HOW DO I PROMOTE CYBERSECURITY IN MY ORGANISATION? CHECKLIST
WHEN USING EMAIL
I only open emails that I know - I check the e-mail address and not the name;
If I open a suspicious email, I do not click on a link or attachment, and report it to the IT Security Team;
I do not send Classified Information of National Brand and Grade equal or higher than Restricted by email.
WHEN USING A MOBILE PHONE, LAPTOP OR USB MEMORY STICKS
For professional purposes, I only use authorised devices;
I activate auto-lock and do not leave devices unlocked;
I use a password or PIN with a limit of login attempts;
I cover or disable the laptop camera - active only when necessary;
I use privacy filters on the laptop screen.
WHEN I USE A PASSWORD
I keep it secret - and don't save it to lists or browsers;
I use passwords longer than 12 characters (e.g. a phrase) and don't use predictable terms (e.g. hometown name);
I change it if I suspect or find out that it has been compromised;
I use it on a single platform (e.g.: one for email; another for a social network; etc.).
WHEN I TRAVEL
Before travelling: I update my apps and software; clear call history, browser history and cookies; I do not post travel plans on social media;
During the trip: I keep an eye on my devices; if I have to part with them, I remove the SIM card and, if possible, the battery; I do not charge devices from public terminals or unsupervised devices;
After the trip: I change the passwords used during the trip; I clear the call history, browser history, and cookies again.
WHEN I CONNECT TO AND SURF THE INTERNET
I use the organisation's VPN when using public Wi-Fi networks;
I only use authorised cloud storage services;
I always keep bluetooth turned off.
WHEN EXCHANGING MESSAGES
I take the same care when using SMS as I do when using email;
I do not send sensitive or Classified information by WhatsApp or similar services.