Boost your security awareness!

Security is often defined as consciously taking acceptable risks. But what is acceptable to your organisation? Everyone has a different view of acceptable risk. No one would disagree, however, that you need to look after your passwords. Otherwise, you run the risk of your data and/or your money being stolen. To make you and your staff more aware of on-line security issues, we've produced a set of practical tips.

  • Password security

    • Use complex passwords with at least ten characters, or use passphrases: sentences with added numbers and special characters.

    • Don't re-use passwords.

    • Use two-factor authentication if possible.

  • E-mail security

    • Train your staff to recognise phishing mail, so that they don't use unsafe links or open dodgy attachments.

    • ¬†Always look to see whether a message's sender matches the contents.

    • Avoid clicking on links wherever possible. If you want to visit the linked page, don't click, but copy and paste the link into your browser and check it before going ahead.

  • Safe browsing

    • Enable safe browsing mode. Then you'll get an automatic warning if a website you visit is insecure.

    • Even when safe browsing is enabled, ask yourself whether any website you visit might be unsafe.

    • Use an ad blocker.

  • Secure workplace set-up

    • Use antivirus software.

    • Use a firewall.

    • Always keep your operating system (OS) and applications updated to the latest version.

  • Workplace security

    • Always lock your screen if you leave your computer unattended.

    • If working in a public place, use a screen filter on your laptop to stop people snooping.

  • Data security

    • Wherever possible, keep your data on your own secure server.

    • If you do save data in the cloud, encrypt it.

  • Download securely, or don't download at all

    • Use programs that send data securely. Protect things that you send with passwords.

    • Place restrictions on application downloading in your network environment, so that unsafe applications are kept out.

  • Removable media security

    • Keep use of USB sticks to the minimum. They can transfer viruses to your computer and, if you lose one, other people can access your data. If you must use a USB stick, encrypt it. Then, if a stick does get lost, your data will still be safe.

  • Wi-fi en bluetooth awareness

    • When working away from your office, take care with open or guest wi-fi networks. It's usually better to use a 4G connection. If you have to use an open wi-fi network, use a VPN connection. Crooks can also use Bluetooth to send things to your phone without you being aware of it. So don't use Bluetooth in busy and/or public places.

  • Shadow IT

    • Only use company-approved apps. You may find a particular app really useful, but that doesn't mean that its security is good. Stick to the standards that the company provides.

  • Social media security

    • Don't share customer data via social media.

    • Don't accept unsafe attachments via social media.¬†

  • Social engineering alertness

    • Make your staff aware of environmental factors that could lead to sensitive information leaking out. For example, they should beware of outsiders looking at their laptop screens while they are working away from the office. And suspicious calls or e-mails about things such as unpaid invoices should be treated with caution..

  • Trust is good, control is better:

    • A healthy dose of mistrust is always a good idea when working with computers.

Bert+ten+Brinke

Bert ten Brinke

Security officer

+31 26 352 55 00

csirt@sidn.nl

  • Monday 25 March 2019

    About SIDN

    Register for IDnext 2019

    Thumb-logo-IDnext

    The number-one digital identities event

    Read more
  • Monday 23 July 2018

    Internet security

    Your bank's got a new log-in system? Watch out for scams!

    Thumb-Rabobank

    Cybercrooks take advantage of the wave of new tools and services

    Read more
  • Monday 14 January 2019

    About SIDN

    Hundredth municipal authority reachable using IPv6

    Thumb-tally-paper

    Still a long way to go

    Read more

Sorry

Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.