Information Security Tips when Working from Home (COVID 19)

These Information Security Tips when Working from Home are posted on behalf of Bhushan Deo, CISO for Thermax Limited

Connection & Access

  1. Avoid connecting to unsecured Wi-Fi / networks for internet.
  2. Use only company provided VPN / Citrix connection. Avoid use of any other utility for accessing applications / data.
  3. Check & ensure latest antivirus updates on our laptop regularly.
  4. Strictly avoid sharing our usernames and passwords to others.

 Data sharing & Collaboration

  1. Adopt all proper & sensible precautions when handling Company data.
  2. Save & share data from Company O365 One Drive.
  3. Use Company O365 Teams to conduct meetings, to share information, screens etc.
  4. Avoid use of social media like WhatsApp while discussing / sharing sensitive business information.
  5. Do not give PRINTs at default printer of office, where the print-out may remain unattended (in absence of secure print) & may be misused.
  6. Ensure adequate security provisions of your mobile phones to protect Company information being accessed.
  7. Ensure that Company confidential information is not shared with unauthorised users, vendors, family, friends or members of the public.

 Phishing Emails and Websites

  1. Strictly avoid opening e-mails, URLs & file attachments received from unsolicited or unreliable sources.
  2. Fake emails are sent by hackers about Corona virus. Do not open such mails / URLs / attachments. Forward suspicious mails to _____ ID
  3. Also avoid the use of various maps / graphics showing the spread of Corona. There are incidents of computer hacking through them.

 Physical protection

  1. Avoid eating or drinking in the vicinity of our laptops / computers.
  2. Avoid exposing the laptop / computer to sudden impacts or shocks, humidity, sunlight, water etc.
  3. Do not repair, configure or change of system settings of the laptop / computer. Report to IT.
  4. Lock laptop / computer screen when left unattended, to prevent alteration / deletion of data.
  5. Ensure the physical protection of our laptops / computers.

 Other important points

  1.  Do not install any software on any Company computer. Do not download / copy any type of unauthorised / pirated software.
  2. Do not access Internet sites containing foul / obscene / illegal / unethical / adult / violence / rumours related content from Company computers
  3. Do not use external, web-based e-mail services (e.g. gmail.com, yahoo.com, hotmail.com) for Company business communication.
  4. Ensure to have written approval from Business authorities, prior to transferring the business information to anyone.
  5. Do not copy Business data on removable media like USB storage.
  6. Do not access others’ emails directly by using their passwords.
  7. IT continuously monitors the technical & security usage of the IT Resources, to prevent & correct any performance issues & any misuse.
  8. If you come across any misuse of Company information / asset, then bring to the notice of our business authorities, Functional Risk Officer (FRO), IT & HR; or mail to _____ email ID.
  9. Use our IT resources in a legal, ethical & responsible manner. Do not use them for unauthorised commercial activities or unauthorised personal gain.
  10. Report the Security incidents through IT tool / sending mail to _____ email ID.

P.s: Some details are gathered from our ISMS ISO 27001 policies

Views: 117

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

Comment by Bhushan Deo on April 17, 2020 at 8:18pm

Hi, Sorry to reply late. I was not connected to the portal for a long time.

In my opinion, Team Viewer is safe if a proper licensed version is used. Free versions of any such tool will prone to security, privacy and compliance risks.

Stay safe!

Comment by Harish Singh Bisht on April 10, 2020 at 12:37pm

How safe is Team Viewer for remote access for Business activities.

Please advise.

FireCompass

Forum

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */