3 ways to secure your law firm’s information and reputationNikec Solutions
As competition within the legal environment intensifies, law firms are constantly looking for ways to differentiate their services.
While many consider their reputation as their greatest asset that took years to build, there are a few key elements that underpin this, one of which is security.
It is this robust security that can prevent issues such as data breaches which in turn will destroy your reputation at the snap of a finger.
It is not only the law firms who understand the need for data protection and security, clients and consumers are becoming much more savvy and are realising that they too, need to protect their own.
With newspapers filled with stories of hackers attacking large multinational companies and mobile devices with sensitive data being lost or stolen, security is fast becoming a top priority for most businesses today.
Here are 3 ways to secure your law firm’s
information and reputation
Securing Your Digital Files from Legal ThreatsAbbie Hosta
Get ready to learn some immensely powerful tips and management approaches designed to safeguard your digital files firm from today’s growing cyber threats. Dive into Worldox technology and how it helps clients ensure compliance with ABA rules and protect your documents. We’ll offer practical guidance and strategies for Worldox users, law firm administrators, and IT managers looking to secure their documents and protect their sensitive client, business and employee information.
Information security or Infosec worries with protecting information from unauthorized access. Its a part of information risk management and it therefore involves preventing or reducing the probability of unauthorized access, use, disclosure, disruption, deletion, corruption, modification, inspect or recording. In this article we will talk about the IT security, various threads to information security, different obstacles of information security and the various ways in which internet can be lucrative. Bhavya Verma | Purva Choudhary | Dr. Deepak Chahal "An Empirical Study on Information Security" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd30888.pdf Paper Url :https://www.ijtsrd.com/computer-science/computer-security/30888/an-empirical-study-on-information-security/bhavya-verma
3 ways to secure your law firm’s information and reputationNikec Solutions
As competition within the legal environment intensifies, law firms are constantly looking for ways to differentiate their services.
While many consider their reputation as their greatest asset that took years to build, there are a few key elements that underpin this, one of which is security.
It is this robust security that can prevent issues such as data breaches which in turn will destroy your reputation at the snap of a finger.
It is not only the law firms who understand the need for data protection and security, clients and consumers are becoming much more savvy and are realising that they too, need to protect their own.
With newspapers filled with stories of hackers attacking large multinational companies and mobile devices with sensitive data being lost or stolen, security is fast becoming a top priority for most businesses today.
Here are 3 ways to secure your law firm’s
information and reputation
Securing Your Digital Files from Legal ThreatsAbbie Hosta
Get ready to learn some immensely powerful tips and management approaches designed to safeguard your digital files firm from today’s growing cyber threats. Dive into Worldox technology and how it helps clients ensure compliance with ABA rules and protect your documents. We’ll offer practical guidance and strategies for Worldox users, law firm administrators, and IT managers looking to secure their documents and protect their sensitive client, business and employee information.
Information security or Infosec worries with protecting information from unauthorized access. Its a part of information risk management and it therefore involves preventing or reducing the probability of unauthorized access, use, disclosure, disruption, deletion, corruption, modification, inspect or recording. In this article we will talk about the IT security, various threads to information security, different obstacles of information security and the various ways in which internet can be lucrative. Bhavya Verma | Purva Choudhary | Dr. Deepak Chahal "An Empirical Study on Information Security" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-4 , June 2020, URL: https://www.ijtsrd.com/papers/ijtsrd30888.pdf Paper Url :https://www.ijtsrd.com/computer-science/computer-security/30888/an-empirical-study-on-information-security/bhavya-verma
Audience – Sales and pre-sales audience selling to large enterprises and government.
Occasion – Annual channel partners of Thales – April 2010
Presenter – Tony Lock, Programme Director, Freeform Dynamics
This presentation was provided by Blake Carver of Lyrasis during the NISO webinar, DIgital Security: Protecting Library Resources against Piracy, held on November 16, 2016.
Big Data is the "next" Bg Technology and Business and Hadoop is one of the important framework of Big Data. Hadoop is currently used by Yahoo, EBay and 100s of organisations.
As the Big Data use cases will grow, security of Big Data technologies, solutions and applications will become extremely important. In this presentation, I have described top 5 key security challenges related to developing Big Data solutions and applications.
Some basic security controls you can (and should) implement in your web apps. Specifically this covers:
1 - Beyond SQL injection
2 - Cross-site Scripting
3 - Access Control
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-publicSecunoid Systems Inc
Privacy Overview
What is private data
Privacy requirements by jurisdiction
PIPEDA-Canada
GDPR-Europe
Blockchains and Privacy
Data storage
Privacy crypto currencies
Introduction to information security and best practices. This presentation discuss about common treats in information security, Cyber security and suggestions for prevention.
Bridging the Social Media Implementation/Audit GapJerod Brennen
It's one thing to embrace social media, but it's another thing entirely to embrace it securely. This presentation helps organizations understand what steps should be taken to ensure that their social media properties aren't abused or exploited to attack the organization.
Audience – Sales and pre-sales audience selling to large enterprises and government.
Occasion – Annual channel partners of Thales – April 2010
Presenter – Tony Lock, Programme Director, Freeform Dynamics
This presentation was provided by Blake Carver of Lyrasis during the NISO webinar, DIgital Security: Protecting Library Resources against Piracy, held on November 16, 2016.
Big Data is the "next" Bg Technology and Business and Hadoop is one of the important framework of Big Data. Hadoop is currently used by Yahoo, EBay and 100s of organisations.
As the Big Data use cases will grow, security of Big Data technologies, solutions and applications will become extremely important. In this presentation, I have described top 5 key security challenges related to developing Big Data solutions and applications.
Some basic security controls you can (and should) implement in your web apps. Specifically this covers:
1 - Beyond SQL injection
2 - Cross-site Scripting
3 - Access Control
Cyber security privacy-and-blockchain-perspective-14 nov2018-v01-publicSecunoid Systems Inc
Privacy Overview
What is private data
Privacy requirements by jurisdiction
PIPEDA-Canada
GDPR-Europe
Blockchains and Privacy
Data storage
Privacy crypto currencies
Introduction to information security and best practices. This presentation discuss about common treats in information security, Cyber security and suggestions for prevention.
Bridging the Social Media Implementation/Audit GapJerod Brennen
It's one thing to embrace social media, but it's another thing entirely to embrace it securely. This presentation helps organizations understand what steps should be taken to ensure that their social media properties aren't abused or exploited to attack the organization.
Security in the age of open source - Myths and misperceptionsTim Mackey
As delivered at Interop ITX 2017.
The security of open source software is a function of the security of its components. For most applications, open source technologies are at their core, but security related issues may not be disclosed directly against the application because its use of the open-source component is hidden. In this talk, I explored how information flow benefits attackers, but how awareness can help defenders. I presented key attributes any vulnerability solution should have - including deep understanding of how open source development works and being DevOps aware.
SplunkLive! Stockholm 2015 breakout - Analytics based securitySplunk
Splunk products provide a flexible and fast security intelligence platform that makes security personnel and processes more efficient by providing quick and flexible access to all of the data and information needed to detect, investigate and remediate threats. This presentation will discuss best practices for building out or enhancing an analytics based security strategy and how Splunk products can make people, process, and technology work better together. Presented at SplunkLive! Stockholm October 2015 for more information please visit http://live.splunk.com/stockholm
You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, detecting, preventing threats. And most importantly, having your security team serve your business and mission. Learn how to organize your security resources to get the best benefit. See a live demonstration of operationalizing those resources so your security teams can do more for your organization.
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
Application Security - Your Success Depends on itWSO2
Traditional information security mainly revolves around network and operating system (OS) level protection. Regardless of the level of security guarding those aspects, the system can be penetrated and the entire deployment can be brought down if your application's security isn't taken into serious consideration. Information security should ideally start at the application level, before network and OS level security is ensured. To achieve this, security needs to be integrated into the application at the software development phase.
In this session, Dulanja will discuss the following:
The importance of application security - why network and OS security is insufficient.
Challenges in securing your application.
Making security part of the development lifecycle.
Application Security session given as part of the Solvay Executive Master in IT Management.
Explaining application security challenges for web, mobile, cloud and internet of things.
Positioning OWASP SAMM as structural and measurable framework to get application security under control in the complete application lifecycle.
For Business's Sake, Let's focus on AppSecLalit Kale
Slide-Deck for session on Application Security at Limerick DotNet-Azure User Group on 15th Feb, 2018
Event URL: https://www.meetup.com/Limerick-DotNet/events/hzctdpyxdbtb/
This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks
The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits.
Session 10 of 10
This Webinar focuses on Advanced Persistent Threats and targeted cyber attacks:
• Advanced Persistent Threats – the shifting paradigm to targeted attacks
• Understanding Advanced Persistent threats
• Overview of popular types of APTs
• Impact of APTs on sensitive data as well as organisation reputation
• Characteristics and Attack sequence of APT attacks and the challenges in detecting APTs
• Assessing, Managing and Auditing APT Risks
• Data loss and Cyber intrusions
This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks
The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits.
Session 6 of 10
This Webinar focuses on Application Security
• Application security logging and monitoring
• Issues in current logging practices
• Resources required by developers for security logging
• Correlating and alerting from log sources
• Logging in multi-tiered architectures and disparate systems
• Application security logging requirements
On April 2nd, ASI held its first invitation-only CIO Summit — on Data Security in a Mobile World in downtown Washington, DC, exclusively for not-for-profit CIOs. The event brought together the best and brightest minds from the association, non-profit, and business communities to address the current data security threats they're facing, particularly in this increasingly mobile world.
Application Security Testing for Software Engineers: An approach to build sof...Michael Hidalgo
This talk was presented at the 7th WCSQ World Congress for Software Quality in Lima, Perú on Wednesday, 22nd March 2017.
Writing secure code certainly is not an easy endeavor. In the book titled “Writing Secure Code: Practical Strategies and Proven Techniques for Building Secure Applications in a Networked World (Developer Best Practices)” authors Howard and LeBlanc talk about the so called attacker’s advantage and the defenders dilemma and they put into perspective the fact that developers (identified as defenders) must build better quality software because attackers have the advantage.
In this dilemma, software applications must be on a state of defense because attackers are out there taking advantage of any minor mistake, whereas the defender must be always vigilant, adding new features to the code, fixing issues, adding new engineers to the team. All this conditions are important when it comes to software security.
Sadly, strong understanding of software security principles is not always a characteristic of most software engineers but we can’t blame them. Writing code is a complex task per se, the abstraction level required, along with choosing and/or writing the accurate algorithm and dealing with tight schedules seems to be always a common denominator and the outcome when talking to developers.
This talk also includes techniques, tools and guidance that software engineers can use to perform Application Security testing during the development stage, enabling them to catch vulnerabilities at the time they are created.
Cybersecurity: Malware & Protecting Your Business From CyberthreatsSecureDocs
http://www.securedocs.com -The recent increase in high-profile cyberattacks has made online security a hot topic, and rightfully so. Companies from The New York Times to Facebook have fallen victim to attacks by cybercriminals, highlighting just how vulnerable any business is. In the past few years, malware has evolved dramatically and is a serious threat to all organizations, both big and small.
This presentation covers what advanced malware is and the impact it can have on an organization. Learn how to protect your business from this type of threat.
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Ma...BAINIDA
Big Data Analytics to Enhance Security คุณอนพัทย์ พิพัฒน์กิติบดี Technical Manager, Stelligence ในงาน THE FIRST NIDA BUSINESS ANALYTICS AND DATA SCIENCES CONTEST/CONFERENCE จัดโดย คณะสถิติประยุกต์และ DATA SCIENCES THAILAND
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...Cloudera, Inc.
Learn how to:
* Detect threats automatically and accurately
* Reduce threat response times from 7 days to 4 hour
* Ingest and process 100+TB per day for automated machine learning and behavior-based detection
Similar to Information security - what is going on 2016 (20)
Riskienhallinta, järjestelmällistä riskienhallintaa, riskien hallinnan käsitteet, työpajan pitäminen, fasilitointi
Esitys pidetty tässä muodossa turvallisuusjohdon koulutusohjelman yhteydessä 2014
-“Facts” about NSA/Snowden/Prism
-data classification
-guideline to Safe use of “Cloud”:
-choosing and using Cloud
-open source, alternative cloud services
Acorn Recovery: Restore IT infra within minutesIP ServerOne
Introducing Acorn Recovery as a Service, a simple, fast, and secure managed disaster recovery (DRaaS) by IP ServerOne. A DR solution that helps restore your IT infra within minutes.
This presentation by Morris Kleiner (University of Minnesota), was made during the discussion “Competition and Regulation in Professions and Occupations” held at the Working Party No. 2 on Competition and Regulation on 10 June 2024. More papers and presentations on the topic can be found out at oe.cd/crps.
This presentation was uploaded with the author’s consent.
Have you ever wondered how search works while visiting an e-commerce site, internal website, or searching through other types of online resources? Look no further than this informative session on the ways that taxonomies help end-users navigate the internet! Hear from taxonomists and other information professionals who have first-hand experience creating and working with taxonomies that aid in navigation, search, and discovery across a range of disciplines.
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Orkestra
UIIN Conference, Madrid, 27-29 May 2024
James Wilson, Orkestra and Deusto Business School
Emily Wise, Lund University
Madeline Smith, The Glasgow School of Art
0x01 - Newton's Third Law: Static vs. Dynamic AbusersOWASP Beja
f you offer a service on the web, odds are that someone will abuse it. Be it an API, a SaaS, a PaaS, or even a static website, someone somewhere will try to figure out a way to use it to their own needs. In this talk we'll compare measures that are effective against static attackers and how to battle a dynamic attacker who adapts to your counter-measures.
About the Speaker
===============
Diogo Sousa, Engineering Manager @ Canonical
An opinionated individual with an interest in cryptography and its intersection with secure software development.
This presentation, created by Syed Faiz ul Hassan, explores the profound influence of media on public perception and behavior. It delves into the evolution of media from oral traditions to modern digital and social media platforms. Key topics include the role of media in information propagation, socialization, crisis awareness, globalization, and education. The presentation also examines media influence through agenda setting, propaganda, and manipulative techniques used by advertisers and marketers. Furthermore, it highlights the impact of surveillance enabled by media technologies on personal behavior and preferences. Through this comprehensive overview, the presentation aims to shed light on how media shapes collective consciousness and public opinion.
5. Not just media hype
https://haveibeenpwned.com/
http://www.privacyrights.org/data-breach
http://www.idtheftcenter.org/ITRC-Surveys-Studies/2015databreaches.html
http://www.privacyrights.org/data-breach
USA only source, (GDPR will change this)
Breach Type: CARD, HACK, INSD, PHYS,
PORT, STAT, DISC, UNKN
Organization Type: Business, Financial, Government
Year(s) of Breach: 2016, 2015, 2014
RESULT:
Breaches made public fitting this criteria: 440
Records lost total: 154,492,525
Good DAY!
RDP For Sale!
Good day!
Working Admin
account to high profile
profile Wevb-server!
server!
possible test period –
–
Full Access
6. Closer look to typical cases
”Hacked account”
Type: High Privilege account credentials leaked
Risk: Third party have full control to administrator level account, through O365
mailbox also all information about systems, links to servers, sharepoint, etc
How this can happen?
7. Closer look to typical cases
”Hacked account”
Type: High Privilege account credentials leaked
Risk: Third party have full control to administrator level account, through O365
mailbox also all information about systems, links to servers, sharepoint, etc
How this can happen?
8. Closer look to typical cases
”Hacked account”
Type: High Privilege account credentials leaked
Risk: Third party have full control to administrator level account, through O365
mailbox also all information about systems, links to servers, sharepoint, etc
How this can happen?
”Urgent Paypal error! Respond soon”
”Mailbox full, click to avoid account termination…”
Regocnize malicious mail, be aware if:
1. Request about account / password
2. Something strange in sender/receiver
3. Language, typos
4. link http, not https
5. Threat about something (if not, account closed…)
6. hurry (request to act 12, 24, 36, 48h)
7. attachments
8. Zip attachments
9. Link to file in web
9. Compromised server”
Type: SSH port open, not hardened, server compromised
Risk: Third party have full control to server, possible data leak
from server or jump point to other infrastructure, DOS to some
other organization
Configurations in hurry
”
10. Compromised server”
Type: SSH port open, not hardened, server compromised
Risk: Third party have full control to server, possible data leak
from server or jump point to other infrastructure, DOS to some
other organization
Configurations in hurry
”
11. Compromised server”
Type: SSH port open, not hardened, server compromised
Risk: Third party have full control to server, possible data leak
from server or jump point to other infrastructure, DOS to some
other organization
Configurations in hurry
”
Some Linux server tips:
1. Disable Remote Root Access
2. Patch the Operating System and third party application
3. Limit SSH Access, Fail2Ban
4. https://www.cyberciti.biz/tips/linux-security.html
Windows server:
1. Aditro guidelines & SOP
2. CIS Hardening
3. Microsoft RAP
4. Vulnerability scanning
12. Type: Get high privilige account details and access to web application
Risk: Third party have full control to web application, information
leak, possible financial damages
Tools: Kali-Social engineering Toolkit
Social engineering combined (phishing & fake site)
13. Type: Get high privilige account details and access to web application
Risk: Third party have full control to web application, information
leak, possible financial damages
Tools: Kali-Social engineering Toolkit
Social engineering combined (phishing & fake site)
14. Type: Get high privilige account details and access to web application
Risk: Third party have full control to web application, information
leak, possible financial damages
Tools: Kali-Social engineering Toolkit
Social engineering combined (phishing & fake site)
15. Attacker motivation
12.06.2014 15
Attacker Motivation Goal
Government Financial, influence Collecting information
Criminals Financial Threats, blackmailing
Commercial
organizations
Financial Disturbance of the competitor.
Collection of information
Insider self-interest, vengeance Economic benefits
Damage to the organization's.
Revenge
Curious users (external
or internal)
bicurious Pressing any buttons and see what
happens
Hactivism power Placing an opponent in a bad light,
collecting information
19. ImplementationDevelopmentBefore development
Preparation,
feasibility study
Project
planning
Testing Implementation
SECURITY Requirement
specifications, based on
• ”Technical – features”
• Organization guidelines
• OWASP
• CIS
• Data content
• Availability (e.g. fault
tolerance
• Integrity(e.g. logs)
• Legal framework (e.g. GDPR)
Project
Risk management (GDPR – mandatory PIA)
Project information
security
Own personnels &
external
• Access control
• Tools
• up to date
• Licensed
• Open source?
• NDA - agreements
• Firewall openings
• Badges
Application secúrity
• Test plan
• Security
requirement
/requireme
nt tests
• Code audit
• Penetration test
Production security
• Security checklist
• Supply and disposal of material
• Users and maintenance
instructions
• Description of file
Security in projects
development documentation from security point of view
(typical & simplified)
Productization
(documentation,
support)
Information Security (Confidentiality – Integrity – Availability)
20. Security inside application
http://www.guidanceshare.com/wiki (simple)
https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project
(security in development framework)
Do not trust input;
• centralized input
validation.
• Do not rely on client-
side validation.
• Be careful with
canonicalization
issues.
• Constrain, reject,
and sanitize input.
• Validate for type,
length, format, and
range.
27. 27
Security in work, (C-I-A)
• Take care of work material
• Make sure that your files are always backed up. Dispose of confidential material in
accordance with instructions. Be sure to log out from software and systems
• Protect your equipment and the environment
• Make sure that your computer security software is working and updated. Use the
password-protected "screen saver". Lock your room and your computer when you
leave for a short time
• Be sure about source of information
• The message may contain malware or be forged. the name and address of the sender
does not guarantee anything, does not it. The programs should not be installed unless
you are sure that it is safe. The file which you are not sure or do not know who it is,
do not open. Be carefull with USB-Sticks
• Be accurate in your own work
• When you send something, please tell clearly what it is, do not send attachments
without first informing the recipient about coming files. Also keep in mind the so-
called Hidden Data (MS-Office meta-data). Be a always little suspicious when
someone asks for confidential information, verify persons identity
http://www.digitalconfidence.com/Hidden-Data-and-Metadata-FAQ.html
28. 28
Profitable tool for Criminals - Email
» To end user, biggest threat
» in case of successful phishing, access to
address book, O365, all mail, all work files
» Malicious email:
» Spam (Spam), pharmacies, pornography, gambling.
(Might be legal, just hidden costs with small letters)
» Scams (Scam), financial or emotional benefits,
wide variety of frauds.
» Phishing
» Malware, malicious links to services
Cornell University 120 examples collected 2015:
http://www.it.cornell.edu/security/phishbowl.cfm
What
happened?
“urgency,
stress,
tiredness
28Actually: http://thewatchrun.com/wp-
content/themes/twentythirteen/dhl_paket
29. 29
Social media
• ready to use
• scalable
• no IT help needed
• service for almost any
possible use case
• all possible bells and whistles
• can be used anywhere
• free of charge, (if your privacy
and personal life has no value)
500 Mb video,
20 minutes
• where is the data?
• who gets it?
• provider employees?
• network traffic?
• bottlenecks?
• privacy policy?
• Privacy Data collection
and destruction?
• terms of service?
• investigation?
(in case of illegal
content, data theft,
copyright etc.)
• lock-in?
30. 30
Social media
• Keep your password / username combination safe, if the worst happens
(e.g. serious illness)
• material may be financially or for some other reason valuable to others
• Use different password in services, and user id,
• mnemonic? software like "KeePass“ http://keepass.info/ for password management
• Keep copies of everything on your own computer
• Account de-activation (mistake, leak, id theft) end of life service
• Do not accept all friend requests
• If necessary, clear the browser cache
• "Sure" way to store files securely is an encryption
Strong password? Not : Pa5!&rVx!, Better “AksuliKivenKalaValeLomaLue”
8 character password with 94 different character vs, 16 just numbers, same difficulty for
password cracker.
• “Terms of Service; Didn't Read” https://tosdr.org/
• https://blog.kaspersky.com/remember-strong-passwords/6386/ (about Entropy and passwords, “disorder”)
• http://resources.infosecinstitute.com/password-security-complexity-vs-length/
31. • Email encryption, Aditro TLS by default (encryption depends on receiver)
• File/Folder level encryption, 7-zip + AES option
• Create Encrypted package, send by email or share using OneDrive,
send password with SMS
• VeraCrypt, heavier tool, for example project use.
https://veracrypt.codeplex.com/
• Create ”container” to place where every member have access
• share password with secure way
Encryption, secure way to share
(for example file share in public cloud)
http://www.northeastern.edu/securenu/sensitive-information-2/how-to-use-7-zip-to-encrypt-files-and-folders/
32. 32
Keep safety when traveling
• Activate lock out functions for screen savers – Computers with confidential data
should be configured to "lock out" after 20 minutes of inactivity. PC in sleep mode
can be hacked easily
• Laptop hard drives should be encrypted, Ask for more information about from the
IT Service Desk.
• With kiosk PCs, clear browser cache
• Before travel, write down important contact details, IT-service desk, “if device is
lost instructions” operator, credit card contact numbers
• Use VPN, open WLAN is OPEN
• Change your password while abroad, before travel
• Take care of USB-sticks, don’t take USBs from unknown
• Always transport your devices as hand luggage when traveling (e.g. train, ship, bus)
• Make sure that the PIN and protection code are enabled.
• Disable bluetooth if you don’t need it
• Be careful when (or avoid totally) printing and carrying confidential material