since updates are installed nightly and it may have not restarted properly.  Also if you have a laptop that you are signed for it would be a good idea to secure it at the end of each day.  I would either take it home with you or secure it in a secure wall locker so a potential unauthorized user will not have access to it.  If you have your computer that is left out all the time check your CD drive to make sure that someone has not placed an unauthorized disk in the drive.  Since most USB ports have been disabled to portable device you shouldn't have to worry about anything there, but just check to make sure that you don't have any foreign items that shouldn't be there installed in them.  Also as soon as you log in with your ID card make sure that you do not see any unauthorized system configurations.  You should do this because your hack could begin once you actively begin using your computer and this could transmit data to the enemy.  If your unit has site that your are mandated not to use then do not use them. There is always a reason not to visit a site that is prohibited on a DOD computer system.  Your personal information could be a target so do not do anything on a DOD computer that could be a target to foreign personnel. This is a pretty rough checklist, but it could be as effective as the bomb threat checklist that is posted by every government phone.  If you practice this with your government computer then if could mitigate the risks that you have when using your PC every day.  Nothing is full proof here, but it should help out.