Cyber-security is a shared responsibility of every employee and organisation unit. EVERYONE plays a big role in keeping the business secure and using private, sensitive information and resources. Here are some tips for cyber-security dos and do nots for use at home or the work place!
- DO use hard to guess passwords, click here for more information! A password should have a minimum of 10 characters, 3 words using uppercase letters, lowercase letters, numbers and special characters. For example pick 3 random words – Lilly2MiaFOX_4!?
- DO use different passwords for different accounts. If you use the same one across all of your accounts – they will all be compromised and can be reset from your email.
- DON’T leave sensitive information (such as passwords) laying around your office or home. Do not share them with others or write them down. Use a password manager with multi factor authentication.
- DO pay attention to phishing traps in emails and always keep an eye out for tell-tale signs on a scam. Do not open mail or attachments from untrusted sources. If you receive a suspicious email, report this to your manager and your IT team. A lot of phishing emails look authentic nowadays so be vigilant and are very common.
- DON’T click on any links sent from an unknown or untrusted source. Cyber-criminals often use them to trick you in to visiting malicious sites and downloading malware that can be used to steal data and damage your network.
- DON’T post any private information, such as credit card numbers, passwords or other private information on public sites, including social media. Do not send this information via email unless authorised to do so.
- DO destroy information properly when it is no longer needed. Place paper in designated confidential destruction bins throughout the office or use a crosscut shredder. For all electronic storage media, consult with your IT team.
- DON’T be tricked into giving away confidential information. It’s easy for any person to call and pretend to be an employee or business partner. Do not respond to phone calls or emails requesting confidential data.
- DO be aware of your surroundings when printing, copying, faxing or discussing sensitive information. Pick up information from printers, copiers, or faxes as soon as you are able to.
- DON’T install unauthorised programs on your work computer. Malicious applications often pose as legitimate software.
- DO lock your computer and mobile phone when not in use. This protects data from unauthorised access and use.
- DON’T plug in portable devices without permission from your IT department. These devices may be compromised with code just waiting to launch as soon as you plug them into a computer.
- DO remember that wireless is inherently insecure. Avoid using public Wi-Fi hotspots. When you must, use a virtual private network software to protect the data and the device.
- DO report all suspicious activity and cyber incidents to your manager and IT department. Challenge strangers whom you may encounter in the office. Keep all areas containing sensitive information physically secured and allow access by authorised individuals only.
- DO ensure you back-up everything, all of the time. The ideal is to have three copies of all of your data; the original, a backup for yourself and an offsite copy.
- DON’T rely solely on anti-virus programmes to protect you. They can’t keep up with all the threats out there. They can provide warnings and even block some malware or attacks. Be sure to update them regularly.
- DO use multi-factor authentication. This adds an extra layer of security! Click here for more information.
We offer a FREE, no obligation security audit on any organisation, contact us today to arrange yours!