2023/02/01

LEAN 365 – grab the cyber security tips of January

During January we shared a total of 31 cyber security tips in LinkedIn, Twitter and Instagram. Here is a compilation of the posts. Jump in together with Fitsec – and stay cyber safe!


1. Do not give any sensitive information over the phone

WHY?

Someone might be spying

2. If possible, use multi-factor authentication for all services

WHY?

To ensure that you and only you have access to your account


3. 
When you stop using your phone and sell it or give it away, make sure to do a factory reset and remove all attached cards (sim and memory cards).

WHY?

Otherwise, someone else might get access to your information


4. 
Do your employees have a direct channel to report security incidents or risks? Has the channel been announced to all employees?

WHY?

When using an easy and direct reporting channel, the ability to quickly react to security incidents improves substantially.

5. Always dispose of all physical (paper) data protection material properly - by burning, shredding or using a data security bin.

WHY?

To prevent sensitive material ending up in the wrong hands


6. Make sure your VPN is always on when you are working outside the company premises

WHY?

Public networks cannot always be considered safe

7. Before giving away (for destruction), overwrite your computer hard drives 3 times

WHY?

To ensure that no one can restore your information


8.
Only use your work email for work matters

WHY?

Using your work email for personal communications might endanger your organization's cybersecurity

9. If an email contains a link, do not click on it or copy it, but write the address in the address bar of the browser itself. (EVEN IF the sender seems trustworthy!)

WHY?

Otherwise, you cannot be sure where the link leads

10. Use passphrases, not passwords

WHY?

Because they are easier to remember, but harder to guess or crack

11. If you notice any concerns or shortcomings in the security practices of your organization, make sure to report it to your supervisor.

WHY?

Shared responsibility helps minimize risks

12. Use numbers and special characters in passphrases

WHY?

To make them harder to crack or guess

13. When receiving an email, check the sender’s email address

WHY?

Do not trust just the name, also check the email address and be certain of who you’re dealing with

14. Remember to take backups regularly

WHY?

This way you can make sure your information is saved, even if something happens to your device


15. Do not open attachments from unknown senders

WHY?

You cannot be sure, what the attachment contains and it could be malicious


16. Do not give your login information to anyone

WHY?

Because it is always possible that they end up in the wrong hands


17. Remember to always lock your computer when you leave your desk

WHY?

So that no one can access your information or do anything malicious while you are away

18. 3-2-1 -method: Always keep at least 3 copies of your data: 2 on different devices and 1 in a separate service.

WHY?

If one place with your data would be destroyed, you still have two copies intact

19. Keep your device and software updated to the newest version with the latest security updates

WHY?

Regular updates ensure you are prepared for the newest cybersecurity threats in the best possible way

20. The ideal length of passwords should be at least 14 characters – containing both upper and lower case letters + numbers and special characters.

WHY?

To make them harder to crack or guess

21. Dispose of electronic data protection material as carefully as physical material - the file itself should be overwritten 3 times. 

WHY? 

Because just deleting the file does not ensure that it cannot be restored


22. Use a safe way to share files, like a trustworthy cloud service with sufficient encryption

WHY?

For example emails with attachments might end up in the posession of third parties


23. Use your work computer only for tasks related to your work, not for your personal activities

WHY?

Your personal activities may result in infecting your work computer with malware, and possibly your organization overall

24. It is not a good idea to share your travel plans and current location on social media posts

WHY?

These types of posts let criminals know you are not at home and have been used to commit burglaries

25. Think twice about what you post on social media and who can view your post 

WHY?

You may end up sharing potentially sensitive information to unwanted third parties


26.
Make sure to continuously educate your employees about the latest cybersecurity threats

WHY?

Keeping your employees up to date with current threats helps to strengthen your defences


27. You should consider using automatic data backups. They are usually a built-in, optional feature on your device.

WHY?

Because it saves time and increases the reliability of your backups


28. Do not use the same password in many places

WHY?

If someone gains access to your login info, only one of your accounts is compromised


29. Do not download illegal copies of software or other media, no matter how harmless it seems

WHY?

They often contain malware and your device along with your information will be compromised


30. Notify your company's information security officer of any anomalies, for example, where you see information on the company's network that you shouldn't actually see.

WHY?

Cybersecurity is a collective effort and individual observations can help strengthen your security posture

31. Always change the default credentials after receiving a new device with pre-set credentials

WHY?

Because attackers can easily find/guess the default credentials and compromise your device