Only open emails of known origin - check the email address and not the name;
If opening, do not click on any links or attachments and report to the Cybersecurity Team;
Confirm the veracity of known emails;
Do not send sensitive information - if you have to send it, encrypt the content;
Mark spam so that the system makes a previous selection;
Always log out when you finish using your email.
WHEN USING A MOBILE PHONE AND/OR LAPTOP
Do not use private devices for professional purposes;
Activate auto-lock and do not leave devices unlocked;
Use passwords or PIN with a limit of login attempts;
Cover and disable the laptop microphone - active only when necessary;
Use privacy filters on the laptop screen;
Protect laptop USB ports;
Never use flash drives or other unknown USB devices; Avoid prying eyes.
WHEN USING A PASSWORD
You should keep it secret
Use the rule of complexity: more than 10 characters, with uppercase, lowercase, numeric, and special characters - do not use predictable terms (e.g. name of your hometown);
It should be changed regularly (e.g. every 2 months);
It should be used on one platform only (e.g. one, in e-mail; another, on a social network; etc.) - use a key manager;
It should never be stored on post-its, lists, or browsers;
If possible, you should use two-factor authentication (second verification after password).
WHEN YOU CONNECT TO AND SURF THE INTERNET
Do not use public Wi-Fi networks - if you do, use a VPN (virtual private network);
Do not use unauthorised cloud storage services;
Always keep your Bluetooth switched off;
Consider that addresses with "HTTPS" are more secure (e.g. install the HTTPS Everywhere extension, making browsing in Firefox and Chrome more secure);
Do not download suspicious Apps and refuse when they ask for unnecessary access permissions.
WHEN EXCHANGING MESSAGES
Consider that some text messages can be captured and others can infect your phone with malware - take the same care as you do with e-mail;
Consider that WhatsApp messages can be shared and sometimes deciphered by others - do not share confidential information.