Executive Administrative Do and Don't List:
- Create and follow security policy based operations.
- Record and file organize.
- Secure area parameters.
- Assume security is someone else’s job.
- Think that you know everything there is to know about security. Technology changes quickly and new threats surface almost every day.
- Make sure that you know who you are speaking with and suggest legitimate ways outside callers can obtain the information they seek.
- Offer to return calls from unknown or suspicious callers after first checking to ensure the caller is legitimate. By offering to return the call, you can buy yourself time to check out the caller’s authenticity.
- Give unknown or unauthorized callers any information.
- Be intimidated by a caller who is a “name dropper” or claims to be a VIP.
- Be aware of your surroundings and take precautions to protect confidential information.
- Use a Virtual Private Network (VPN) when working with confidential information.
- Use secure e-mail for confidential information.
- Ensure that all computers you use to access the Internet or your company’s network have anti-virus software running.
- Install security-related software patches as soon as they are available.
- Whenever possible, encrypt sensitive or secret information that is stored on your hard drive.
- Use cable locks to secure portable devices.
- Keep your laptop and mobile device with you at all times.
- Use a password-protected screen saver and logout of your company’s network at the end of the day.
- Display confidential information on your computer screen in public areas.
- Send confidential information in an ordinary e-mail.
- Open e-mail attachments you weren’t expecting, even if they’re from someone you know.
- Set up your own wireless LAN or have a modem that can accept an incoming call while your computer is connected to the Internet or your company’s network.
- Put sensitive or secret information on a laptop and mobile device in plain text.
- Leave portable devices unsecured when you’re not there.
- Leave a laptop and mobile device unattended in a public place.
- Leave your computer logged into your company’s network and the display on when you’re gone.
- Use strong passwords on your accounts. Check the password guidelines.
- Use different passwords for each account
- Change your password regularly.
- Memorize your password.
- Keep your password secret.
- Use your name, your family’s names, your pet’s name, or a word in a dictionary as your password.
- Change your password in predictable ways.
- Write it down.
- Tell anyone your password, for any reason.