Announcement

Collapse
No announcement yet.

Cyber Security Guidelines : Do's & Dont's

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cyber Security Guidelines : Do's & Dont's

    DO'S AND DON'TS


    Do’s

    Always use private/official email domains and NOT public domains like gmail, rediff, etc. for official purpose. Also use individual email Id instead of generic email id.
    Ensure Digital Certificate is stored in “C” drive and in non exportable format.
    Password should be strong and difficult for any one to guess . It should be a combination of uppercase, special characters (e.g. &, $, #), numbers & alphabets etc.
    Hard / Soft token if any, should stay in the personal custody of the authorized users
    Users should keep different password for Login & Transaction authorization and should not share it with anyone .
    All passwords should be changed regularly
    Keep System / PC / Laptop locked when away from your work station
    Ensure system / PC / Laptop and ENet login page is not open when you are away from your desk
    Be cautious while clicking on any email received from external sources
    Verify the sender's address. Check the complete email id including the domain along with the signature.
    Report suspicious email received to your IT immediately
    Delete unwanted emails immediately
    Enable SMS and email alerts for transactions
    Always communicate the change of users immediately to HDFC Bank.
    Ensure that the user ids of the resigned user is reported to the Bank immediately for deletion before last working day.
    Ensure that anti-virus signatures are updated on all laptops/desktops

    Dont’s

    Never share Digital Certificate / Hard Token / Soft Token with any one, even within the organization.
    Do not disclose Digital Certificate file / Hard Token / Soft Token/ Password / Pin / OTP to anyone apart from the person authorized to use it
    Passwords should never be written on the hard Token itself or other easily accessible media like notepad files, sheets of paper, etc.
    Never leave your Hard / Soft token application in an unprotected manner
    Never keep similar passwords for ENet login & transaction authorization
    Do not share your ENet registered email id and its password with anyone including colleagues
    Do not open unknown email which contains random attractive links
    Do not click on the links / attachments of strange/attractive emails from the unknown senders.
    Never disclose or provide the sensitive information such as user name, passwords or banking details via an email or a phone call
    No official or customer data should be shared to unwanted people outside your official network without following your internal security's laid down process.
    Founder & Creative Mind of Megrisoft
    www.indiabook.com
    Business
    Please Do Not Spam Our Forum

  • #2
    10 Simple Dos and Don’ts for Better Cybersecurity Smarts


    1) DO make sure that when you connect to a wireless connection, you are connecting to the proper network, otherwise known as SSID.

    DON’T assume that because the name may sound similar that it comes from a trusted source.

    2) DO use passwords that include a mix of upper and lower-case letters, including special characters.

    DON’T use names/numbers of your dog, family members, street address and birthday.

    3) DO take advantage of dual or multifactor authentication. Many Web sites now offer securities beyond just a username and password, such as a token, smartcard, PIN, or even user-selected security images that you will recognize upon login.

    DON’T use username and password only when other options are available.

    4) DO maintain a list of passwords in a safe place, and change them at least quarterly.

    DON’T keep the same passwords without changing them.

    5) DO keep your corporate passwords separate from your personal passwords.

    DON’T keep reusing your personal password for your company password, or vice versa.

    6) DO make sure that your computer has the latest patches and virus signatures loaded.

    DON’T assume that the virus detection software works perpetually with computers.

    7) DO use cloud data systems to upload and share nonconfidential data.

    DON’T trust friends, family and associates with using your personal computer when you are not present.

    8) DO back up data onto removable media and store in a safe place.

    DON’T assume someone else has the responsibility to maintain and protect your data.

    9) DO check E-mails carefully to ensure that the source header is from a valid address.

    DON’T fall prey to clicking a link to malicious Web sites that load malware into your computer.

    10) DO establish a relationship with a reputable cybersecurity firm. Ask questions in advance about policy and procedures to keep your company safe on the Internet.

    DON’T wait until you are confronted with an incident to seek advice.

    Comment

    Working...
    X