Skip to main content

Every employee and business unit shares responsibility for the cybersecurity of their company.

As an employee, YOU play a key role in protecting sensitive information and resources. Following these DOs and DON’Ts is the best way you can help defend your workplace from hackers.

DOs

  • DO use hard-to-guess passwords or passphrases.
    A password should have at least 10 characters using uppercase letters, lowercase letters, numbers, and special characters. Create an acronym that is meaningful to you, such as “My son’s birthday is 12 December 2004.” Using that phrase as your guide, you might use Msbi12/Dec,4 for your password.

  • DO use different passwords for different accounts.
    If one password gets hacked, your other accounts stay safe.

  • DO keep your passwords or passphrases confidential.
    Never share them with others or write them down. You are responsible for all activities associated with your credentials.

  • DO use privacy settings on social media sites to restrict access to your personal information.

  • DO pay attention to phishing traps in email.
    Watch for telltale signs of a scam and pay extra attention to the email address. Also, beware of spoofing emails that forge the Email Address field.

  • DO destroy information properly when it is no longer needed.
    Place paper in designated confidential destruction bins or use a crosscut shredder. For all electronic storage media, consult with IT.

  • DO be aware of your surroundings…
    Especially when printing, copying, faxing, or discussing sensitive information. Be sure to pick up pages from printers, copiers, or faxes right away.

  • DO lock your computer and mobile phone when not in use.
    This protects your company and personal data from unauthorized access.

  • DO report all suspicious activity and cyber incidents to your manager.
    If you see someone you don’t recognize wandering around your office, find out if they should be there. Also, ensure all areas containing sensitive information are physically secured and only accessible to authorized individuals.

DON’Ts

  • DON’T share your passwords.
    Never give your passwords to others or write them down. You are responsible for the activity associated with your credentials.

  • DON’T leave sensitive information lying around the office.
    Do not leave printouts or portable media containing private information on your desk for anyone to see. Instead, lock them in a drawer.

  • DON’T post any private or sensitive information.
    Do not post credit card numbers, passwords, or other classified information on social media or public sites. Don’t send these through email unless your manager directs you to do so.

  • DON’T ever change banking information or approve or send money via an email or phone call request.
    If you receive a request, verify it by calling the person you routinely work with at the number where you usually reach them.

  • DON’T open mail or attachments from an untrusted source.
    If you receive a suspicious email, delete it and report it to your manager.

  • DON’T click on links from an unknown or untrusted source.
    Cyber attackers use links to trick you into visiting malicious sites and downloading malware.

  • DON’T be tricked into giving away confidential information.
    It’s easy for anyone to impersonate an employee or business partner. Never respond to phone calls or emails asking for confidential data.

  • DON’T install unauthorized programs on your work computer.
    Malicious applications often pose as legitimate software. Contact IT support to check if an application can be installed.

  • DON’T plug in portable devices without permission from your agency management.
    These devices may be compromised with malicious code that activates once plugged into a computer.

  • DON’T leave devices unattended.
    Keep mobile devices, such as laptops and cell phones, physically secured. Report any lost or stolen devices to your manager immediately.

  • DON’T leave wireless or Bluetooth turned on when not in use.
    Only enable these features when necessary and in a secure environment.

For Cybersecurity Protection, talk to i-Tech Support.

i-Tech, your Managed IT Services partner, is dedicated to:

  • Protecting your privacy
  • Safeguarding your organization’s information assets and infrastructure
  • Identifying and mitigating vulnerabilities
  • Detecting, responding to, and recovering from cyber incidents
  • Promoting cyber awareness and education

We stand ready to help and support you in your cybersecurity risk management efforts.

To assess your organization’s technology security with a penetration test or for more information about our managed security services, please contact us.

Remember – Cybersecurity is everyone’s responsibility!