Good Information Security Practices

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

47 minutes
Video Transcription
now, I hope the previous topics have been helpful for you, just in giving you some things to think about. To enhance the security of your organization, I want to leave you with some best practices, some things that you can just kind of always default back to. As a matter of good security practice,
so absolutely, always log off or lock your system. If you leave that system, even for just a second, even for just a minute to grab a cup of coffee,
always log off or lock out. Lock your system. Only difference between the two is locking. Your system doesn't close your applications, but it should still provide a reasonable, ah form of defense against improper access of your computer.
Lock your system by walled off.
Make sure your system state patch now in your workplace that's probably controlled by your network administrator. Don't ever take it upon yourself to go out and download patches unless that's part of your company's policy, which I doubt that it is. Because patches can also introduce additional problems, they may not be
ah compatible with certain elements or certain systems, so rely on your network administrator to provide you with the guidance on patches at home, he persistence, patched
a strong passwords. Make sure they're protected. Eight characters out. The new American non out New mirror.
Um, upper and lower case.
If you have to write passwords down, it's actually better to write passwords down, then just use the same one over and over. So right the passwords down and protect that. Just keep that list somewhere. That's law,
and not obvious the days of writing them down in the sticky note of your keyboard
those days ago.
Make sure you use encryption to protect confidentiality of data in Crip church e mails or use protocols like https that we talk about to send sensitive information.
Make sure you're very cautious about what information you put out there, about yourselves or about your customers. Any information that there any sort of call or contact
that is driven by the need to collect information something's going on there. Very suspicious report that call to your security team and gear
absolutely the most minimal information possible.
Um, anything that's unsecure insecure,
disabled them. It possible Bluetooth. The perfect example. If you need to use Bluetooth and use it, but afterwards turn it off.
Never, ever, ever share your password with someone else. Never give them access to your system. Regardless, always make sure that that is your system. Anything that happens with that system is linked back to you directly. Don't trust that
back to someone else.
Ah, anybody that seems to be just looking to gather information with there in person or through an email that's very suspicious. Careful what you give up
physical security.
Don't let someone come in on your courts white.
And if there is an attempt for that, escort that person to security and make sure that the security guard is aware of it and handles their access from that point for
any potential breach. And we all hate to be the one that makes a mistake. You got to get over that piece and go to your security team,
because if you go there immediately, there's a much better chance they can fix the problem and limit the damage of the compromise. Trust your security team to do what's right and to protect the organization.
Let them know there's a violation or a suspected violation
and last but not lie. At least
think, think, think
if something feels wrong. If it feels uncomfortable with it, feels like,
um, it's intrusive.
It is. Trust your instincts. Rely on your security team in your policies. And when in doubt,
refer to a supervisor or a security professional.
Don't be the person that allows, AH, $1,000,000 compromise to your companies, you know, credit card access or whatever that might be. He's very careful and very mindful and be aware that numerous threats exist today.
We're gonna get on the right course, and he's in. Users are gonna fall in line and help our organizations protect security.
Intro to Infosec

Cybrary's introduction to information security is intended for everyone interested in a career in cybersecurity. Learn the basics, then launch your new career by continuing with our CompTIA A+, Network+, or Security+ Courses.

Instructed By