Security planning

Share

Share this page with the external widget:

  • Delicious
  • Digg
  • Reddit
  • StumbleUpon
  • Email

Good practice security habits for all employees

A ten-point checklist for common security issues in the workplace.

  1. Basic housekeeping - Basic good housekeeping reduces the opportunity for planting suspect packages and helps deal with false alarms and hoaxes. It reduces the number of places where devices may be left.

  2. Data handling - Take care when dealing with private and personal data – ensure it is handled in accordance with the organisation’s own rules and the requirements of the Data Protection Act. When issuing data to others be sure to understand what it will be used for and send only the data required.

  3. Email/downloads - Do not open or respond to an email from an unrecognised source or download attachments and/or files without knowing what they are and where they are from – this is the most common way that computers pick up a virus. Equally, take care when attempting to download content directly from an unknown internet site.

  4. Keep colleagues informed - Report any concerns or where others appear to be acting suspiciously and feel welcome to suggest any improvements that can be made to improve standards of security in the workplace.

  5. Network and computer use - Always lock the screen (Ctrl + Alt + Del) when leaving a computer terminal unattended and log-off completely when leaving for the day.

    Never insert a disk, USB or other portable device into the computer unless sure of its origin.

    When deciding a password always use ‘strong’ passwords that contain a mix of letters, symbols and characters and choose a different password for each system. Never reveal the password to others, even to close colleagues or managers.

  6. Outside the workplace - Avoid taking sensitive or valuable information away from work unless it is essential and secured via encrypted laptops or USB devices.

    When away from the premises and/ or in public areas, keep all sensitive information secure to prevent loss or theft. For example, never leave such items locked in a car overnight.

  7. Personal details - Never give out any personal or confidential details to anyone over the phone unless sure about the person requesting them and that they are entitled to them. Do not submit any details into an unfamiliar website or unsolicited email/internet pop-ups.

    Take care with the amount of information and photographs shared on any online social networking sites – for example, details of periods of time away from home – and avoid discussing work related issues.

  8. Security passes - If a staff pass system is in place, insist that staff wear their passes at all times and that their issuing is strictly controlled and regularly reviewed. Visitors should be escorted and should wear clearly marked temporary passes, which must be returned on leaving. Anyone not displaying security passes should either be challenged or reported immediately to security or management. Consider introducing a pass system if you do not have one already.

  9. Visitors - All visitors should be provided with a temporary visitor badge with limited access rights. This badge should also be returned as they leave. All visitors should be escorted at all times when on the premises.

  10. Work areas - Keep desks and work areas clear and tidy. Lock all documents and loose items away at the close of the working day. Ensure printers and photocopiers are always clear of any papers.

    All confidential/commercial documents should be appropriately marked and kept in a secure, lockable storage facility.

    Sensitive papers in particular should be securely disposed of – such as through a shredding machine – rather than left for collection.

Share

Share this page with the external widget:

  • Delicious
  • Digg
  • Reddit
  • StumbleUpon
  • Email
computer keyboard