Good Information Security Practices

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
47 minutes
Difficulty
Beginner
CEU/CPE
1
Video Transcription
00:03
>> Now I hope the previous topics
00:03
have been helpful for you just
00:03
in giving you some things to think about to
00:03
enhance the security of your organization.
00:03
I want to leave you with some best practices and
00:03
things that you can just always default back to,
00:03
as a matter of good security practice.
00:03
Absolutely, always log off or lock your system,
00:03
if you leave that system even for just a second,
00:03
even for just a minute to grab a cup of coffee.
00:03
Always log off or lock your system.
00:03
The only difference between the two is locking
00:03
your system doesn't close your applications,
00:03
but it should still provide
00:03
a reasonable form of
00:03
defense against improper access of your computer.
00:03
Lock your system or log off.
00:03
Make sure your system stay patched.
00:03
Now, in your workplace that's probably
00:03
controlled by your network administrator,
00:03
don't ever take it upon yourself to go out and
00:03
download patches unless it's
00:03
part of your company's policy,
00:03
which I doubt that it is because patches
00:03
can also introduce additional problems.
00:03
They may not be compatible
00:03
with certain elements or certain systems,
00:03
so rely on your network administrator
00:03
to provide you with guidance on patches.
00:03
At home, keep your systems patched.
00:03
Strong passwords, make sure they're protected.
00:03
Eight characters, alphanumeric,
00:03
and non alphanumeric, upper and lowercase.
00:03
If you have to write passwords down,
00:03
it's actually better to write passwords
00:03
down than just use the same one over and over.
00:03
Write your passwords down and protect that list.
00:03
Keep that list somewhere that's locked and not obvious.
00:03
The days of writing them down on
00:03
a sticky note on your keyboard,
00:03
those days are gone.
00:03
Make sure you use encryption to
00:03
protect confidentiality of data.
00:03
Encrypt your emails, or use protocols like
00:03
HTTPS that we talked about
00:03
>> to send sensitive information.
00:03
>> Make sure you're very cautious about what information
00:03
you put out there
00:03
>> about yourselves or about your customers.
00:03
>> Any information or any call or
00:03
contact that is driven
00:03
by the need to collect information,
00:03
something's going on there.
00:03
Be very suspicious.
00:03
Report that call to your security team and
00:03
give absolutely the most minimal information possible.
00:03
Anything that's unsecure or insecure,
00:03
disable them if possible.
00:03
Bluetooth, the perfect example.
00:03
If you need to use Bluetooth then use it,
00:03
but afterwards turn it off.
00:03
Never ever share your password with someone else.
00:03
Never give them access to your system regardless.
00:03
Always make sure that that is your system.
00:03
Anything that happens with
00:03
that system is linked back to you directly.
00:03
Don't trust that to someone else.
00:03
Anybody that seems to be
00:03
just looking to gather information
00:03
whether they're in person or through
00:03
an email, that's very suspicious.
00:03
Be careful what you give up.
00:03
Physical security.
00:03
Don't let someone come in under your card
00:03
swipe and if there is an attempt for that,
00:03
escort that person to security and make
00:03
sure that the security guard is aware of it,
00:03
and handles their access from that point forward.
00:03
Any potential breach, and
00:03
we all hate to be the one that makes a mistake.
00:03
You got to get over that piece and go to
00:03
your security team because if you go there immediately,
00:03
there's a much better chance they can fix
00:03
the problem and limit the damage of the compromise.
00:03
Trust your security team to do what's
00:03
right and to protect the organization.
00:03
Let them know that there's
00:03
a violation or a suspected violation.
00:03
Last but not least, think.
00:03
If something feels wrong,
00:03
if it feels uncomfortable,
00:03
if it feels like it's intrusive, it is.
00:03
Trust your instinct, rely on
00:03
your security team and your policies.
00:03
When in doubt, refer to
00:03
a supervisor or a security professional.
00:03
Don't be the person that allows
00:03
a million dollar compromise to
00:03
your company's credit card access
00:03
or whatever that might be.
00:03
Be very careful and very mindful and be
00:03
aware that numerous threats exist today.
00:03
We're going to get on the right course and
00:03
these end-users are going to fall in line
00:03
>> and help our organizations protect security.