Amir Ali Mokhberi, profile picture
Uploaded byAmir Ali Mokhberi
PPTX, PDF1,025 views

IT Security DOs and DON'Ts

This document provides IT security guidelines for employees. It recommends do's and don'ts in several areas: 1. Don't provide confidential information to unverified sources and report any suspicious requests. Keep private information secure. 2. Don't leave sensitive documents unattended and shred documents when no longer needed. Keep work areas organized. 3. Don't access sensitive data on unsecured devices. Use secure computers and lock unattended devices. Be cautious of unauthorized access. 4. Use strong, unique passwords and password managers. Don't share passwords or use obvious passwords. Report any suspected compromises.

Embed presentation

Downloaded 18 times
IT Security DOs and DON'Ts James Lee
1. Confidential Information • Don’t respond to emails or phone calls asking for confidential company information. • Always keep in mind that bad guys are successful because they are convincing. • Keep on guard and report any suspicious activity to IT. • Recent news, Snapchat’s payroll department was targeted by an isolated email phishing scam in which the scammer impersonated their CEO and asked for employee payroll information.
2. Sensitive Information • Don’t leave printouts containing private information on your desk. It’s easy for a visitor to glance at your desk and see sensitive documents. • Keep your desk tidy and documents locked away or shredded when no longer needed. • It makes the office look more organized, and reduces the risk of information leaks.
3. Unprotected Computer • When you access sensitive information from a non-secure computer you put the information you’re viewing at risk. • If you’re unsure if the computer you’re using is safe, don’t use it to access corporate or sensitive data.
4. Lock your device • Always lock your computer and mobile phone. You work on important things, and we want to make sure they stay safe and secure. • Locking these devices keeps both your personal information and the company’s data safe. • Exit running applications and close opened documents on the workstations prior leaving the office.
5. Stay Alert • Sometimes suspicious activity isn’t as obvious as we think. • Be cautious of people you don’t know asking for things, especially online. • Always report any suspicious activity to IT. If something goes wrong, the faster we know about it, the faster we can deal with it. • Users must report all lost or stolen devices to FUTEK IT immediately. • Also keep in mind to Keep food and drink away from computer to avoid accidental spills.
6. Password Protection • Always password-protect sensitive files on your computer, USB flash drive, smartphone, laptop, etc. • Losing a device can happen to anyone. But by protecting your device with strong passwords, you can make it difficult for someone to break in and steal data.
7. Passwords • Many people use obvious passwords like “password,” “cat,” or obvious character sequences on the qwerty keyboard like “asdfg.” • Create complex passwords by including different letter cases, numbers, and AT LEAST one punctuation. • Try to use different passwords for different websites and computers. • DO NOT SHARE YOUR PASSWORD! You alone are responsible for your account and activity generated by it.
7. Passwords cont. • Use a password manager software (for example LastPass, Dashlane, 1Password, and others) to store and organize all your encrypted passwords in one place. • Always decline the use of the "Remember Password" feature of FUTEK related applications (e.g., Google Chrome, IE). • If someone demands a password, refer them to the IT Policies document and direct them to the IT Department. • If an account or password compromise is suspected, immediately change it and report the incident to the IT Department.
8. Email Phishing Forward Simply forward the email to it@futek.com. DO NOT reply back DO NOT reply back to the email. DO NOT click on DO NOT click on any hyperlinks. DO NOT open DO NOT open any type of attachments. • Hackers try to steal email lists from companies. Company email addresses are valuable to attackers, allowing them to create fake emails from “real people.” • Always delete suspicious emails from people you don’t know, and never click on the links. • Opening these emails or clicking on links in them can compromise your computer without you ever knowing it.
8.1 Email Phishing Examples
8.1 Email Phishing Examples
8.1 Email Phishing Examples
8.1 Email Phishing Examples
8.1 Email Phishing Examples
8.1 Email Phishing Examples
9. No Personal Data/Devices • Make sure to make any connectivity with your computer by clicking “Don’t Trust”. • Don’t connect a personal cloud storage onto FUTEK’s computer. • Don’t back up smartphone data on FUTEK’s computer. • We DO NOT back up computers. • Put all work related files on your network share drives (:J or :K) and save on the drive where your department is allocated to.
10. Unauthorized Programs • Malicious applications often pose as legitimate programs like games, tools, or even antivirus software. • Don’t install unauthorized software on workstations. • If you like an application and think it will be useful, contact us and we’ll look into it for you.

More Related Content

PPTX
IT Security DOs and DONTs
byIT Tech
 
PPTX
Information Security Awareness Training Open
byFred Beck MBA, CPA
 
PPTX
Basic Security Training for End Users
byCommunity IT Innovators
 
PPTX
Hyphenet Security Awareness Training
byJen Ruhman
 
PDF
Cybersecurity Awareness Training Presentation v2021.08
byDallasHaselhorst
 
PDF
End-User Security Awareness
bySurya Bathulapalli
 
PPTX
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
byDavid Menken
 
PPT
Email Security and Awareness
bySanjiv Arora
 
IT Security DOs and DONTs
byIT Tech
 
Information Security Awareness Training Open
byFred Beck MBA, CPA
 
Basic Security Training for End Users
byCommunity IT Innovators
 
Hyphenet Security Awareness Training
byJen Ruhman
 
Cybersecurity Awareness Training Presentation v2021.08
byDallasHaselhorst
 
End-User Security Awareness
bySurya Bathulapalli
 
Security Awareness Training - For Companies With Access to NYS "Sensitive" In...
byDavid Menken
 
Email Security and Awareness
bySanjiv Arora
 

What's hot

PPTX
ICT and end user security awareness slides
byjubke
 
PPT
Cyber Security Awareness Training by Win-Pro
byRonald Soh
 
PPTX
IT Security DOs and DON'Ts
bySophos
 
PPTX
Security Awareness Training.pptx
byMohammedYaseen638128
 
PPT
Employee Security Training[1]@
byR_Yanus
 
PDF
Employee Security Awareness Program
bydavidcurriecia
 
PDF
Security Awareness Training
byDmitriy Scherbina
 
PPSX
Security Awareness Training
byWilliam Mann
 
PPTX
Cybersecurity Awareness Overview.pptx
bysanap6
 
PDF
Information security awareness, middle management
byhaneen Emeir, CISA, ISO27001
 
PDF
Cybersecurity Awareness Training Presentation v1.2
byDallasHaselhorst
 
PDF
Cybersecurity Employee Training
byPaige Rasid
 
PDF
14 tips to increase cybersecurity awareness
byMichel Bitter
 
PPTX
Cyber Security 101: Training, awareness, strategies for small to medium sized...
byStephen Cobb
 
PPTX
Cybersecurity Awareness
byJoshuaWisniewski3
 
PPT
Phishing
byAlka Falwaria
 
PPTX
Employee Awareness in Cyber Security - Kloudlearn
byKloudLearn
 
PPT
General Awareness On Cyber Security
byDominic Rajesh
 
PPT
Building An Information Security Awareness Program
byBill Gardner
 
PPTX
Phising a Threat to Network Security
byanjuselina
 
ICT and end user security awareness slides
byjubke
 
Cyber Security Awareness Training by Win-Pro
byRonald Soh
 
IT Security DOs and DON'Ts
bySophos
 
Security Awareness Training.pptx
byMohammedYaseen638128
 
Employee Security Training[1]@
byR_Yanus
 
Employee Security Awareness Program
bydavidcurriecia
 
Security Awareness Training
byDmitriy Scherbina
 
Security Awareness Training
byWilliam Mann
 
Cybersecurity Awareness Overview.pptx
bysanap6
 
Information security awareness, middle management
byhaneen Emeir, CISA, ISO27001
 
Cybersecurity Awareness Training Presentation v1.2
byDallasHaselhorst
 
Cybersecurity Employee Training
byPaige Rasid
 
14 tips to increase cybersecurity awareness
byMichel Bitter
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
byStephen Cobb
 
Cybersecurity Awareness
byJoshuaWisniewski3
 
Phishing
byAlka Falwaria
 
Employee Awareness in Cyber Security - Kloudlearn
byKloudLearn
 
General Awareness On Cyber Security
byDominic Rajesh
 
Building An Information Security Awareness Program
byBill Gardner
 
Phising a Threat to Network Security
byanjuselina
 

Similar to IT Security DOs and DON'Ts

PDF
Customer information security awareness training
byAbdalrhmanTHassan
 
PPTX
Employee Security Awareness Training
byDenis kisina
 
PDF
Building a culture of security
byCourion Corporation
 
PPT
Securitytips
bySantosh Khadsare
 
PDF
10 most important cyber security tips for your users
bySimpliv LLC
 
PDF
31 Internet Security Tips on CyberSecurity Month Ocotober
byQuick Heal Technologies Ltd.
 
PPTX
Security - 101 - ISSA
byPedro Serrano
 
PPTX
eSecurity! Keeping your Business and Customers Safe
byAVG Technologies AU
 
PPTX
cybersafety_basics.pptx
byPraveenKumar313855
 
PPT
Essential Technologies for Psychologists
byBradnor444
 
PPTX
Security Awareness 101
byHaroldCo
 
PPTX
Avoid the Hack
byJason Jakus
 
PDF
Penntech IT Solutions and cyber security
byPenntech IT Solutions
 
PPT
Train Employees to Avoid Inadvertent Cyber-Security Breaches
byHuman Resources & Payroll
 
PDF
Are Your Security Aware?
byITecksolutionsLLC
 
PPT
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
byEMBplc.com
 
PDF
Introduction to information security
byHarish Jangid
 
PDF
10 steps to protecting your computer to the world of internet.
byKhalil Jubran
 
PDF
Mc physics colloquium2018-03-30.-handouts
byKevin Wall
 
PPT
Internet Security for Non-Techies
byRichard Bush
 
Customer information security awareness training
byAbdalrhmanTHassan
 
Employee Security Awareness Training
byDenis kisina
 
Building a culture of security
byCourion Corporation
 
Securitytips
bySantosh Khadsare
 
10 most important cyber security tips for your users
bySimpliv LLC
 
31 Internet Security Tips on CyberSecurity Month Ocotober
byQuick Heal Technologies Ltd.
 
Security - 101 - ISSA
byPedro Serrano
 
eSecurity! Keeping your Business and Customers Safe
byAVG Technologies AU
 
cybersafety_basics.pptx
byPraveenKumar313855
 
Essential Technologies for Psychologists
byBradnor444
 
Security Awareness 101
byHaroldCo
 
Avoid the Hack
byJason Jakus
 
Penntech IT Solutions and cyber security
byPenntech IT Solutions
 
Train Employees to Avoid Inadvertent Cyber-Security Breaches
byHuman Resources & Payroll
 
Are Your Security Aware?
byITecksolutionsLLC
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
byEMBplc.com
 
Introduction to information security
byHarish Jangid
 
10 steps to protecting your computer to the world of internet.
byKhalil Jubran
 
Mc physics colloquium2018-03-30.-handouts
byKevin Wall
 
Internet Security for Non-Techies
byRichard Bush
 

Recently uploaded

PDF
oracle_apex_tamil_export_an_application.pdf
byUthamaselvan M
 
PDF
Scott M. Graffius' Phases of Team Development - Applied to Human Teams and Hu...
byScott M. Graffius
 
PDF
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
PDF
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
PPTX
Software Tools for penetration Testing (1).pptx
byAmosCheruiyot13
 
PDF
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
PPTX
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
PDF
SEO in Charleston SC | Local SEO Strategies to Grow Your Business.pdf
bycustomdigitalsolutio1
 
PDF
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
PPTX
IBM_NEXA_DAC2021 NEXA, a cloud-native platform for collaborative hardware log...
byArun Joseph
 
PPTX
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 
PPTX
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
PDF
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
PPTX
DVCON24-IBM ai/ml driven hardware verification
byArun Joseph
 
PDF
Taxonomy Principles to Support Knowledge Management at a Not-for-Profit
byEnterprise Knowledge
 
PPTX
Sensors-and-Actuators-in-IoT-Systems.pptx
byMuhammedNihal54
 
PPTX
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
PPTX
Lecture 05. API Security for DevSecOps Eng.pptx
byvinocol222
 
PPTX
SRWE_Module_14_SRWE_ccna_basics_routing_concepts.pptx
byahmedmahmoudece
 
PDF
The CISO_Transformation_Playbook From Cost Centre to Chief Trust Officer
bysajjasridhar1990
 
oracle_apex_tamil_export_an_application.pdf
byUthamaselvan M
 
Scott M. Graffius' Phases of Team Development - Applied to Human Teams and Hu...
byScott M. Graffius
 
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
Software Tools for penetration Testing (1).pptx
byAmosCheruiyot13
 
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
KTU-PEMET413 -MODULE 2-POLYMER MATRIX COMPOSITES - LECTURE 1.pptx
byVINAY B
 
SEO in Charleston SC | Local SEO Strategies to Grow Your Business.pdf
bycustomdigitalsolutio1
 
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
IBM_NEXA_DAC2021 NEXA, a cloud-native platform for collaborative hardware log...
byArun Joseph
 
TechSprint Kickoff - Everything You Need to Know
bygdgcodecellcmpn
 
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
DVCON24-IBM ai/ml driven hardware verification
byArun Joseph
 
Taxonomy Principles to Support Knowledge Management at a Not-for-Profit
byEnterprise Knowledge
 
Sensors-and-Actuators-in-IoT-Systems.pptx
byMuhammedNihal54
 
Lecture 04. about Black heads and Hackerss.pptx
byvinocol222
 
Lecture 05. API Security for DevSecOps Eng.pptx
byvinocol222
 
SRWE_Module_14_SRWE_ccna_basics_routing_concepts.pptx
byahmedmahmoudece
 
The CISO_Transformation_Playbook From Cost Centre to Chief Trust Officer
bysajjasridhar1990
 

IT Security DOs and DON'Ts

  • 1.
    IT Security DOsand DON'Ts James Lee
  • 2.
    1. Confidential Information •Don’t respond to emails or phone calls asking for confidential company information. • Always keep in mind that bad guys are successful because they are convincing. • Keep on guard and report any suspicious activity to IT. • Recent news, Snapchat’s payroll department was targeted by an isolated email phishing scam in which the scammer impersonated their CEO and asked for employee payroll information.
  • 3.
    2. Sensitive Information •Don’t leave printouts containing private information on your desk. It’s easy for a visitor to glance at your desk and see sensitive documents. • Keep your desk tidy and documents locked away or shredded when no longer needed. • It makes the office look more organized, and reduces the risk of information leaks.
  • 4.
    3. Unprotected Computer •When you access sensitive information from a non-secure computer you put the information you’re viewing at risk. • If you’re unsure if the computer you’re using is safe, don’t use it to access corporate or sensitive data.
  • 5.
    4. Lock yourdevice • Always lock your computer and mobile phone. You work on important things, and we want to make sure they stay safe and secure. • Locking these devices keeps both your personal information and the company’s data safe. • Exit running applications and close opened documents on the workstations prior leaving the office.
  • 6.
    5. Stay Alert •Sometimes suspicious activity isn’t as obvious as we think. • Be cautious of people you don’t know asking for things, especially online. • Always report any suspicious activity to IT. If something goes wrong, the faster we know about it, the faster we can deal with it. • Users must report all lost or stolen devices to FUTEK IT immediately. • Also keep in mind to Keep food and drink away from computer to avoid accidental spills.
  • 7.
    6. Password Protection •Always password-protect sensitive files on your computer, USB flash drive, smartphone, laptop, etc. • Losing a device can happen to anyone. But by protecting your device with strong passwords, you can make it difficult for someone to break in and steal data.
  • 8.
    7. Passwords • Manypeople use obvious passwords like “password,” “cat,” or obvious character sequences on the qwerty keyboard like “asdfg.” • Create complex passwords by including different letter cases, numbers, and AT LEAST one punctuation. • Try to use different passwords for different websites and computers. • DO NOT SHARE YOUR PASSWORD! You alone are responsible for your account and activity generated by it.
  • 10.
    7. Passwords cont. •Use a password manager software (for example LastPass, Dashlane, 1Password, and others) to store and organize all your encrypted passwords in one place. • Always decline the use of the "Remember Password" feature of FUTEK related applications (e.g., Google Chrome, IE). • If someone demands a password, refer them to the IT Policies document and direct them to the IT Department. • If an account or password compromise is suspected, immediately change it and report the incident to the IT Department.
  • 11.
    8. Email Phishing Forward Simplyforward the email to it@futek.com. DO NOT reply back DO NOT reply back to the email. DO NOT click on DO NOT click on any hyperlinks. DO NOT open DO NOT open any type of attachments. • Hackers try to steal email lists from companies. Company email addresses are valuable to attackers, allowing them to create fake emails from “real people.” • Always delete suspicious emails from people you don’t know, and never click on the links. • Opening these emails or clicking on links in them can compromise your computer without you ever knowing it.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
    9. No PersonalData/Devices • Make sure to make any connectivity with your computer by clicking “Don’t Trust”. • Don’t connect a personal cloud storage onto FUTEK’s computer. • Don’t back up smartphone data on FUTEK’s computer. • We DO NOT back up computers. • Put all work related files on your network share drives (:J or :K) and save on the drive where your department is allocated to.
  • 19.
    10. Unauthorized Programs •Malicious applications often pose as legitimate programs like games, tools, or even antivirus software. • Don’t install unauthorized software on workstations. • If you like an application and think it will be useful, contact us and we’ll look into it for you.

Editor's Notes

  • #3 Don’t respond to emails or phone calls requesting confidential company information Always keep in mind that bad guys are successful because they are convincing. Keep on guard and report any suspicious activity to IT. (Recent Story 2/16/17 2 months ago: Snapchat leaked, payroll information can include SSN, bank details, addresses, emails, and other personal ID, which in the hands of the wrong people can cause headaches for those affected) https://techcrunch.com/2016/02/29/snapchat-employee-data-leaks-out-following-phishing-attack/
  • #4 Don’t leave printouts containing private information on your desk. It’s easy for a visitor to glance at your desk and see sensitive documents. Keep your desk tidy and documents locked away or shredded when no longer needed. It makes the office look more organized, and reduces the risk of information leaks.
  • #5 When you access sensitive information from a non-secure computer you put the information you’re viewing at risk. If you’re unsure if the computer you’re using is safe, don’t use it to access corporate or sensitive data.
  • #6 Always lock your computer and mobile phone when you’re not using them. You work on important things, and we want to make sure they stay safe and secure. Locking these devices keeps both your personal information and the company’s data and contacts safe from prying eyes. Exit running applications and close opened documents on the workstations prior leaving the office.
  • #7  Sometimes suspicious activity isn’t as obvious as we think. Be cautious of people you don't know asking for things, especially online. Always report any suspicious activity to IT. If something goes wrong, the faster we know about it, the faster we can deal with it. Users must report all lost or stolen devices to FUTEK IT immediately. Also keep in mind to Keep food and drink away from computer to avoid accidental spills.
  • #8 Always password-protect sensitive files on your computer, USB flash drive, smartphone, laptop, etc. Losing a device can happen to anyone. But by protecting your device with strong passwords, you make it difficult for someone to break in and steal data.
  • #9 Many people use obvious passwords like “password,” “cat,” or obvious character sequences on the qwerty keyboard like “asdfg.” Create complex passwords by including different letter cases, numbers, and even punctuation. Try to use different passwords for different websites and computers. So if one gets hacked, your other accounts aren’t compromised. DO NOT SHARE YOUR PASSWORD! You alone are responsible for your account and activity generated by it. Passwords should never be publicly displayed. If a password is compromised, it must be changed immediately. Passwords must not consist of commonly recognizable names or words, readily guessable sequence of letters or numbers, or data that can be easily associated with the user, such as birthdays, names of self, spouse, children, etc. Always use different passwords for FUTEK accounts from other non-FUTEK access (e.g., personal account, bank account, etc.). Do not share FUTEK passwords with anyone, except the IT Department as if required. All passwords are to be treated as sensitive, confidential FUTEK information. Use a password manager software (e.g., LastPass, Dashlane, 1Password and …) to store and organize all your encrypted passwords in one place. Passwords should never be written down or stored on-line without encryption. Do not reveal a password in email, chat, text message, or other electronic communication. Do not speak about a password in front of others. Do not hint at the format of a password (e.g., "my family name"). Do not reveal a password on questionnaires or security forms. If someone demands a password, refer them to this document and direct them to the IT Department. Always decline the use of the "Remember Password" feature of FUTEK related applications (e.g., Google Chrome, IE). If an account or password compromise is suspected, immediately change it and report the incident to the IT Department.
  • #11 Passwords should never be publicly displayed. (If a password is compromised, it must be changed immediately.) Passwords must not consist of commonly recognizable names or words, readily guessable sequence of letters or numbers, or data that can be easily associated with the user, such as birthdays, names of self, spouse, children, etc. Always use different passwords for FUTEK accounts from other non-FUTEK access (e.g., personal account, bank account, etc.). Do not share FUTEK passwords with anyone, except the IT Department as if required. All passwords are to be treated as sensitive, confidential FUTEK information. Use a password manager software (e.g., LastPass, Dashlane, 1Password and …) to store and organize all your encrypted passwords in one place. Passwords should never be written down or stored on-line without encryption. Do not reveal a password in email, chat, text message, or other electronic communication. Do not speak about a password in front of others. Do not hint at the format of a password (e.g., "my family name"). Do not reveal a password on questionnaires or security forms. If someone demands a password, refer them to this document and direct them to the IT Department. Always decline the use of the "Remember Password" feature of FUTEK related applications (e.g., Google Chrome, IE). If an account or password compromise is suspected, immediately change it and report the incident to the IT Department.
  • #12 Hackers try to steal email lists from companies. Company email addresses are valuable to attackers, allowing them to create fake emails from "real people.“ Always delete suspicious emails from people you don't know. And never click on the links. Opening these emails or clicking on links in them can compromise your computer without you ever knowing it.
  • #19 Don’t plug in personal devices such as USBs, MP3 players and smartphones without permission from IT. *Even a brand new iPod or USB flash drive could be infected with a nasty virus. *These devices can be compromised with code waiting to launch as soon as you plug them into a computer. Not connecting a personal USB Memory Stick to FUTEK’s computer. Not connecting a personal cloud storage on FUTEK’s computer. Not backing up a smartphone’s data on FUTEK’s computer. Talk to IT about your devices and let them make the call.
  • #20 Malicious applications often pose as legitimate programs like games, tools or even antivirus software. They aim to fool you into infecting your computer or network. Not installing unauthorized software on workstations. If you like an application and think it will be useful, contact us and we’ll look into it for you.