DO'S AND DON'TS
Do’s
Always use private/official email domains and NOT public domains like gmail, rediff, etc. for official purpose. Also use individual email Id instead of generic email id.
Ensure Digital Certificate is stored in “C” drive and in non exportable format.
Password should be strong and difficult for any one to guess . It should be a combination of uppercase, special characters (e.g. &, $, #), numbers & alphabets etc.
Hard / Soft token if any, should stay in the personal custody of the authorized users
Users should keep different password for Login & Transaction authorization and should not share it with anyone .
All passwords should be changed regularly
Keep System / PC / Laptop locked when away from your work station
Ensure system / PC / Laptop and ENet login page is not open when you are away from your desk
Be cautious while clicking on any email received from external sources
Verify the sender's address. Check the complete email id including the domain along with the signature.
Report suspicious email received to your IT immediately
Delete unwanted emails immediately
Enable SMS and email alerts for transactions
Always communicate the change of users immediately to HDFC Bank.
Ensure that the user ids of the resigned user is reported to the Bank immediately for deletion before last working day.
Ensure that anti-virus signatures are updated on all laptops/desktops
Dont’s
Never share Digital Certificate / Hard Token / Soft Token with any one, even within the organization.
Do not disclose Digital Certificate file / Hard Token / Soft Token/ Password / Pin / OTP to anyone apart from the person authorized to use it
Passwords should never be written on the hard Token itself or other easily accessible media like notepad files, sheets of paper, etc.
Never leave your Hard / Soft token application in an unprotected manner
Never keep similar passwords for ENet login & transaction authorization
Do not share your ENet registered email id and its password with anyone including colleagues
Do not open unknown email which contains random attractive links
Do not click on the links / attachments of strange/attractive emails from the unknown senders.
Never disclose or provide the sensitive information such as user name, passwords or banking details via an email or a phone call
No official or customer data should be shared to unwanted people outside your official network without following your internal security's laid down process.
Do’s
Always use private/official email domains and NOT public domains like gmail, rediff, etc. for official purpose. Also use individual email Id instead of generic email id.
Ensure Digital Certificate is stored in “C” drive and in non exportable format.
Password should be strong and difficult for any one to guess . It should be a combination of uppercase, special characters (e.g. &, $, #), numbers & alphabets etc.
Hard / Soft token if any, should stay in the personal custody of the authorized users
Users should keep different password for Login & Transaction authorization and should not share it with anyone .
All passwords should be changed regularly
Keep System / PC / Laptop locked when away from your work station
Ensure system / PC / Laptop and ENet login page is not open when you are away from your desk
Be cautious while clicking on any email received from external sources
Verify the sender's address. Check the complete email id including the domain along with the signature.
Report suspicious email received to your IT immediately
Delete unwanted emails immediately
Enable SMS and email alerts for transactions
Always communicate the change of users immediately to HDFC Bank.
Ensure that the user ids of the resigned user is reported to the Bank immediately for deletion before last working day.
Ensure that anti-virus signatures are updated on all laptops/desktops
Dont’s
Never share Digital Certificate / Hard Token / Soft Token with any one, even within the organization.
Do not disclose Digital Certificate file / Hard Token / Soft Token/ Password / Pin / OTP to anyone apart from the person authorized to use it
Passwords should never be written on the hard Token itself or other easily accessible media like notepad files, sheets of paper, etc.
Never leave your Hard / Soft token application in an unprotected manner
Never keep similar passwords for ENet login & transaction authorization
Do not share your ENet registered email id and its password with anyone including colleagues
Do not open unknown email which contains random attractive links
Do not click on the links / attachments of strange/attractive emails from the unknown senders.
Never disclose or provide the sensitive information such as user name, passwords or banking details via an email or a phone call
No official or customer data should be shared to unwanted people outside your official network without following your internal security's laid down process.
Comment